./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2145902394 <...> UTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13785] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 244.977046][T13788] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 244.982933][T13799] loop2: detected capacity change from 0 to 2048 [ 244.988737][T13792] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13797] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 13803 attached ) = 1048576 [pid 13802] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13802] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13802] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 13802] ioctl(4, LOOP_SET_FD, 3 [pid 13803] set_robust_list(0x7f1c2a1159e0, 24 [pid 13797] munmap(0x7f1c2a016000, 1048576 [pid 13792] <... mount resumed>) = 0 [pid 13788] <... mount resumed>) = 0 [pid 13803] <... set_robust_list resumed>) = 0 [pid 13797] <... munmap resumed>) = 0 [pid 13792] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13803] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13797] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13792] <... openat resumed>) = 3 [pid 13802] <... ioctl resumed>) = 0 [pid 13797] <... openat resumed>) = 4 [pid 13792] chdir("./bus" [pid 13788] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13786] <... write resumed>) = 1048576 [ 245.025024][T13788] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/484/bus supports timestamps until 2038 (0x7fffffff) [ 245.025495][T13792] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/491/bus supports timestamps until 2038 (0x7fffffff) [ 245.048866][T13802] loop5: detected capacity change from 0 to 2048 [ 245.052386][T13803] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13802] close(3 [pid 13797] ioctl(4, LOOP_SET_FD, 3 [pid 13792] <... chdir resumed>) = 0 [pid 13788] <... openat resumed>) = 3 [pid 13786] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13785] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13792] ioctl(4, LOOP_CLR_FD [pid 13788] chdir("./bus" [pid 13786] <... futex resumed>) = 0 [pid 13785] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] <... ioctl resumed>) = 0 [pid 13788] <... chdir resumed>) = 0 [pid 13786] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13785] <... futex resumed>) = 0 [pid 13792] close(4 [pid 13788] ioctl(4, LOOP_CLR_FD [pid 13785] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] <... close resumed>) = 0 [pid 13788] <... ioctl resumed>) = 0 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] close(4 [pid 13802] <... close resumed>) = 0 [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... close resumed>) = 0 [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13791] <... futex resumed>) = 0 [pid 13788] <... futex resumed>) = 1 [pid 13787] <... futex resumed>) = 0 [pid 13792] chdir("./file0" [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] <... chdir resumed>) = 0 [pid 13788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13787] <... futex resumed>) = 0 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] chdir("./file0" [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... chdir resumed>) = 0 [pid 13797] <... ioctl resumed>) = 0 [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13802] mkdir("./bus", 0777 [pid 13792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13791] <... futex resumed>) = 0 [pid 13788] <... futex resumed>) = 1 [pid 13787] <... futex resumed>) = 0 [pid 13792] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13802] <... mkdir resumed>) = 0 [pid 13792] <... open resumed>) = 4 [pid 13788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13787] <... futex resumed>) = 0 [pid 13802] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... open resumed>) = 4 [pid 13799] <... mount resumed>) = 0 [pid 13797] close(3 [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13797] <... close resumed>) = 0 [pid 13799] <... openat resumed>) = 3 [pid 13797] mkdir("./bus", 0777 [pid 13799] chdir("./bus" [pid 13797] <... mkdir resumed>) = 0 [pid 13799] <... chdir resumed>) = 0 [pid 13797] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13799] ioctl(4, LOOP_CLR_FD) = 0 [pid 13799] close(4) = 0 [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] <... futex resumed>) = 0 [pid 13792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13791] <... futex resumed>) = 0 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13803] <... openat resumed>) = 7 [pid 13786] <... openat resumed>) = 8 [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13786] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13796] <... futex resumed>) = 1 [pid 13799] <... futex resumed>) = 0 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13786] <... futex resumed>) = 1 [pid 13785] <... futex resumed>) = 0 [pid 13799] chdir("./file0" [pid 13792] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13788] <... futex resumed>) = 1 [pid 13787] <... futex resumed>) = 0 [pid 13786] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13803] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] <... chdir resumed>) = 0 [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13803] <... futex resumed>) = 0 [pid 13803] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] <... openat resumed>) = 5 [pid 13788] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13787] <... futex resumed>) = 0 [pid 13799] <... futex resumed>) = 1 [pid 13796] <... futex resumed>) = 0 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] <... openat resumed>) = 5 [pid 13799] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 13796] <... futex resumed>) = 0 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] <... open resumed>) = 4 [pid 13792] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13791] <... futex resumed>) = 0 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13785] exit_group(0 [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13803] <... futex resumed>) = ? [pid 13799] <... futex resumed>) = 1 [pid 13796] <... futex resumed>) = 0 [pid 13792] <... write resumed>) = 196608 [pid 13788] <... futex resumed>) = 1 [pid 13787] <... futex resumed>) = 0 [pid 13786] <... futex resumed>) = ? [pid 13785] <... exit_group resumed>) = ? [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13786] +++ exited with 0 +++ [pid 13799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13796] <... futex resumed>) = 0 [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13787] <... futex resumed>) = 0 [pid 13803] +++ exited with 0 +++ [pid 13799] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13785] +++ exited with 0 +++ [pid 13799] <... openat resumed>) = 5 [pid 13792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13791] <... futex resumed>) = 0 [pid 13788] <... write resumed>) = 196608 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13785, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] <... futex resumed>) = 1 [pid 13796] <... futex resumed>) = 0 [pid 13792] <... mount resumed>) = 0 [pid 13788] <... futex resumed>) = 1 [pid 13787] <... futex resumed>) = 0 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13796] <... futex resumed>) = 0 [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13787] <... futex resumed>) = 0 [pid 13799] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13799] <... write resumed>) = 196608 [pid 13791] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, [pid 13792] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13792] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 245.069419][T13803] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 245.070091][T13799] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.078106][T13797] loop1: detected capacity change from 0 to 2048 [ 245.094949][T13799] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/485/bus supports timestamps until 2038 (0x7fffffff) [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13788] <... mount resumed>) = 0 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./493/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./493/binderfs") = 0 [pid 410] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13791] <... futex resumed>) = 0 [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] <... futex resumed>) = 0 [pid 13792] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13787] <... futex resumed>) = 0 [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13788] <... futex resumed>) = 0 [pid 13788] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13787] <... futex resumed>) = 0 [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13788] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13796] <... futex resumed>) = 0 [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13799] <... futex resumed>) = 0 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13799] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] <... futex resumed>) = 0 [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] <... futex resumed>) = 0 [pid 13796] <... futex resumed>) = 1 [pid 13799] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13799] <... open resumed>) = 6 [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] <... futex resumed>) = 0 [pid 13799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13796] <... futex resumed>) = 0 [pid 13799] <... write resumed>) = 1048576 [ 245.132761][T13797] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.147816][T13802] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.155422][T13797] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/491/bus supports timestamps until 2038 (0x7fffffff) [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13796] <... futex resumed>) = 0 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13796] <... futex resumed>) = 0 [pid 13799] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13797] <... mount resumed>) = 0 [pid 13797] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13797] chdir("./bus") = 0 [pid 13797] ioctl(4, LOOP_CLR_FD) = 0 [pid 13797] close(4) = 0 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13795] <... futex resumed>) = 0 [pid 13792] <... write resumed>) = 1048576 [pid 13791] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13788] <... write resumed>) = 1048576 [pid 13787] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13787] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13787] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13787] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13787] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13810], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13810 [pid 13787] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13787] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... mount resumed>) = 0 [pid 13802] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13802] chdir("./bus") = 0 [pid 13802] ioctl(4, LOOP_CLR_FD) = 0 [pid 13802] close(4) = 0 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 1 [pid 13802] chdir("./file0") = 0 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 1 [pid 13802] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13797] <... futex resumed>) = 0 [pid 13795] <... futex resumed>) = 1 [pid 13792] <... futex resumed>) = 0 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... futex resumed>) = 0 ./strace-static-x86_64: Process 13810 attached [pid 13797] chdir("./file0" [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13792] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13797] <... chdir resumed>) = 0 [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13810] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 245.173645][T13799] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.178871][T13802] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/489/bus supports timestamps until 2038 (0x7fffffff) [ 245.191887][T13799] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 245.209241][T13792] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13810] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13802] <... open resumed>) = 4 [pid 13799] <... openat resumed>) = 7 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13794] <... futex resumed>) = 0 [pid 13802] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13802] <... openat resumed>) = 5 [pid 13794] <... futex resumed>) = 0 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 0 [pid 13794] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13802] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13802] <... write resumed>) = 196608 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 1 [pid 13802] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 1 [pid 13802] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 1 [pid 13802] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13797] <... futex resumed>) = 0 [pid 13796] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13795] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... umount2 resumed>) = 0 [pid 13792] <... openat resumed>) = 7 [pid 13799] <... futex resumed>) = 0 [pid 13797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13799] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13797] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13796] <... futex resumed>) = 0 [pid 13795] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13799] <... openat resumed>) = 8 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13799] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13797] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] lstat("./493/bus", [pid 13799] <... futex resumed>) = 0 [pid 13799] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13797] <... open resumed>) = 4 [pid 13796] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13787] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13796] exit_group(0 [pid 13787] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 410] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13799] <... futex resumed>) = ? [pid 13797] <... futex resumed>) = 1 [pid 13796] <... exit_group resumed>) = ? [pid 13795] <... futex resumed>) = 0 [pid 13787] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13799] +++ exited with 0 +++ [pid 13797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13796] +++ exited with 0 +++ [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] <... futex resumed>) = 1 [pid 13791] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./493/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13797] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13795] <... futex resumed>) = 0 [pid 13791] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 4 [pid 13797] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13791] <... futex resumed>) = 0 [pid 410] fstat(4, [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13796, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 13797] <... openat resumed>) = 5 [pid 13791] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(4, [pid 409] <... restart_syscall resumed>) = 0 [pid 13797] <... futex resumed>) = 1 [pid 13795] <... futex resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13787] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(4, [pid 13810] <... openat resumed>) = 7 [pid 13797] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13795] <... futex resumed>) = 0 [pid 13792] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13788] <... futex resumed>) = 0 [pid 13787] <... futex resumed>) = 1 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] umount2("./485", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13810] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13797] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13792] <... openat resumed>) = 8 [pid 13788] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13787] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] close(4 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13810] <... futex resumed>) = 0 [pid 13792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13810] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13792] <... futex resumed>) = 1 [pid 13792] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13802] <... write resumed>) = 1048576 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13797] <... write resumed>) = 196608 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13791] <... futex resumed>) = 0 [pid 13788] <... openat resumed>) = 8 [pid 13802] <... futex resumed>) = 1 [pid 410] <... close resumed>) = 0 [pid 409] openat(AT_FDCWD, "./485", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13795] <... futex resumed>) = 0 [pid 13791] exit_group(0 [pid 13788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] rmdir("./493/bus" [pid 13802] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13797] <... futex resumed>) = 1 [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13792] <... futex resumed>) = ? [pid 13791] <... exit_group resumed>) = ? [pid 13788] <... futex resumed>) = 1 [pid 13787] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 410] <... rmdir resumed>) = 0 [pid 13797] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13795] <... futex resumed>) = 0 [pid 13792] +++ exited with 0 +++ [pid 13788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13787] exit_group(0 [pid 13810] <... futex resumed>) = ? [pid 13787] <... exit_group resumed>) = ? [pid 13810] +++ exited with 0 +++ [pid 13797] <... mount resumed>) = 0 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13791] +++ exited with 0 +++ [pid 13788] <... futex resumed>) = ? [pid 410] getdents64(3, [pid 409] fstat(3, [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13795] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13797] <... futex resumed>) = 0 [pid 13795] <... futex resumed>) = 1 [pid 13797] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13797] <... open resumed>) = 6 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13795] <... futex resumed>) = 0 [pid 13797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13797] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13795] <... futex resumed>) = 0 [pid 13797] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 245.209392][T13810] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.224172][T13792] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 245.253974][T13810] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13788] +++ exited with 0 +++ [pid 13787] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13791, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13787, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./484", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./484", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./484/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./484/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./484/binderfs") = 0 [pid 407] umount2("./484/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] close(3 [pid 409] getdents64(3, [pid 411] umount2("./491", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... close resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] rmdir("./493" [pid 409] umount2("./485/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./491/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./491/binderfs") = 0 [pid 411] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... rmdir resumed>) = 0 [pid 409] lstat("./485/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] mkdir("./494", 0777 [pid 409] unlink("./485/binderfs") = 0 [pid 409] umount2("./485/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 13797] <... write resumed>) = 1048576 [pid 410] <... close resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13811 [pid 13802] <... openat resumed>) = 7 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13794] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13802] <... futex resumed>) = 1 [pid 13802] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13802] <... openat resumed>) = 8 [pid 13802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13794] <... futex resumed>) = 0 [pid 13794] exit_group(0) = ? [pid 13802] <... futex resumed>) = ? [pid 13797] <... futex resumed>) = 1 [pid 13795] <... futex resumed>) = 0 [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13811 attached [pid 13802] +++ exited with 0 +++ [pid 13797] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13794] +++ exited with 0 +++ [pid 13811] set_robust_list(0x555555f755e0, 24) = 0 [pid 13811] chdir("./494") = 0 [pid 13811] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13811] setpgid(0, 0) = 0 [pid 13811] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13811] write(3, "1000", 4) = 4 [pid 13811] close(3) = 0 [pid 13811] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13811] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13811] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13811] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13812], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13812 [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13812 attached [pid 13812] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13812] memfd_create("syzkaller", 0) = 3 [pid 13812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13812] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13794, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 412] umount2("./489", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13812] <... write resumed>) = 1048576 [pid 13812] munmap(0x7f1c2a016000, 1048576) = 0 [pid 412] openat(AT_FDCWD, "./489", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13812] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 245.270785][T13802] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.285571][T13802] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 245.312312][T13797] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13812] ioctl(4, LOOP_SET_FD, 3 [pid 13797] <... openat resumed>) = 7 [pid 412] umount2("./489/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./489/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./489/binderfs") = 0 [pid 412] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13795] <... futex resumed>) = 0 [pid 13795] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13795] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13797] <... futex resumed>) = 1 [pid 13797] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13795] <... futex resumed>) = 0 [pid 13795] exit_group(0) = ? [pid 13797] <... futex resumed>) = ? [pid 13812] <... ioctl resumed>) = 0 [pid 13797] +++ exited with 0 +++ [pid 13795] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13795, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 13812] close(3 [pid 408] umount2("./491", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13812] <... close resumed>) = 0 [pid 408] openat(AT_FDCWD, "./491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 13812] mkdir("./bus", 0777 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13812] <... mkdir resumed>) = 0 [pid 13812] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./491/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./491/binderfs") = 0 [pid 409] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 409] umount2("./485/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./484/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./484/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./484/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./484/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./484/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./484" [pid 411] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./485/bus", [pid 407] <... rmdir resumed>) = 0 [pid 411] lstat("./491/bus", [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] mkdir("./485", 0777 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./485/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... mkdir resumed>) = 0 [pid 411] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./485/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "./491/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... openat resumed>) = 4 [pid 411] <... openat resumed>) = 4 [pid 409] fstat(4, [pid 411] fstat(4, [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 411] getdents64(4, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, [pid 411] getdents64(4, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 409] close(4 [pid 411] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 411] rmdir("./491/bus" [pid 409] rmdir("./485/bus" [pid 411] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] getdents64(3, [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 411] close(3 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] <... openat resumed>) = 3 [pid 411] <... close resumed>) = 0 [pid 409] close(3 [pid 407] ioctl(3, LOOP_CLR_FD [pid 411] rmdir("./491" [pid 409] <... close resumed>) = 0 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./492", 0777 [pid 409] rmdir("./485" [pid 407] close(3 [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 409] <... rmdir resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 409] mkdir("./486", 0777 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 409] <... mkdir resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 13815 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... openat resumed>) = 3 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 13816 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13817 ./strace-static-x86_64: Process 13815 attached ./strace-static-x86_64: Process 13817 attached [pid 13815] set_robust_list(0x555555f755e0, 24) = 0 [pid 13815] chdir("./485" [pid 13817] set_robust_list(0x555555f755e0, 24 [pid 13815] <... chdir resumed>) = 0 [pid 13817] <... set_robust_list resumed>) = 0 [pid 13817] chdir("./486" [pid 13815] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13815] setpgid(0, 0 [pid 13817] <... chdir resumed>) = 0 [pid 13815] <... setpgid resumed>) = 0 [pid 13817] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13817] setpgid(0, 0 [pid 13815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13817] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 13816 attached [pid 13816] set_robust_list(0x555555f755e0, 24 [ 245.329565][T13797] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 245.330569][T13812] loop3: detected capacity change from 0 to 2048 [ 245.369929][T13812] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13817] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13815] <... openat resumed>) = 3 [pid 13817] <... openat resumed>) = 3 [pid 13815] write(3, "1000", 4) = 4 [pid 13817] write(3, "1000", 4 [pid 13815] close(3 [pid 13817] <... write resumed>) = 4 [pid 13815] <... close resumed>) = 0 [pid 13817] close(3 [pid 13815] symlink("/dev/binderfs", "./binderfs" [pid 13817] <... close resumed>) = 0 [pid 13817] symlink("/dev/binderfs", "./binderfs") = 0 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./489/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./489/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 13816] <... set_robust_list resumed>) = 0 [pid 13815] <... symlink resumed>) = 0 [pid 412] rmdir("./489/bus" [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] chdir("./492" [pid 13812] <... mount resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 13817] <... futex resumed>) = 0 [pid 13816] <... chdir resumed>) = 0 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13812] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13817] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13816] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13817] <... mmap resumed>) = 0x7f1c32416000 [pid 13816] <... prctl resumed>) = 0 [pid 13812] <... openat resumed>) = 3 [pid 13817] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13816] setpgid(0, 0 [pid 13817] <... mprotect resumed>) = 0 [pid 13816] <... setpgid resumed>) = 0 [pid 13812] chdir("./bus" [pid 13817] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13812] <... chdir resumed>) = 0 [pid 13817] <... clone resumed>, parent_tid=[13818], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13818 [pid 13816] write(3, "1000", 4 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] <... write resumed>) = 4 [pid 13812] ioctl(4, LOOP_CLR_FD [pid 13817] <... futex resumed>) = 0 [pid 13816] close(3 [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13816] <... close resumed>) = 0 [pid 13812] <... ioctl resumed>) = 0 [pid 13816] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13815] <... futex resumed>) = 0 [pid 13812] close(4 [pid 412] getdents64(3, [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13812] <... close resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13816] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] close(3 [pid 13816] <... mmap resumed>) = 0x7f1c32416000 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13812] <... futex resumed>) = 1 [pid 13811] <... futex resumed>) = 0 [pid 13816] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13815] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] <... close resumed>) = 0 [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = 0 [pid 13812] chdir("./file0" [pid 13811] <... futex resumed>) = 0 [pid 13815] <... mmap resumed>) = 0x7f1c32416000 [pid 412] rmdir("./489" [pid 408] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13816] <... clone resumed>, parent_tid=[13819], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13819 [pid 13815] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13812] <... chdir resumed>) = 0 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... mprotect resumed>) = 0 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13811] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... rmdir resumed>) = 0 [pid 408] lstat("./491/bus", [pid 13816] <... futex resumed>) = 0 [pid 13812] <... futex resumed>) = 0 [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] mkdir("./490", 0777 [pid 13815] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13812] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13811] <... futex resumed>) = 0 [pid 408] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13812] <... open resumed>) = 4 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... mkdir resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "./491/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13812] <... futex resumed>) = 0 [pid 13811] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13815] <... clone resumed>, parent_tid=[13820], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13820 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 408] <... openat resumed>) = 4 [pid 13812] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 3 [pid 408] fstat(4, [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13812] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13815] <... futex resumed>) = 0 [pid 13812] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13811] <... futex resumed>) = 0 [pid 412] ioctl(3, LOOP_CLR_FD [pid 408] getdents64(4, [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13812] <... openat resumed>) = 5 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13811] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] close(3 [pid 408] getdents64(4, [pid 13812] <... futex resumed>) = 0 [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13812] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13811] <... futex resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] close(4 [pid 13812] <... write resumed>) = 196608 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... close resumed>) = 0 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] rmdir("./491/bus" [pid 13812] <... futex resumed>) = 1 [pid 13811] <... futex resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 13812] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./491" [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 13821 [pid 408] <... rmdir resumed>) = 0 [pid 13811] <... futex resumed>) = 1 [pid 408] mkdir("./492", 0777 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... mkdir resumed>) = 0 [pid 13812] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 13812] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13812] <... mount resumed>) = 0 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 13822 ./strace-static-x86_64: Process 13820 attached [pid 13812] <... futex resumed>) = 1 [pid 13811] <... futex resumed>) = 0 [pid 13812] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13818 attached [pid 13818] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13818] memfd_create("syzkaller", 0 [pid 13812] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13820] set_robust_list(0x7f1c324369e0, 24 [pid 13818] <... memfd_create resumed>) = 3 [pid 13818] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13812] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13818] <... mmap resumed>) = 0x7f1c2a016000 [pid 13820] <... set_robust_list resumed>) = 0 [pid 13812] <... open resumed>) = 6 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13811] <... futex resumed>) = 0 [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 13819 attached [pid 13820] memfd_create("syzkaller", 0 [pid 13812] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13811] <... futex resumed>) = 0 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13818] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13820] <... memfd_create resumed>) = 3 [pid 13820] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13819] set_robust_list(0x7f1c324369e0, 24./strace-static-x86_64: Process 13821 attached ) = 0 [pid 13821] set_robust_list(0x555555f755e0, 24 [pid 13819] memfd_create("syzkaller", 0 [pid 13818] <... write resumed>) = 1048576 [pid 13818] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13818] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 245.384542][T13812] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/494/bus supports timestamps until 2038 (0x7fffffff) [pid 13818] ioctl(4, LOOP_SET_FD, 3 [pid 13821] <... set_robust_list resumed>) = 0 [pid 13820] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13819] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 13822 attached [pid 13818] <... ioctl resumed>) = 0 [pid 13818] close(3 [pid 13822] set_robust_list(0x555555f755e0, 24 [pid 13818] <... close resumed>) = 0 [pid 13822] <... set_robust_list resumed>) = 0 [pid 13818] mkdir("./bus", 0777 [pid 13822] chdir("./492" [pid 13818] <... mkdir resumed>) = 0 [pid 13822] <... chdir resumed>) = 0 [pid 13818] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13822] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13822] <... prctl resumed>) = 0 [pid 13822] setpgid(0, 0) = 0 [pid 13822] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13822] write(3, "1000", 4 [pid 13821] chdir("./490" [pid 13822] <... write resumed>) = 4 [pid 13821] <... chdir resumed>) = 0 [pid 13822] close(3 [pid 13821] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13822] <... close resumed>) = 0 [pid 13821] <... prctl resumed>) = 0 [pid 13822] symlink("/dev/binderfs", "./binderfs" [pid 13821] setpgid(0, 0 [pid 13822] <... symlink resumed>) = 0 [pid 13821] <... setpgid resumed>) = 0 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13821] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13822] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13821] <... openat resumed>) = 3 [pid 13822] <... mmap resumed>) = 0x7f1c32416000 [pid 13821] write(3, "1000", 4 [pid 13822] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13821] <... write resumed>) = 4 [pid 13822] <... mprotect resumed>) = 0 [pid 13821] close(3 [pid 13822] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13821] <... close resumed>) = 0 [pid 13821] symlink("/dev/binderfs", "./binderfs" [pid 13822] <... clone resumed>, parent_tid=[13823], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13823 [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] <... symlink resumed>) = 0 [pid 13822] <... futex resumed>) = 0 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13820] <... write resumed>) = 1048576 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13821] <... futex resumed>) = 0 [pid 13820] munmap(0x7f1c2a016000, 1048576 [pid 13812] <... write resumed>) = 1048576 [pid 13821] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13812] <... futex resumed>) = 1 [pid 13811] <... futex resumed>) = 0 [pid 13821] <... mprotect resumed>) = 0 [pid 13820] <... munmap resumed>) = 0 [pid 13812] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13811] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13812] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13811] <... futex resumed>) = 0 [pid 13820] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 13812] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13811] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13821] <... clone resumed>, parent_tid=[13824], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13824 [pid 13820] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13823 attached ./strace-static-x86_64: Process 13824 attached [pid 13824] set_robust_list(0x7f1c324369e0, 24 [pid 13823] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13824] <... set_robust_list resumed>) = 0 [pid 13824] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13823] memfd_create("syzkaller", 0) = 3 [pid 13823] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13824] <... futex resumed>) = 0 [pid 13824] memfd_create("syzkaller", 0) = 3 [pid 13824] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13823] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [ 245.425250][T13818] loop2: detected capacity change from 0 to 2048 [ 245.449725][T13812] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.464817][T13820] loop0: detected capacity change from 0 to 2048 [pid 13824] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13823] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13823] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 13823] ioctl(4, LOOP_SET_FD, 3 [pid 13811] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13811] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13811] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13811] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13811] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13827], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13827 [pid 13811] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13811] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13824] <... write resumed>) = 1048576 [pid 13819] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13824] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13824] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 13824] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13827 attached [pid 13823] <... ioctl resumed>) = 0 [pid 13820] <... ioctl resumed>) = 0 [pid 13819] <... write resumed>) = 1048576 [pid 13818] <... mount resumed>) = 0 [pid 13812] <... openat resumed>) = 7 [pid 13827] set_robust_list(0x7f1c2a1159e0, 24 [pid 13823] close(3 [pid 13820] close(3 [pid 13818] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13812] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13827] <... set_robust_list resumed>) = 0 [pid 13823] <... close resumed>) = 0 [pid 13820] <... close resumed>) = 0 [pid 13818] <... openat resumed>) = 3 [pid 13812] <... futex resumed>) = 0 [pid 13827] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13823] mkdir("./bus", 0777 [pid 13820] mkdir("./bus", 0777 [pid 13818] chdir("./bus" [pid 13812] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13827] <... openat resumed>) = 8 [pid 13823] <... mkdir resumed>) = 0 [pid 13820] <... mkdir resumed>) = 0 [pid 13818] <... chdir resumed>) = 0 [pid 13827] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13820] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13818] ioctl(4, LOOP_CLR_FD [pid 13827] <... futex resumed>) = 1 [pid 13818] <... ioctl resumed>) = 0 [pid 13811] <... futex resumed>) = 0 [pid 13827] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13818] close(4 [pid 13811] exit_group(0 [pid 13827] <... futex resumed>) = ? [pid 13818] <... close resumed>) = 0 [pid 13812] <... futex resumed>) = ? [pid 13811] <... exit_group resumed>) = ? [pid 13827] +++ exited with 0 +++ [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13812] +++ exited with 0 +++ [pid 13811] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13811, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 13818] <... futex resumed>) = 1 [pid 13817] <... futex resumed>) = 0 [pid 13818] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13818] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13817] <... futex resumed>) = 0 [pid 410] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13818] chdir("./file0" [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13818] <... chdir resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] fstat(3, [pid 13818] <... futex resumed>) = 1 [pid 13817] <... futex resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13818] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(3, [pid 13818] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13817] <... futex resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13818] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] lstat("./494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13818] <... open resumed>) = 4 [pid 410] unlink("./494/binderfs" [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... unlink resumed>) = 0 [pid 13818] <... futex resumed>) = 1 [pid 13817] <... futex resumed>) = 0 [ 245.474944][T13812] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 245.474980][T13818] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.493711][T13823] loop1: detected capacity change from 0 to 2048 [ 245.493866][T13818] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/486/bus supports timestamps until 2038 (0x7fffffff) [ 245.509931][T13824] loop5: detected capacity change from 0 to 2048 [pid 410] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13818] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] munmap(0x7f1c2a016000, 1048576 [pid 13817] <... futex resumed>) = 0 [pid 13819] <... munmap resumed>) = 0 [pid 13819] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13819] ioctl(4, LOOP_SET_FD, 3 [pid 13818] <... openat resumed>) = 5 [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13817] <... futex resumed>) = 0 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13818] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13819] <... ioctl resumed>) = 0 [pid 13819] close(3) = 0 [pid 13819] mkdir("./bus", 0777 [pid 13818] <... write resumed>) = 196608 [pid 13819] <... mkdir resumed>) = 0 [pid 13819] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13817] <... futex resumed>) = 0 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13818] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13817] <... futex resumed>) = 0 [pid 13818] <... futex resumed>) = 1 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13818] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13818] <... open resumed>) = 6 [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13817] <... futex resumed>) = 0 [pid 13818] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13824] <... ioctl resumed>) = 0 [pid 13824] close(3) = 0 [pid 13824] mkdir("./bus", 0777) = 0 [pid 13824] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13818] <... write resumed>) = 1048576 [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13818] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13817] <... futex resumed>) = 0 [pid 13817] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 245.532145][T13819] loop4: detected capacity change from 0 to 2048 [ 245.559053][T13820] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.571290][T13823] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13817] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] <... mount resumed>) = 0 [pid 13818] <... futex resumed>) = 0 [pid 13820] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13820] chdir("./bus") = 0 [pid 13820] ioctl(4, LOOP_CLR_FD) = 0 [pid 13820] close(4) = 0 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13815] <... futex resumed>) = 0 [pid 13820] chdir("./file0" [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13820] <... chdir resumed>) = 0 [pid 13815] <... futex resumed>) = 0 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] <... futex resumed>) = 0 [pid 13815] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13820] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13823] <... mount resumed>) = 0 [pid 13820] <... open resumed>) = 4 [ 245.573438][T13820] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/485/bus supports timestamps until 2038 (0x7fffffff) [ 245.582032][T13823] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/492/bus supports timestamps until 2038 (0x7fffffff) [ 245.596801][T13819] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.611508][T13824] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13818] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./494/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./494/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./494/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./494") = 0 [pid 410] mkdir("./495", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13836 [pid 13819] <... mount resumed>) = 0 [pid 13819] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13819] chdir("./bus") = 0 [pid 13819] ioctl(4, LOOP_CLR_FD) = 0 [pid 13819] close(4) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13819] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13817] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13816] <... futex resumed>) = 0 [pid 13817] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13819] <... futex resumed>) = 0 [pid 13817] <... futex resumed>) = 0 [pid 13816] <... futex resumed>) = 1 [pid 13815] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] chdir("./file0" [pid 13817] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13815] <... futex resumed>) = 0 [pid 13819] <... chdir resumed>) = 0 [pid 13817] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13815] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13817] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13815] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13820] <... futex resumed>) = 0 [pid 13819] <... futex resumed>) = 1 [pid 13817] <... mprotect resumed>) = 0 [pid 13816] <... futex resumed>) = 0 [pid 13815] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13824] <... mount resumed>) = 0 [pid 13820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13819] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13817] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... mprotect resumed>) = 0 [pid 13823] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 13836 attached [pid 13824] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13823] <... openat resumed>) = 3 [pid 13824] <... openat resumed>) = 3 [pid 13823] chdir("./bus" [pid 13824] chdir("./bus" [pid 13823] <... chdir resumed>) = 0 [pid 13824] <... chdir resumed>) = 0 [pid 13823] ioctl(4, LOOP_CLR_FD [pid 13824] ioctl(4, LOOP_CLR_FD [pid 13823] <... ioctl resumed>) = 0 [pid 13824] <... ioctl resumed>) = 0 [pid 13823] close(4 [pid 13824] close(4) = 0 [pid 13823] <... close resumed>) = 0 [pid 13819] <... open resumed>) = 4 [pid 13816] <... futex resumed>) = 0 [pid 13815] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] set_robust_list(0x555555f755e0, 24 [pid 13824] <... futex resumed>) = 1 [pid 13823] <... futex resumed>) = 1 [pid 13821] <... futex resumed>) = 0 [pid 13836] <... set_robust_list resumed>) = 0 [pid 13824] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13824] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13821] <... futex resumed>) = 0 [pid 13824] chdir("./file0" [pid 13836] chdir("./495" [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13838 attached ./strace-static-x86_64: Process 13837 attached [pid 13836] <... chdir resumed>) = 0 [pid 13824] <... chdir resumed>) = 0 [pid 13822] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13817] <... clone resumed>, parent_tid=[13837], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13837 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] <... prctl resumed>) = 0 [pid 13824] <... futex resumed>) = 1 [pid 13821] <... futex resumed>) = 0 [pid 13836] setpgid(0, 0 [pid 13824] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] <... setpgid resumed>) = 0 [pid 13824] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13821] <... futex resumed>) = 0 [pid 13836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13824] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13836] <... openat resumed>) = 3 [pid 13836] write(3, "1000", 4) = 4 [pid 13836] close(3) = 0 [pid 13836] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13836] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13836] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13839], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13839 [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13838] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13838] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13837] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13837] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] <... futex resumed>) = 0 [pid 13822] <... futex resumed>) = 1 [pid 13823] chdir("./file0" [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13823] <... chdir resumed>) = 0 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13822] <... futex resumed>) = 0 [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13822] <... futex resumed>) = 0 [pid 13816] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13823] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13824] <... open resumed>) = 4 [pid 13817] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... clone resumed>, parent_tid=[13838], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13838 [pid 13823] <... open resumed>) = 4 [pid 13817] <... futex resumed>) = 1 [pid 13816] <... futex resumed>) = 0 [pid 13815] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] <... futex resumed>) = 0 [pid 13817] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13815] <... futex resumed>) = 1 [pid 13824] <... futex resumed>) = 1 [pid 13823] <... futex resumed>) = 1 [pid 13822] <... futex resumed>) = 0 [pid 13821] <... futex resumed>) = 0 [pid 13819] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13815] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13839 attached [pid 13824] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] <... openat resumed>) = 5 [pid 13824] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13823] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13822] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13824] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13823] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13819] <... futex resumed>) = 1 [pid 13816] <... futex resumed>) = 0 [pid 13821] <... futex resumed>) = 0 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13824] <... openat resumed>) = 5 [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13839] set_robust_list(0x7f1c324369e0, 24 [pid 13823] <... openat resumed>) = 5 [pid 13816] <... futex resumed>) = 0 [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13824] <... futex resumed>) = 1 [pid 13823] <... futex resumed>) = 1 [pid 13822] <... futex resumed>) = 0 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13821] <... futex resumed>) = 0 [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13839] <... set_robust_list resumed>) = 0 [pid 13839] memfd_create("syzkaller", 0) = 3 [pid 13839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13838] <... futex resumed>) = 0 [pid 13837] <... futex resumed>) = 0 [pid 13824] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13823] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] <... write resumed>) = 196608 [pid 13818] <... openat resumed>) = 7 [pid 13839] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13838] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13837] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13824] <... write resumed>) = 196608 [pid 13822] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13819] <... futex resumed>) = 1 [pid 13816] <... futex resumed>) = 0 [pid 13819] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] <... mount resumed>) = 0 [pid 13816] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] <... write resumed>) = 196608 [pid 13819] <... futex resumed>) = 0 [pid 13816] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13838] <... openat resumed>) = 5 [pid 13837] <... openat resumed>) = 8 [pid 13824] <... futex resumed>) = 1 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13838] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13837] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13824] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13823] <... futex resumed>) = 1 [pid 13822] <... futex resumed>) = 0 [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13819] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13816] <... futex resumed>) = 0 [pid 13838] <... futex resumed>) = 1 [pid 13837] <... futex resumed>) = 1 [pid 13824] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13823] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] <... futex resumed>) = 0 [pid 13819] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13817] <... futex resumed>) = 0 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13815] <... futex resumed>) = 0 [pid 13838] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13837] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13824] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 13823] <... mount resumed>) = 0 [pid 13822] <... futex resumed>) = 0 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13819] <... open resumed>) = 6 [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13824] <... mount resumed>) = 0 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... futex resumed>) = 1 [ 245.615897][T13819] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/492/bus supports timestamps until 2038 (0x7fffffff) [ 245.626262][T13818] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.643295][T13824] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/490/bus supports timestamps until 2038 (0x7fffffff) [ 245.667307][T13818] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 13839] <... write resumed>) = 1048576 [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] <... futex resumed>) = 0 [pid 13822] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13820] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13819] <... futex resumed>) = 1 [pid 13818] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] <... futex resumed>) = 0 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13824] <... futex resumed>) = 1 [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] <... futex resumed>) = 0 [pid 13823] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13821] <... futex resumed>) = 0 [pid 13823] <... open resumed>) = 6 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13839] munmap(0x7f1c2a016000, 1048576 [pid 13818] <... futex resumed>) = 0 [pid 13839] <... munmap resumed>) = 0 [pid 13818] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13839] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 13839] ioctl(4, LOOP_SET_FD, 3 [pid 13824] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13823] <... futex resumed>) = 0 [pid 13822] <... futex resumed>) = 1 [pid 13820] <... write resumed>) = 196608 [pid 13819] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13817] exit_group(0 [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13839] <... ioctl resumed>) = 0 [pid 13824] <... open resumed>) = 6 [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13839] close(3) = 0 [pid 13839] mkdir("./bus", 0777) = 0 [pid 13839] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13817] <... exit_group resumed>) = ? [pid 13837] <... futex resumed>) = 230 [pid 13818] <... futex resumed>) = ? [pid 13818] +++ exited with 0 +++ [pid 13837] +++ exited with 0 +++ [pid 13817] +++ exited with 0 +++ [pid 13822] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13816] <... futex resumed>) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13817, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13823] <... futex resumed>) = 0 [pid 13822] <... futex resumed>) = 1 [pid 13823] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13821] <... futex resumed>) = 0 [pid 13824] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13820] <... futex resumed>) = 1 [pid 13815] <... futex resumed>) = 0 [pid 409] umount2("./486", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13819] <... write resumed>) = 1048576 [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13820] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13815] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "./486", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13820] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] <... mount resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 3 [pid 13824] <... write resumed>) = 1048576 [pid 13823] <... write resumed>) = 1048576 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./486/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./486/binderfs", [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13824] <... futex resumed>) = 1 [pid 13821] <... futex resumed>) = 0 [pid 13820] <... futex resumed>) = 1 [pid 13815] <... futex resumed>) = 0 [pid 409] unlink("./486/binderfs" [pid 13824] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13821] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... unlink resumed>) = 0 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] <... futex resumed>) = 0 [pid 13820] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13819] <... futex resumed>) = 1 [pid 13815] <... futex resumed>) = 0 [pid 13821] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13819] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13820] <... open resumed>) = 6 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13823] <... futex resumed>) = 1 [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13816] <... futex resumed>) = 0 [pid 13822] <... futex resumed>) = 0 [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./486/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13822] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13823] <... futex resumed>) = 0 [pid 13822] <... futex resumed>) = 1 [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13823] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13822] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13820] <... futex resumed>) = 0 [pid 13815] <... futex resumed>) = 1 [pid 13819] <... futex resumed>) = 0 [pid 13816] <... futex resumed>) = 1 [ 245.695938][T13839] loop3: detected capacity change from 0 to 2048 [ 245.730354][T13824] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13819] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13821] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 245.745507][T13823] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.747440][T13819] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.760899][T13824] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 245.773816][T13839] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13820] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13821] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13821] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13823] <... openat resumed>) = 7 [pid 13821] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13822] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13822] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13822] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13821] <... mprotect resumed>) = 0 [pid 13823] <... futex resumed>) = 0 [pid 13822] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13821] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13823] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13821] <... clone resumed>, parent_tid=[13843], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13843 [pid 13822] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13821] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13822] <... clone resumed>, parent_tid=[13844], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13844 [pid 13821] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13822] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13822] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13843 attached ./strace-static-x86_64: Process 13844 attached [pid 13839] <... mount resumed>) = 0 [pid 13843] set_robust_list(0x7f1c2a1159e0, 24 [pid 13839] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13843] <... set_robust_list resumed>) = 0 [pid 13839] <... openat resumed>) = 3 [pid 13843] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13839] chdir("./bus") = 0 [pid 13839] ioctl(4, LOOP_CLR_FD) = 0 [pid 13839] close(4) = 0 [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13839] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13836] <... futex resumed>) = 0 [pid 13839] chdir("./file0" [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13839] <... chdir resumed>) = 0 [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13839] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13836] <... futex resumed>) = 0 [pid 13839] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13844] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13844] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13844] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13844] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13822] <... futex resumed>) = 0 [pid 13843] <... openat resumed>) = 8 [pid 13839] <... open resumed>) = 4 [pid 13824] <... openat resumed>) = 7 [pid 13822] exit_group(0 [pid 13820] <... write resumed>) = 1048576 [pid 13843] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13843] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13822] <... exit_group resumed>) = ? [pid 13821] <... futex resumed>) = 0 [pid 13823] <... futex resumed>) = ? [pid 13824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13844] <... futex resumed>) = ? [pid 13839] <... futex resumed>) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13824] <... futex resumed>) = 0 [pid 13823] +++ exited with 0 +++ [pid 13821] exit_group(0 [pid 13819] <... openat resumed>) = 7 [pid 13843] <... futex resumed>) = ? [pid 13839] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13821] <... exit_group resumed>) = ? [pid 13820] <... futex resumed>) = 1 [pid 13815] <... futex resumed>) = 0 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] <... futex resumed>) = 0 [pid 13843] +++ exited with 0 +++ [pid 13839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13839] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13815] <... futex resumed>) = 0 [pid 13816] <... futex resumed>) = 0 [pid 13816] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13816] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13839] <... openat resumed>) = 5 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13819] <... futex resumed>) = 1 [pid 13819] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13816] <... futex resumed>) = 0 [pid 13816] exit_group(0 [pid 13824] +++ exited with 0 +++ [pid 13821] +++ exited with 0 +++ [pid 13816] <... exit_group resumed>) = ? [pid 13819] <... futex resumed>) = ? [pid 13819] +++ exited with 0 +++ [pid 13816] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13816, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 411] umount2("./492", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./492/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./492/binderfs") = 0 [pid 411] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13821, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 13839] <... futex resumed>) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13844] +++ exited with 0 +++ [pid 13839] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13822] +++ exited with 0 +++ [pid 13836] <... futex resumed>) = 0 [ 245.792922][T13823] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 245.802485][T13839] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/495/bus supports timestamps until 2038 (0x7fffffff) [ 245.814645][T13819] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 13820] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13822, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 13839] <... write resumed>) = 196608 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./490", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13839] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13836] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./490", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 13839] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./490/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./490/binderfs", [pid 13839] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./490/binderfs" [pid 13839] <... mount resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./492", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13839] <... futex resumed>) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13836] <... futex resumed>) = 0 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] openat(AT_FDCWD, "./492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13839] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] <... futex resumed>) = 0 [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 13836] <... futex resumed>) = 0 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] fstat(3, [pid 13839] <... futex resumed>) = 1 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13839] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 408] getdents64(3, [pid 409] <... umount2 resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./486/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./486/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./486/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./486/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./486/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./486") = 0 [pid 409] mkdir("./487", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 408] umount2("./492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 13845 [pid 408] lstat("./492/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./492/binderfs") = 0 [pid 13820] <... openat resumed>) = 7 [pid 408] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 13845 attached [pid 13845] set_robust_list(0x555555f755e0, 24) = 0 [pid 13845] chdir("./487") = 0 [pid 13839] <... write resumed>) = 1048576 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13845] setpgid(0, 0) = 0 [pid 13845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13845] write(3, "1000", 4) = 4 [pid 13845] close(3) = 0 [pid 13845] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13845] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13845] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13846], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13846 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13846 attached [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... futex resumed>) = 0 [pid 13839] <... futex resumed>) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13820] <... futex resumed>) = 1 [pid 13815] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13839] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13815] <... futex resumed>) = 0 [pid 13839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13836] <... futex resumed>) = 0 [pid 13820] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13815] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13839] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13846] memfd_create("syzkaller", 0) = 3 [pid 13846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13846] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13846] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13846] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 245.841330][T13820] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.861691][T13820] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 13846] ioctl(4, LOOP_SET_FD, 3 [pid 13820] <... openat resumed>) = 8 [pid 13820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13815] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 13820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13815] exit_group(0 [pid 13838] <... futex resumed>) = ? [pid 13820] <... futex resumed>) = ? [pid 13815] <... exit_group resumed>) = ? [pid 13838] +++ exited with 0 +++ [pid 13820] +++ exited with 0 +++ [pid 411] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13815] +++ exited with 0 +++ [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13815, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] lstat("./492/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./492/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./492/bus" [pid 412] <... umount2 resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./492") = 0 [pid 411] mkdir("./493", 0777) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13847 [pid 13846] <... ioctl resumed>) = 0 [pid 13846] close(3) = 0 [pid 13846] mkdir("./bus", 0777) = 0 [pid 13846] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... restart_syscall resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./490/bus", [pid 408] lstat("./492/bus", [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./485", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] openat(AT_FDCWD, "./490/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./492/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... openat resumed>) = 4 [pid 407] openat(AT_FDCWD, "./485", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... openat resumed>) = 4 [pid 412] fstat(4, [pid 407] <... openat resumed>) = 3 [pid 408] fstat(4, [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] fstat(3, [pid 412] getdents64(4, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, [pid 407] getdents64(3, [pid 412] getdents64(4, [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] getdents64(4, [pid 407] umount2("./485/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4 [pid 408] close(4 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 412] rmdir("./490/bus" [pid 408] rmdir("./492/bus" [pid 407] lstat("./485/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 407] unlink("./485/binderfs") = 0 [pid 412] getdents64(3, [pid 408] <... rmdir resumed>) = 0 [pid 407] umount2("./485/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13839] <... openat resumed>) = 7 [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13836] <... futex resumed>) = 0 [pid 13836] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13836] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13839] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] close(3 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3 [pid 412] <... close resumed>) = 0 [pid 13839] <... openat resumed>) = 8 [pid 13839] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13836] <... futex resumed>) = 0 [pid 13836] exit_group(0) = ? [pid 13839] <... futex resumed>) = ? [pid 13839] +++ exited with 0 +++ [pid 13836] +++ exited with 0 +++ ./strace-static-x86_64: Process 13847 attached [pid 412] rmdir("./490" [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13836, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./492" [pid 412] <... rmdir resumed>) = 0 [pid 410] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] <... rmdir resumed>) = 0 [pid 412] mkdir("./491", 0777 [pid 410] fstat(3, [pid 407] umount2("./485/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] mkdir("./493", 0777 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./495/binderfs", [pid 412] <... mkdir resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 410] unlink("./495/binderfs") = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 412] <... openat resumed>) = 3 [pid 410] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] ioctl(3, LOOP_CLR_FD [pid 408] <... openat resumed>) = 3 [pid 407] lstat("./485/bus", [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13847] set_robust_list(0x555555f755e0, 24) = 0 [pid 13847] chdir("./493") = 0 [pid 412] close(3 [pid 408] ioctl(3, LOOP_CLR_FD [pid 412] <... close resumed>) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] close(3 [pid 407] umount2("./485/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 13849 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 13850 [pid 407] openat(AT_FDCWD, "./485/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, [pid 13847] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, [pid 13847] <... prctl resumed>) = 0 [pid 13847] setpgid(0, 0) = 0 [pid 13847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 13847] <... openat resumed>) = 3 [pid 13847] write(3, "1000", 4) = 4 [pid 13847] close(3 [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./485/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./485" [pid 13847] <... close resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 407] mkdir("./486", 0777 [pid 13847] symlink("/dev/binderfs", "./binderfs" [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 13847] <... symlink resumed>) = 0 [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 13849 attached [pid 13849] set_robust_list(0x555555f755e0, 24) = 0 [pid 13849] chdir("./491") = 0 [pid 13849] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13847] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13847] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13847] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13851], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13851 [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13849] <... prctl resumed>) = 0 [pid 13849] setpgid(0, 0) = 0 [pid 13849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 13850 attached [pid 13850] set_robust_list(0x555555f755e0, 24) = 0 [pid 13850] chdir("./493") = 0 [pid 13850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13850] setpgid(0, 0 [pid 13849] <... openat resumed>) = 3 ./strace-static-x86_64: Process 13851 attached [pid 13850] <... setpgid resumed>) = 0 [pid 13849] write(3, "1000", 4 [pid 13851] set_robust_list(0x7f1c324369e0, 24 [pid 13850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13849] <... write resumed>) = 4 [pid 13849] close(3) = 0 [pid 13849] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13849] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13849] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13849] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13853], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13853 [ 245.885355][T13839] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 245.896739][T13846] loop2: detected capacity change from 0 to 2048 [ 245.917911][T13839] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13851] <... set_robust_list resumed>) = 0 [pid 13851] memfd_create("syzkaller", 0 [pid 13850] <... openat resumed>) = 3 [pid 13851] <... memfd_create resumed>) = 3 [pid 13851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13850] write(3, "1000", 4) = 4 [pid 13850] close(3) = 0 [pid 13851] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13850] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13850] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13854], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13854 [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13853 attached [pid 13853] set_robust_list(0x7f1c324369e0, 24) = 0 ./strace-static-x86_64: Process 13854 attached [pid 13853] memfd_create("syzkaller", 0 [pid 13851] <... write resumed>) = 1048576 [pid 410] <... umount2 resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 410] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] ioctl(3, LOOP_CLR_FD [pid 13851] munmap(0x7f1c2a016000, 1048576 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13851] <... munmap resumed>) = 0 [pid 410] lstat("./495/bus", [pid 407] close(3 [pid 13851] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13851] <... openat resumed>) = 4 [pid 410] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... close resumed>) = 0 [pid 13851] ioctl(4, LOOP_SET_FD, 3 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] openat(AT_FDCWD, "./495/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13854] set_robust_list(0x7f1c324369e0, 24 [pid 410] <... openat resumed>) = 4 [pid 13854] <... set_robust_list resumed>) = 0 [pid 13853] <... memfd_create resumed>) = 3 [pid 410] fstat(4, [pid 13854] memfd_create("syzkaller", 0 [pid 13853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13854] <... memfd_create resumed>) = 3 [pid 13853] <... mmap resumed>) = 0x7f1c2a016000 [pid 410] getdents64(4, [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 13855 ./strace-static-x86_64: Process 13855 attached [pid 13854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13853] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13854] <... mmap resumed>) = 0x7f1c2a016000 [pid 410] getdents64(4, [pid 13854] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./495/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./495") = 0 [pid 410] mkdir("./496", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13856 [pid 13855] set_robust_list(0x555555f755e0, 24 [pid 13851] <... ioctl resumed>) = 0 [pid 13851] close(3) = 0 [pid 13851] mkdir("./bus", 0777) = 0 [pid 13851] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13855] <... set_robust_list resumed>) = 0 [pid 13855] chdir("./486" [pid 13846] <... mount resumed>) = 0 [pid 13846] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13846] chdir("./bus") = 0 [pid 13846] ioctl(4, LOOP_CLR_FD) = 0 [pid 13855] <... chdir resumed>) = 0 [pid 13855] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13846] close(4 [pid 13855] <... prctl resumed>) = 0 [pid 13846] <... close resumed>) = 0 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13855] setpgid(0, 0 [pid 13846] chdir("./file0" [pid 13855] <... setpgid resumed>) = 0 [pid 13846] <... chdir resumed>) = 0 [pid 13855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13855] write(3, "1000", 4 [pid 13845] <... futex resumed>) = 0 [pid 13855] <... write resumed>) = 4 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13855] close(3 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13855] <... close resumed>) = 0 [pid 13846] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13855] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 13856 attached ) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13846] <... open resumed>) = 4 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13846] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13846] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13855] <... futex resumed>) = 0 [pid 13855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13855] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13855] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13857], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13857 [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13846] <... write resumed>) = 196608 [pid 13856] set_robust_list(0x555555f755e0, 24) = 0 [pid 13856] chdir("./496") = 0 [pid 13856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13856] setpgid(0, 0) = 0 [pid 13856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13856] write(3, "1000", 4) = 4 [pid 13856] close(3) = 0 [pid 13856] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13846] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13856] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13845] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13856] <... mprotect resumed>) = 0 [pid 13846] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13856] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 1 [pid 13846] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13856] <... clone resumed>, parent_tid=[13858], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13858 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13853] <... write resumed>) = 1048576 [pid 13853] munmap(0x7f1c2a016000, 1048576./strace-static-x86_64: Process 13857 attached [pid 13857] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13857] memfd_create("syzkaller", 0) = 3 [pid 13857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13846] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 13858 attached [pid 13854] <... write resumed>) = 1048576 [pid 13853] <... munmap resumed>) = 0 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13858] set_robust_list(0x7f1c324369e0, 24 [pid 13854] munmap(0x7f1c2a016000, 1048576 [pid 13853] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 13846] <... futex resumed>) = 1 [pid 13846] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13845] <... futex resumed>) = 0 [pid 13854] <... munmap resumed>) = 0 [pid 13845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13846] <... futex resumed>) = 0 [pid 13853] <... openat resumed>) = 4 [pid 13846] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 245.958205][T13846] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 245.975640][T13851] loop4: detected capacity change from 0 to 2048 [ 245.983083][T13846] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/487/bus supports timestamps until 2038 (0x7fffffff) [pid 13854] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13857] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13857] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 13857] ioctl(4, LOOP_SET_FD, 3 [pid 13858] <... set_robust_list resumed>) = 0 [pid 13854] <... openat resumed>) = 4 [pid 13853] ioctl(4, LOOP_SET_FD, 3 [pid 13857] <... ioctl resumed>) = 0 [pid 13857] close(3) = 0 [pid 13857] mkdir("./bus", 0777) = 0 [pid 13857] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13858] memfd_create("syzkaller", 0) = 3 [pid 13858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13858] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13854] ioctl(4, LOOP_SET_FD, 3 [pid 13858] <... write resumed>) = 1048576 [pid 13858] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13858] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 246.028063][T13846] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.035752][T13857] loop0: detected capacity change from 0 to 2048 [ 246.043264][T13851] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.058490][T13853] loop5: detected capacity change from 0 to 2048 [ 246.061906][T13858] loop3: detected capacity change from 0 to 2048 [ 246.066413][T13854] loop1: detected capacity change from 0 to 2048 [pid 13858] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 13845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13858] close(3 [pid 13846] <... openat resumed>) = 7 [pid 13845] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13846] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13858] <... close resumed>) = 0 [pid 13854] <... ioctl resumed>) = 0 [pid 13853] <... ioctl resumed>) = 0 [pid 13851] <... mount resumed>) = 0 [pid 13845] <... futex resumed>) = 0 [pid 13858] mkdir("./bus", 0777 [pid 13854] close(3 [pid 13853] close(3 [pid 13851] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13858] <... mkdir resumed>) = 0 [pid 13854] <... close resumed>) = 0 [pid 13853] <... close resumed>) = 0 [pid 13851] <... openat resumed>) = 3 [pid 13845] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13858] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13854] mkdir("./bus", 0777 [pid 13853] mkdir("./bus", 0777 [pid 13851] chdir("./bus" [pid 13845] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13854] <... mkdir resumed>) = 0 [pid 13853] <... mkdir resumed>) = 0 [pid 13851] <... chdir resumed>) = 0 [pid 13845] <... mprotect resumed>) = 0 [pid 13854] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13853] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13851] ioctl(4, LOOP_CLR_FD [pid 13845] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13851] <... ioctl resumed>) = 0 [pid 13851] close(4 [pid 13845] <... clone resumed>, parent_tid=[13863], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13863 [pid 13851] <... close resumed>) = 0 [pid 13845] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13845] <... futex resumed>) = 0 [pid 13851] <... futex resumed>) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13845] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] chdir("./file0" [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] <... chdir resumed>) = 0 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] <... open resumed>) = 4 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] <... openat resumed>) = 5 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 13863 attached ) = 1 [ 246.071076][T13846] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 246.085958][T13851] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/493/bus supports timestamps until 2038 (0x7fffffff) [pid 13847] <... futex resumed>) = 0 [pid 13863] set_robust_list(0x7f1c2a1159e0, 24 [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] <... write resumed>) = 196608 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] <... mount resumed>) = 0 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] <... open resumed>) = 6 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13847] <... futex resumed>) = 0 [pid 13851] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13863] <... set_robust_list resumed>) = 0 [pid 13854] <... mount resumed>) = 0 [pid 13854] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13854] chdir("./bus") = 0 [pid 13854] ioctl(4, LOOP_CLR_FD) = 0 [pid 13854] close(4) = 0 [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 246.121589][T13854] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.121793][T13858] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.138885][T13854] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/493/bus supports timestamps until 2038 (0x7fffffff) [ 246.144184][T13857] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13863] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13850] <... futex resumed>) = 0 [pid 13845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13858] <... mount resumed>) = 0 [pid 13858] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13858] chdir("./bus") = 0 [pid 13858] ioctl(4, LOOP_CLR_FD) = 0 [pid 13858] close(4) = 0 [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] <... futex resumed>) = 0 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] <... futex resumed>) = 1 [pid 13858] chdir("./file0" [pid 13863] <... openat resumed>) = 8 [pid 13863] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13863] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] <... futex resumed>) = 0 [pid 13850] <... futex resumed>) = 1 [pid 13854] chdir("./file0" [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13854] <... chdir resumed>) = 0 [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13850] <... futex resumed>) = 0 [pid 13854] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13845] exit_group(0 [pid 13863] <... futex resumed>) = ? [pid 13845] <... exit_group resumed>) = ? [pid 13863] +++ exited with 0 +++ [pid 13858] <... chdir resumed>) = 0 [pid 13857] <... mount resumed>) = 0 [pid 13854] <... open resumed>) = 4 [pid 13847] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13846] <... futex resumed>) = ? [pid 13846] +++ exited with 0 +++ [pid 13845] +++ exited with 0 +++ [pid 13857] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13857] chdir("./bus") = 0 [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] ioctl(4, LOOP_CLR_FD) = 0 [pid 13856] <... futex resumed>) = 0 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] <... futex resumed>) = 1 [pid 13858] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13857] close(4) = 0 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13855] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13857] <... futex resumed>) = 1 [pid 13857] chdir("./file0" [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13847] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13845, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 13858] <... open resumed>) = 4 [pid 13857] <... chdir resumed>) = 0 [pid 13854] <... futex resumed>) = 1 [pid 13851] <... write resumed>) = 1048576 [pid 13850] <... futex resumed>) = 0 [pid 13847] <... futex resumed>) = 0 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13847] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13851] <... futex resumed>) = 0 [pid 13850] <... futex resumed>) = 0 [pid 13847] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] umount2("./487", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13847] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13847] <... mprotect resumed>) = 0 [pid 409] openat(AT_FDCWD, "./487", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13854] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13847] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] <... openat resumed>) = 3 [pid 13854] <... openat resumed>) = 5 [pid 409] fstat(3, [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13847] <... clone resumed>, parent_tid=[13870], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13870 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13854] <... futex resumed>) = 1 [pid 13850] <... futex resumed>) = 0 [pid 13847] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, [pid 13854] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13847] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] <... write resumed>) = 196608 [pid 13850] <... futex resumed>) = 0 [pid 13847] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./487/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = 1 [pid 13855] <... futex resumed>) = 0 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13858] <... futex resumed>) = 1 [pid 13857] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./487/binderfs", [pid 13858] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13857] <... open resumed>) = 4 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13855] <... futex resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13858] <... openat resumed>) = 5 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] unlink("./487/binderfs" [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13855] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = 1 [pid 13855] <... futex resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 13858] <... futex resumed>) = 1 [pid 13857] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 409] umount2("./487/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13858] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13857] <... openat resumed>) = 5 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13858] <... write resumed>) = 196608 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] <... futex resumed>) = 0 [pid 13854] <... futex resumed>) = 1 [pid 13850] <... futex resumed>) = 0 [pid 13857] <... futex resumed>) = 1 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13855] <... futex resumed>) = 0 [pid 13854] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] <... mount resumed>) = 0 [pid 13850] <... futex resumed>) = 0 [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13855] <... futex resumed>) = 0 [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] <... futex resumed>) = 1 [pid 13857] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13854] <... futex resumed>) = 0 [pid 13850] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13857] <... write resumed>) = 196608 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13858] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] <... futex resumed>) = 0 [pid 13854] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13850] <... futex resumed>) = 0 [pid 13858] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 13857] <... futex resumed>) = 1 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13855] <... futex resumed>) = 0 [pid 13854] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] <... mount resumed>) = 0 [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] <... open resumed>) = 6 [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13855] <... futex resumed>) = 0 [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13858] <... futex resumed>) = 1 [pid 13857] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13854] <... futex resumed>) = 1 [pid 13850] <... futex resumed>) = 0 ./strace-static-x86_64: Process 13870 attached [pid 13858] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13857] <... mount resumed>) = 0 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13853] <... mount resumed>) = 0 [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] <... futex resumed>) = 0 [pid 13853] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13850] <... futex resumed>) = 0 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] <... openat resumed>) = 3 [pid 13853] chdir("./bus") = 0 [pid 13853] ioctl(4, LOOP_CLR_FD) = 0 [pid 13853] close(4 [pid 13870] set_robust_list(0x7f1c2a1159e0, 24 [pid 13858] <... open resumed>) = 6 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] <... close resumed>) = 0 [pid 13870] <... set_robust_list resumed>) = 0 [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = 1 [pid 13855] <... futex resumed>) = 0 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13870] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13858] <... futex resumed>) = 1 [ 246.158391][T13858] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/496/bus supports timestamps until 2038 (0x7fffffff) [ 246.170325][T13857] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/486/bus supports timestamps until 2038 (0x7fffffff) [ 246.190419][T13853] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.201719][T13853] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/491/bus supports timestamps until 2038 (0x7fffffff) [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] <... futex resumed>) = 1 [pid 13858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13854] <... write resumed>) = 1048576 [pid 13849] <... futex resumed>) = 0 [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] <... futex resumed>) = 1 [pid 13850] <... futex resumed>) = 0 [pid 13849] <... futex resumed>) = 0 [pid 13854] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13850] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13855] <... futex resumed>) = 0 [pid 13853] chdir("./file0" [pid 13850] <... futex resumed>) = 0 [pid 13858] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13857] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13856] <... futex resumed>) = 0 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] <... chdir resumed>) = 0 [pid 13857] <... open resumed>) = 6 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] <... futex resumed>) = 0 [pid 13857] <... futex resumed>) = 1 [pid 13855] <... futex resumed>) = 0 [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13855] <... futex resumed>) = 0 [pid 13847] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13857] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13847] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13850] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13849] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13858] <... write resumed>) = 1048576 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13849] <... futex resumed>) = 1 [pid 13858] <... futex resumed>) = 1 [pid 13856] <... futex resumed>) = 0 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13858] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13853] <... futex resumed>) = 0 [pid 13851] <... futex resumed>) = 0 [pid 13847] <... futex resumed>) = 1 [pid 13853] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13851] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 246.232750][T13870] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.238436][T13854] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.264976][T13870] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 13847] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13870] <... openat resumed>) = 7 [pid 13857] <... write resumed>) = 1048576 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] <... open resumed>) = 4 [pid 13851] <... openat resumed>) = 8 [pid 409] <... umount2 resumed>) = 0 [pid 13870] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13870] <... futex resumed>) = 0 [pid 13857] <... futex resumed>) = 1 [pid 13855] <... futex resumed>) = 0 [pid 13853] <... futex resumed>) = 1 [pid 13851] <... futex resumed>) = 1 [pid 13847] <... futex resumed>) = 0 [pid 13870] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13851] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13847] exit_group(0 [pid 13870] <... futex resumed>) = ? [pid 13857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13855] <... futex resumed>) = 0 [pid 13851] <... futex resumed>) = ? [pid 13847] <... exit_group resumed>) = ? [pid 13870] +++ exited with 0 +++ [pid 13857] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13851] +++ exited with 0 +++ [pid 13847] +++ exited with 0 +++ [pid 13858] <... openat resumed>) = 7 [pid 13849] <... futex resumed>) = 0 [pid 409] umount2("./487/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13858] <... futex resumed>) = 1 [pid 13856] <... futex resumed>) = 0 [pid 13849] <... futex resumed>) = 1 [pid 409] lstat("./487/bus", [pid 13858] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13858] <... openat resumed>) = 8 [pid 13856] <... futex resumed>) = 0 [pid 409] umount2("./487/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13858] <... futex resumed>) = 0 [pid 13856] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] openat(AT_FDCWD, "./487/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13856] exit_group(0 [pid 409] <... openat resumed>) = 4 [pid 13858] <... futex resumed>) = ? [pid 13856] <... exit_group resumed>) = ? [pid 409] fstat(4, [pid 13854] <... openat resumed>) = 7 [pid 13853] <... futex resumed>) = 0 [pid 13850] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13858] +++ exited with 0 +++ [pid 13856] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13847, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13857] <... openat resumed>) = 7 [pid 13850] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(4, [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13850] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13857] <... futex resumed>) = 1 [pid 13850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] getdents64(4, [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13850] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13850] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] close(4 [pid 13850] <... mprotect resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 13850] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] rmdir("./487/bus"./strace-static-x86_64: Process 13871 attached [pid 13854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... rmdir resumed>) = 0 [pid 13855] <... futex resumed>) = 0 [pid 13850] <... clone resumed>, parent_tid=[13871], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13871 [pid 409] getdents64(3, [pid 13850] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13850] <... futex resumed>) = 0 [pid 409] close(3 [pid 13850] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./487" [pid 13854] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./488", 0777 [pid 13871] set_robust_list(0x7f1c2a1159e0, 24 [pid 13855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13853] <... openat resumed>) = 5 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13856, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 13871] <... set_robust_list resumed>) = 0 [pid 13855] <... futex resumed>) = 1 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 13871] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] <... futex resumed>) = 1 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13871] <... openat resumed>) = 8 [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13849] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13871] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13857] <... futex resumed>) = 0 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 410] <... openat resumed>) = 3 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 13872 attached [pid 13871] <... futex resumed>) = 1 [pid 13857] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13853] <... futex resumed>) = 0 [pid 13850] <... futex resumed>) = 0 [pid 13849] <... futex resumed>) = 1 [pid 411] fstat(3, [pid 410] fstat(3, [pid 13857] <... openat resumed>) = 8 [pid 13853] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13850] exit_group(0 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 13872 [pid 13872] set_robust_list(0x555555f755e0, 24 [pid 13871] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13872] <... set_robust_list resumed>) = 0 [pid 13857] <... futex resumed>) = 1 [pid 13872] chdir("./488" [pid 13857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] <... chdir resumed>) = 0 [pid 13872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13872] setpgid(0, 0) = 0 [pid 13872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13872] write(3, "1000", 4) = 4 [pid 13872] close(3) = 0 [pid 13872] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13872] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13872] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13872] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13873], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13873 [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13873 attached [pid 13873] set_robust_list(0x7f1c324369e0, 24 [pid 13853] <... write resumed>) = 196608 [pid 13855] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 410] getdents64(3, [pid 13855] exit_group(0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13857] <... futex resumed>) = ? [pid 13855] <... exit_group resumed>) = ? [pid 13854] <... futex resumed>) = ? [pid 13850] <... exit_group resumed>) = ? [pid 13857] +++ exited with 0 +++ [pid 13873] <... set_robust_list resumed>) = 0 [pid 13854] +++ exited with 0 +++ [pid 13873] memfd_create("syzkaller", 0) = 3 [pid 13873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13871] <... futex resumed>) = ? [pid 13855] +++ exited with 0 +++ [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13853] <... futex resumed>) = 1 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13849] <... futex resumed>) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13855, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 411] lstat("./493/binderfs", [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] lstat("./496/binderfs", [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13849] <... futex resumed>) = 0 [pid 13853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 411] unlink("./493/binderfs" [pid 407] umount2("./486", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13853] <... mount resumed>) = 0 [pid 410] unlink("./496/binderfs" [pid 411] <... unlink resumed>) = 0 [pid 13873] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... unlink resumed>) = 0 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 246.266382][T13858] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.282922][T13854] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 246.289728][T13858] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 246.306830][T13857] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.321252][T13857] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 411] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./486", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13853] <... futex resumed>) = 1 [pid 13849] <... futex resumed>) = 0 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 13853] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13849] <... futex resumed>) = 0 [pid 407] fstat(3, [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] <... open resumed>) = 6 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13853] <... futex resumed>) = 1 [pid 13849] <... futex resumed>) = 0 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] umount2("./486/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13849] <... futex resumed>) = 0 [pid 13873] <... write resumed>) = 1048576 [pid 13873] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13873] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 13873] ioctl(4, LOOP_SET_FD, 3 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13871] +++ exited with 0 +++ [pid 13850] +++ exited with 0 +++ [pid 407] lstat("./486/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13850, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 408] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] unlink("./486/binderfs" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... unlink resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 407] umount2("./486/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] fstat(3, [pid 13873] <... ioctl resumed>) = 0 [pid 13873] close(3) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13873] mkdir("./bus", 0777 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./493/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13873] <... mkdir resumed>) = 0 [pid 408] unlink("./493/binderfs" [pid 13873] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13853] <... write resumed>) = 1048576 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13849] <... futex resumed>) = 0 [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13853] <... futex resumed>) = 0 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13853] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./486/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./486/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./486/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./486/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [ 246.353605][T13873] loop2: detected capacity change from 0 to 2048 [ 246.380650][T13853] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.395173][T13853] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 407] rmdir("./486/bus" [pid 411] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 411] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] getdents64(3, [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] lstat("./493/bus", [pid 410] lstat("./496/bus", [pid 407] close(3 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... close resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] rmdir("./486" [pid 411] openat(AT_FDCWD, "./493/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... rmdir resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 410] openat(AT_FDCWD, "./496/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] mkdir("./487", 0777 [pid 411] fstat(4, [pid 410] <... openat resumed>) = 4 [pid 407] <... mkdir resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] fstat(4, [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 411] getdents64(4, [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... openat resumed>) = 3 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, [pid 407] ioctl(3, LOOP_CLR_FD [pid 411] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] getdents64(4, [pid 407] close(3 [pid 411] close(4 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 410] close(4 [pid 411] rmdir("./493/bus" [pid 410] <... close resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... rmdir resumed>) = 0 [pid 410] rmdir("./496/bus"./strace-static-x86_64: Process 13876 attached [pid 13853] <... openat resumed>) = 7 [pid 411] getdents64(3, [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... rmdir resumed>) = 0 [pid 13853] <... futex resumed>) = 1 [pid 13849] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] getdents64(3, [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 13876 [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13849] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13849] <... futex resumed>) = 0 [pid 13853] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13849] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] close(3 [pid 13853] <... openat resumed>) = 8 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 410] close(3 [pid 13876] set_robust_list(0x555555f755e0, 24 [pid 13853] <... futex resumed>) = 1 [pid 13849] <... futex resumed>) = 0 [pid 13853] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13849] exit_group(0 [pid 13853] <... futex resumed>) = ? [pid 13849] <... exit_group resumed>) = ? [pid 13853] +++ exited with 0 +++ [pid 13849] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13849, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 411] rmdir("./493") = 0 [pid 411] mkdir("./494", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 412] umount2("./491", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] close(3 [pid 412] openat(AT_FDCWD, "./491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... close resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 13876] <... set_robust_list resumed>) = 0 [pid 13873] <... mount resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] rmdir("./496" [pid 408] <... umount2 resumed>) = 0 [pid 13876] chdir("./487" [pid 412] fstat(3, [pid 410] <... rmdir resumed>) = 0 [pid 408] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13876] <... chdir resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 13877 [pid 410] mkdir("./497", 0777 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13876] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 412] getdents64(3, [pid 410] <... mkdir resumed>) = 0 [pid 408] lstat("./493/bus", [pid 13876] <... prctl resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13876] setpgid(0, 0 [pid 412] umount2("./491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... openat resumed>) = 3 [pid 408] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13876] <... setpgid resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] ioctl(3, LOOP_CLR_FD [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 412] lstat("./491/binderfs", [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] openat(AT_FDCWD, "./493/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13876] <... openat resumed>) = 3 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] close(3 [pid 408] <... openat resumed>) = 4 [pid 13876] write(3, "1000", 4 [pid 412] unlink("./491/binderfs" [pid 410] <... close resumed>) = 0 [pid 408] fstat(4, [pid 13876] <... write resumed>) = 4 [pid 412] <... unlink resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13876] close(3 [pid 13873] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 412] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] getdents64(4, ./strace-static-x86_64: Process 13878 attached ./strace-static-x86_64: Process 13877 attached [pid 13876] <... close resumed>) = 0 [pid 13873] <... openat resumed>) = 3 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 13878 [pid 13877] set_robust_list(0x555555f755e0, 24 [pid 13876] symlink("/dev/binderfs", "./binderfs" [pid 13873] chdir("./bus" [pid 13878] set_robust_list(0x555555f755e0, 24 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13877] <... set_robust_list resumed>) = 0 [pid 13873] <... chdir resumed>) = 0 [pid 13876] <... symlink resumed>) = 0 [pid 13873] ioctl(4, LOOP_CLR_FD [pid 408] getdents64(4, [pid 13878] <... set_robust_list resumed>) = 0 [pid 13877] chdir("./494" [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] <... ioctl resumed>) = 0 [pid 13877] <... chdir resumed>) = 0 [pid 13876] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13877] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] close(4 [pid 13878] chdir("./497" [pid 13877] <... prctl resumed>) = 0 [pid 13876] <... mmap resumed>) = 0x7f1c32416000 [pid 408] <... close resumed>) = 0 [pid 13877] setpgid(0, 0 [pid 13876] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 408] rmdir("./493/bus" [pid 13878] <... chdir resumed>) = 0 [pid 13877] <... setpgid resumed>) = 0 [pid 13876] <... mprotect resumed>) = 0 [pid 13873] close(4 [pid 13878] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13876] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13873] <... close resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 13878] <... prctl resumed>) = 0 [pid 13877] <... openat resumed>) = 3 [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(3, [pid 13878] setpgid(0, 0 [pid 13877] write(3, "1000", 4 [pid 13876] <... clone resumed>, parent_tid=[13879], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13879 [pid 13873] <... futex resumed>) = 1 [pid 13872] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13878] <... setpgid resumed>) = 0 [pid 13877] <... write resumed>) = 4 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] close(3 [pid 13878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13877] close(3 [pid 13876] <... futex resumed>) = 0 [pid 13873] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13872] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 13878] <... openat resumed>) = 3 [pid 13877] <... close resumed>) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] rmdir("./493" [pid 13878] write(3, "1000", 4 [pid 13877] symlink("/dev/binderfs", "./binderfs" [pid 13873] chdir("./file0" [pid 408] <... rmdir resumed>) = 0 [pid 13878] <... write resumed>) = 4 [pid 13877] <... symlink resumed>) = 0 [pid 13873] <... chdir resumed>) = 0 [pid 408] mkdir("./494", 0777 [pid 13878] close(3 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 13879 attached [pid 13878] <... close resumed>) = 0 [pid 13877] <... futex resumed>) = 0 [pid 13873] <... futex resumed>) = 1 [pid 13872] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13879] set_robust_list(0x7f1c324369e0, 24 [pid 13878] symlink("/dev/binderfs", "./binderfs" [pid 13877] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13879] <... set_robust_list resumed>) = 0 [pid 13877] <... mmap resumed>) = 0x7f1c32416000 [pid 13873] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13872] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 13878] <... symlink resumed>) = 0 [pid 13877] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13873] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] ioctl(3, LOOP_CLR_FD [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13877] <... mprotect resumed>) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13879] memfd_create("syzkaller", 0 [pid 13878] <... futex resumed>) = 0 [pid 13877] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] close(3 [pid 13879] <... memfd_create resumed>) = 3 [pid 13878] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13873] <... open resumed>) = 4 [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13878] <... mmap resumed>) = 0x7f1c32416000 [pid 13873] <... futex resumed>) = 1 [pid 13872] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 13879] <... mmap resumed>) = 0x7f1c2a016000 [pid 13878] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13877] <... clone resumed>, parent_tid=[13880], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13880 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 13880 attached [pid 13878] <... mprotect resumed>) = 0 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13872] <... futex resumed>) = 0 [pid 13880] set_robust_list(0x7f1c324369e0, 24 [pid 13873] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13880] <... set_robust_list resumed>) = 0 [pid 13878] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13877] <... futex resumed>) = 0 [pid 13873] <... openat resumed>) = 5 [pid 13880] memfd_create("syzkaller", 0 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 13881 [pid 13880] <... memfd_create resumed>) = 3 [pid 13878] <... clone resumed>, parent_tid=[13882], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13882 [pid 13873] <... futex resumed>) = 1 [pid 13872] <... futex resumed>) = 0 [pid 13880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] <... mmap resumed>) = 0x7f1c2a016000 [pid 13878] <... futex resumed>) = 0 [pid 13873] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13872] <... futex resumed>) = 0 ./strace-static-x86_64: Process 13882 attached ./strace-static-x86_64: Process 13881 attached [pid 13879] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13873] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13882] set_robust_list(0x7f1c324369e0, 24 [pid 13881] set_robust_list(0x555555f755e0, 24 [pid 13880] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13879] <... write resumed>) = 1048576 [pid 13882] <... set_robust_list resumed>) = 0 [pid 13881] <... set_robust_list resumed>) = 0 [pid 13879] munmap(0x7f1c2a016000, 1048576 [pid 13882] memfd_create("syzkaller", 0 [pid 13881] chdir("./494" [pid 13879] <... munmap resumed>) = 0 [pid 13882] <... memfd_create resumed>) = 3 [pid 13881] <... chdir resumed>) = 0 [pid 13879] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 13882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13881] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13879] <... openat resumed>) = 4 [pid 13873] <... write resumed>) = 196608 [pid 13882] <... mmap resumed>) = 0x7f1c2a016000 [pid 13881] <... prctl resumed>) = 0 [pid 13879] ioctl(4, LOOP_SET_FD, 3 [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] setpgid(0, 0 [pid 13880] <... write resumed>) = 1048576 [pid 13873] <... futex resumed>) = 1 [pid 13872] <... futex resumed>) = 0 [pid 13880] munmap(0x7f1c2a016000, 1048576 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] <... setpgid resumed>) = 0 [pid 13873] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13872] <... futex resumed>) = 0 [pid 13873] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 246.403462][T13873] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.420430][T13873] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/488/bus supports timestamps until 2038 (0x7fffffff) [pid 13881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13873] <... mount resumed>) = 0 [pid 13880] <... munmap resumed>) = 0 [pid 13880] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 13880] ioctl(4, LOOP_SET_FD, 3 [pid 13881] <... openat resumed>) = 3 [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 13880] <... ioctl resumed>) = 0 [pid 13881] write(3, "1000", 4 [pid 13873] <... futex resumed>) = 1 [pid 13880] close(3) = 0 [pid 13880] mkdir("./bus", 0777 [pid 13872] <... futex resumed>) = 0 [pid 13881] <... write resumed>) = 4 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13881] close(3 [pid 13873] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13872] <... futex resumed>) = 0 [pid 13873] <... open resumed>) = 6 [pid 13881] <... close resumed>) = 0 [pid 13881] symlink("/dev/binderfs", "./binderfs" [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13881] <... symlink resumed>) = 0 [pid 13880] <... mkdir resumed>) = 0 [pid 13872] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] <... futex resumed>) = 0 [pid 13881] <... futex resumed>) = 0 [pid 13873] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13879] <... ioctl resumed>) = 0 [pid 13879] close(3) = 0 [pid 13879] mkdir("./bus", 0777) = 0 [pid 13879] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13882] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13872] <... futex resumed>) = 0 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13881] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13881] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13881] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13883], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13883 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13882] <... write resumed>) = 1048576 [pid 13882] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13882] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 13882] ioctl(4, LOOP_SET_FD, 3 [pid 412] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./491/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13882] <... ioctl resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 13883 attached [pid 13882] close(3) = 0 [ 246.471025][T13879] loop0: detected capacity change from 0 to 2048 [ 246.472263][T13880] loop4: detected capacity change from 0 to 2048 [ 246.496654][T13882] loop3: detected capacity change from 0 to 2048 [pid 13882] mkdir("./bus", 0777 [pid 13883] set_robust_list(0x7f1c324369e0, 24 [pid 13882] <... mkdir resumed>) = 0 [pid 13873] <... write resumed>) = 1048576 [pid 412] openat(AT_FDCWD, "./491/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 13883] <... set_robust_list resumed>) = 0 [pid 13882] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13873] <... futex resumed>) = 1 [pid 13872] <... futex resumed>) = 0 [pid 13872] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 412] close(4 [pid 13883] memfd_create("syzkaller", 0 [pid 13873] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13872] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] <... memfd_create resumed>) = 3 [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./491/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./491") = 0 [pid 412] mkdir("./492", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13888 ./strace-static-x86_64: Process 13888 attached [pid 13888] set_robust_list(0x555555f755e0, 24) = 0 [pid 13888] chdir("./492") = 0 [pid 13888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13888] setpgid(0, 0) = 0 [pid 13888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13888] write(3, "1000", 4) = 4 [pid 13888] close(3) = 0 [pid 13888] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13888] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13888] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13889], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13889 [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13889 attached [pid 13889] set_robust_list(0x7f1c324369e0, 24) = 0 [ 246.513026][T13879] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.525968][T13879] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/487/bus supports timestamps until 2038 (0x7fffffff) [ 246.526997][T13873] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.527057][T13880] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.554738][T13873] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 13889] memfd_create("syzkaller", 0 [pid 13883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13879] <... mount resumed>) = 0 [pid 13879] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13879] chdir("./bus") = 0 [pid 13879] ioctl(4, LOOP_CLR_FD) = 0 [pid 13879] close(4 [pid 13872] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13872] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13889] <... memfd_create resumed>) = 3 [pid 13883] <... mmap resumed>) = 0x7f1c2a016000 [pid 13872] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13872] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13872] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13892], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13892 [pid 13872] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13872] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13889] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13879] <... close resumed>) = 0 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] chdir("./file0") = 0 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13889] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 13892 attached [pid 13889] munmap(0x7f1c2a016000, 1048576 [pid 13873] <... openat resumed>) = 7 [pid 13873] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13873] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13879] <... open resumed>) = 4 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13883] <... write resumed>) = 1048576 [pid 13883] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13883] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 13883] ioctl(4, LOOP_SET_FD, 3 [pid 13892] set_robust_list(0x7f1c2a1159e0, 24 [pid 13889] <... munmap resumed>) = 0 [pid 13880] <... mount resumed>) = 0 [pid 13879] <... write resumed>) = 196608 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13879] <... futex resumed>) = 1 [pid 13879] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13892] <... set_robust_list resumed>) = 0 [pid 13889] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 13880] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13892] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13889] <... openat resumed>) = 4 [pid 13880] <... openat resumed>) = 3 [ 246.562669][T13880] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/494/bus supports timestamps until 2038 (0x7fffffff) [ 246.598301][T13882] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.604891][T13883] loop1: detected capacity change from 0 to 2048 [pid 13892] <... openat resumed>) = 8 [pid 13889] ioctl(4, LOOP_SET_FD, 3 [pid 13880] chdir("./bus" [pid 13892] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13883] <... ioctl resumed>) = 0 [pid 13882] <... mount resumed>) = 0 [pid 13883] close(3 [pid 13882] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13883] <... close resumed>) = 0 [pid 13882] <... openat resumed>) = 3 [pid 13883] mkdir("./bus", 0777 [pid 13882] chdir("./bus" [pid 13883] <... mkdir resumed>) = 0 [pid 13882] <... chdir resumed>) = 0 [pid 13883] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13882] ioctl(4, LOOP_CLR_FD) = 0 [pid 13882] close(4) = 0 [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13878] <... futex resumed>) = 0 [pid 13882] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13882] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13878] <... futex resumed>) = 0 [pid 13882] chdir("./file0" [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13889] <... ioctl resumed>) = 0 [pid 13889] close(3) = 0 [pid 13889] mkdir("./bus", 0777) = 0 [pid 13889] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13882] <... chdir resumed>) = 0 [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13878] <... futex resumed>) = 0 [pid 13882] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13872] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13880] <... chdir resumed>) = 0 [pid 13878] <... futex resumed>) = 0 [pid 13892] <... futex resumed>) = 0 [pid 13880] ioctl(4, LOOP_CLR_FD [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13872] exit_group(0 [pid 13892] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13880] <... ioctl resumed>) = 0 [pid 13880] close(4 [pid 13892] <... futex resumed>) = ? [pid 13882] <... open resumed>) = 4 [pid 13880] <... close resumed>) = 0 [pid 13872] <... exit_group resumed>) = ? [pid 13892] +++ exited with 0 +++ [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13882] <... futex resumed>) = 1 [pid 13880] <... futex resumed>) = 1 [pid 13878] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = 0 [pid 13882] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13873] <... futex resumed>) = ? [pid 13882] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13880] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13879] <... write resumed>) = 1048576 [pid 13878] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = 0 [pid 13882] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13880] chdir("./file0" [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13882] <... openat resumed>) = 5 [pid 13880] <... chdir resumed>) = 0 [pid 13879] <... futex resumed>) = 1 [pid 13876] <... futex resumed>) = 0 [pid 13873] +++ exited with 0 +++ [pid 13872] +++ exited with 0 +++ [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13882] <... futex resumed>) = 1 [pid 13880] <... futex resumed>) = 1 [pid 13879] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13878] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13872, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 13882] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./488", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./488", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./488/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./488/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./488/binderfs") = 0 [ 246.609283][T13882] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/497/bus supports timestamps until 2038 (0x7fffffff) [ 246.622897][T13889] loop5: detected capacity change from 0 to 2048 [ 246.653204][T13879] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 409] umount2("./488/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13882] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13880] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] <... futex resumed>) = 0 [pid 13882] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13880] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13878] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = 0 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13889] <... mount resumed>) = 0 [pid 13883] <... mount resumed>) = 0 [pid 13882] <... write resumed>) = 196608 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13880] <... open resumed>) = 4 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13877] <... futex resumed>) = 0 [pid 13880] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] <... openat resumed>) = 5 [pid 13877] <... futex resumed>) = 0 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13880] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13880] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] <... write resumed>) = 196608 [pid 13877] <... futex resumed>) = 0 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13878] <... futex resumed>) = 0 [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13882] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13878] <... futex resumed>) = 0 [pid 13882] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13882] <... open resumed>) = 6 [pid 13878] <... futex resumed>) = 0 [pid 13889] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13883] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13879] <... openat resumed>) = 7 [pid 13889] <... openat resumed>) = 3 [pid 13880] <... futex resumed>) = 1 [pid 13878] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13877] <... futex resumed>) = 0 [pid 13882] <... futex resumed>) = 0 [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13882] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13878] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = 0 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13889] chdir("./bus" [pid 13880] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 13889] <... chdir resumed>) = 0 [pid 13880] <... mount resumed>) = 0 [pid 13889] ioctl(4, LOOP_CLR_FD [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] <... ioctl resumed>) = 0 [pid 13880] <... futex resumed>) = 1 [pid 13877] <... futex resumed>) = 0 [pid 13889] close(4 [pid 13880] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] <... close resumed>) = 0 [pid 13880] <... open resumed>) = 6 [pid 13877] <... futex resumed>) = 0 [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] <... futex resumed>) = 1 [pid 13888] <... futex resumed>) = 0 [pid 13880] <... futex resumed>) = 0 [pid 13889] chdir("./file0" [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] <... chdir resumed>) = 0 [pid 13888] <... futex resumed>) = 0 [pid 13880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13889] <... futex resumed>) = 0 [pid 13888] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13889] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] <... openat resumed>) = 3 [pid 13883] chdir("./bus") = 0 [pid 13883] ioctl(4, LOOP_CLR_FD) = 0 [pid 13883] close(4) = 0 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13879] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13881] <... futex resumed>) = 0 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13876] <... futex resumed>) = 0 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] <... open resumed>) = 4 [pid 13881] <... futex resumed>) = 1 [pid 13876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13877] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13876] <... futex resumed>) = 1 [pid 13883] <... futex resumed>) = 0 [pid 13889] <... futex resumed>) = 1 [pid 13888] <... futex resumed>) = 0 [pid 13883] chdir("./file0" [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13889] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] <... futex resumed>) = 0 [pid 13877] <... futex resumed>) = 1 [pid 13889] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13888] <... futex resumed>) = 0 [pid 13880] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13889] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] <... chdir resumed>) = 0 [pid 13879] <... futex resumed>) = 0 [pid 13879] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13879] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13879] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13876] <... futex resumed>) = 0 [pid 13876] exit_group(0) = ? [pid 13879] <... futex resumed>) = ? [pid 13889] <... openat resumed>) = 5 [pid 13879] +++ exited with 0 +++ [pid 13876] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13876, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./487", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13889] <... futex resumed>) = 1 [pid 13888] <... futex resumed>) = 0 [pid 13889] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] openat(AT_FDCWD, "./487", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13889] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13888] <... futex resumed>) = 0 [pid 13883] <... futex resumed>) = 1 [pid 13881] <... futex resumed>) = 0 [pid 13889] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 13889] <... write resumed>) = 196608 [pid 13881] <... futex resumed>) = 0 [pid 407] fstat(3, [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./487/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./487/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./487/binderfs") = 0 [pid 407] umount2("./487/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13889] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13888] <... futex resumed>) = 0 [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] <... futex resumed>) = 0 [pid 13888] <... futex resumed>) = 1 [pid 13889] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13882] <... write resumed>) = 1048576 [pid 13889] <... mount resumed>) = 0 [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13888] <... futex resumed>) = 0 [pid 13889] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13883] <... open resumed>) = 4 [pid 13882] <... futex resumed>) = 1 [pid 407] <... umount2 resumed>) = 0 [pid 13878] <... futex resumed>) = 0 [pid 13888] <... futex resumed>) = 0 [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 246.662800][T13889] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.667892][T13883] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.679042][T13889] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/492/bus supports timestamps until 2038 (0x7fffffff) [ 246.687849][T13883] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/494/bus supports timestamps until 2038 (0x7fffffff) [ 246.711279][T13879] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 13882] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13889] <... open resumed>) = 6 [pid 13881] <... futex resumed>) = 0 [pid 13878] <... futex resumed>) = 0 [pid 407] umount2("./487/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./487/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./487/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./487/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] getdents64(4, [pid 13881] <... futex resumed>) = 1 [pid 13889] <... futex resumed>) = 1 [pid 13888] <... futex resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./487/bus" [pid 13889] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13883] <... futex resumed>) = 0 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... rmdir resumed>) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./487") = 0 [pid 407] mkdir("./488", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 13888] <... futex resumed>) = 0 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13881] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... umount2 resumed>) = 0 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./488/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./488/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./488/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./488/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./488/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./488" [pid 13880] <... write resumed>) = 1048576 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13877] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./489", 0777 [pid 13877] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 13883] <... futex resumed>) = 0 [pid 13883] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13877] <... futex resumed>) = 1 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13880] <... futex resumed>) = 0 [pid 13883] <... write resumed>) = 196608 [pid 13880] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13877] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 13898 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] <... futex resumed>) = 0 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] <... futex resumed>) = 1 [pid 13883] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] <... futex resumed>) = 0 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] <... futex resumed>) = 1 [pid 13883] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] <... futex resumed>) = 0 [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13883] <... futex resumed>) = 1 [pid 13883] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 13898 attached [pid 13898] set_robust_list(0x555555f755e0, 24) = 0 [pid 13898] chdir("./489") = 0 [pid 13883] <... write resumed>) = 1048576 [pid 13882] <... openat resumed>) = 7 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13883] <... futex resumed>) = 1 [pid 13882] <... futex resumed>) = 1 [pid 13881] <... futex resumed>) = 0 [pid 13883] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13882] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 246.752747][T13882] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.778738][T13880] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.780821][T13882] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 13881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13898] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13889] <... write resumed>) = 1048576 [pid 13888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13881] <... futex resumed>) = 0 [pid 13878] <... futex resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 13888] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] ioctl(3, LOOP_CLR_FD [pid 13888] <... futex resumed>) = 0 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] close(3 [pid 13888] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 407] <... close resumed>) = 0 [pid 13888] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13888] <... mprotect resumed>) = 0 [pid 13888] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 13899 [pid 13888] <... clone resumed>, parent_tid=[13900], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13900 [pid 13888] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13888] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13898] <... prctl resumed>) = 0 [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13878] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13889] <... futex resumed>) = 0 [pid 13898] setpgid(0, 0 [pid 13889] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13878] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13898] <... setpgid resumed>) = 0 [pid 13882] <... futex resumed>) = 0 [pid 13898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13882] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 13899 attached [pid 13899] set_robust_list(0x555555f755e0, 24) = 0 [pid 13899] chdir("./488") = 0 [pid 13899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13899] setpgid(0, 0) = 0 [pid 13899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13899] write(3, "1000", 4) = 4 [pid 13899] close(3) = 0 [pid 13899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13899] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13899] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13899] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13901], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13901 [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13901 attached [pid 13901] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13901] memfd_create("syzkaller", 0) = 3 [pid 13901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13882] <... openat resumed>) = 8 [pid 13877] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13880] <... openat resumed>) = 7 [pid 13877] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13898] <... openat resumed>) = 3 [pid 13877] <... futex resumed>) = 0 [pid 13882] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13898] write(3, "1000", 4 [pid 13880] <... futex resumed>) = 0 [pid 13880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13877] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13898] <... write resumed>) = 4 [pid 13882] <... futex resumed>) = 1 [pid 13878] <... futex resumed>) = 0 [pid 13878] exit_group(0 [pid 13877] <... mmap resumed>) = 0x7f1c2a0f5000 ./strace-static-x86_64: Process 13900 attached [pid 13898] close(3 [pid 13882] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13878] <... exit_group resumed>) = ? [pid 13877] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13898] <... close resumed>) = 0 [pid 13882] <... futex resumed>) = ? [pid 13877] <... mprotect resumed>) = 0 [pid 13882] +++ exited with 0 +++ [pid 13878] +++ exited with 0 +++ [pid 13901] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13878, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 13877] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13898] symlink("/dev/binderfs", "./binderfs") = 0 [pid 410] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13877] <... clone resumed>, parent_tid=[13902], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13902 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13877] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13900] set_robust_list(0x7f1c2a1159e0, 24 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13877] <... futex resumed>) = 0 [pid 13898] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13877] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, [pid 13898] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 13898] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13900] <... set_robust_list resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13900] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13898] <... mprotect resumed>) = 0 [ 246.814452][T13883] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.816442][T13880] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 246.838047][T13883] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 13898] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13901] <... write resumed>) = 1048576 [pid 13901] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 13901] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13902 attached [pid 13883] <... openat resumed>) = 7 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13901] <... ioctl resumed>) = 0 [pid 13901] close(3) = 0 [pid 13901] mkdir("./bus", 0777) = 0 [pid 13901] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 13903 attached [pid 13903] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13903] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13902] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13902] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13902] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13881] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13902] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13881] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13881] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13881] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13888] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 13881] <... mprotect resumed>) = 0 [pid 13888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13881] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13881] <... clone resumed>, parent_tid=[13904], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13904 [pid 13888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13881] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13881] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13898] <... clone resumed>, parent_tid=[13903], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13903 [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13903] <... futex resumed>) = 0 [pid 13903] memfd_create("syzkaller", 0) = 3 [pid 13903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./497/binderfs", [pid 13877] <... futex resumed>) = 0 [pid 13889] <... futex resumed>) = 0 [pid 13883] <... futex resumed>) = 0 [pid 13889] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13877] exit_group(0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13902] <... futex resumed>) = ? [pid 13880] <... futex resumed>) = ? [pid 13877] <... exit_group resumed>) = ? [pid 410] unlink("./497/binderfs" [pid 13902] +++ exited with 0 +++ [pid 13880] +++ exited with 0 +++ [pid 410] <... unlink resumed>) = 0 [pid 13877] +++ exited with 0 +++ [pid 410] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13903] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13877, si_uid=0, si_status=0, si_utime=0, si_stime=11} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13903] <... write resumed>) = 1048576 [pid 13903] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13903] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13903] <... openat resumed>) = 4 [pid 411] unlink("./494/binderfs" [pid 13903] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... unlink resumed>) = 0 [pid 411] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13903] <... ioctl resumed>) = 0 [pid 13903] close(3) = 0 [pid 13903] mkdir("./bus", 0777) = 0 [pid 13903] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 13904 attached [pid 13904] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13904] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [ 246.858449][T13900] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 246.858708][T13901] loop0: detected capacity change from 0 to 2048 [ 246.873189][T13900] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 246.902233][T13903] loop2: detected capacity change from 0 to 2048 [pid 13904] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13900] <... openat resumed>) = 7 [pid 13889] <... openat resumed>) = 8 [pid 13900] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13900] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13881] <... futex resumed>) = 0 [pid 13881] exit_group(0) = ? [pid 13904] <... futex resumed>) = ? [pid 13904] +++ exited with 0 +++ [pid 13889] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13888] <... futex resumed>) = 0 [pid 13889] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13888] exit_group(0 [pid 13889] <... futex resumed>) = ? [pid 13888] <... exit_group resumed>) = ? [pid 13889] +++ exited with 0 +++ [pid 13900] <... futex resumed>) = ? [pid 13883] <... futex resumed>) = ? [pid 13883] +++ exited with 0 +++ [pid 13881] +++ exited with 0 +++ [pid 13900] +++ exited with 0 +++ [pid 13888] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13888, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13881, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 412] <... restart_syscall resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 408] <... restart_syscall resumed>) = 0 [pid 408] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./494/binderfs") = 0 [pid 408] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./497/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./497/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./497/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./497") = 0 [pid 410] mkdir("./498", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13909 [pid 13901] <... mount resumed>) = 0 [pid 13901] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13901] chdir("./bus") = 0 [pid 13901] ioctl(4, LOOP_CLR_FD) = 0 [pid 13901] close(4) = 0 [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13901] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 13909 attached [pid 13909] set_robust_list(0x555555f755e0, 24) = 0 [pid 13909] chdir("./498") = 0 [pid 13909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13909] setpgid(0, 0) = 0 [pid 13909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13909] write(3, "1000", 4) = 4 [pid 13909] close(3) = 0 [pid 13909] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13909] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13909] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13909] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13910], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13910 [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13910 attached [pid 13910] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13910] memfd_create("syzkaller", 0) = 3 [pid 13910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13899] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13901] <... futex resumed>) = 0 [pid 13901] chdir("./file0" [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13901] <... chdir resumed>) = 0 [pid 412] umount2("./492", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13899] <... futex resumed>) = 0 [pid 13901] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13901] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13899] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13901] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... openat resumed>) = 3 [pid 412] fstat(3, [pid 13901] <... open resumed>) = 4 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] lstat("./494/bus", [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13901] <... futex resumed>) = 1 [pid 13899] <... futex resumed>) = 0 [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13901] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13899] <... futex resumed>) = 0 [pid 412] umount2("./492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13901] <... openat resumed>) = 5 [pid 412] lstat("./492/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./492/binderfs" [pid 411] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... unlink resumed>) = 0 [pid 13901] <... futex resumed>) = 1 [pid 13899] <... futex resumed>) = 0 [pid 13901] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13901] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13899] <... futex resumed>) = 0 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13901] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] openat(AT_FDCWD, "./494/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13901] <... write resumed>) = 196608 [pid 411] <... openat resumed>) = 4 [pid 13910] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13910] <... write resumed>) = 1048576 [pid 13910] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13910] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 13910] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 13901] <... futex resumed>) = 1 [pid 13899] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 13901] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [ 246.916658][T13901] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 246.928693][T13901] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/488/bus supports timestamps until 2038 (0x7fffffff) [ 246.940720][T13903] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13901] <... mount resumed>) = 0 [pid 13899] <... futex resumed>) = 0 [pid 411] rmdir("./494/bus" [pid 13910] <... ioctl resumed>) = 0 [pid 13910] close(3) = 0 [pid 13910] mkdir("./bus", 0777) = 0 [pid 13910] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13901] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13901] <... futex resumed>) = 0 [pid 13899] <... futex resumed>) = 1 [pid 13901] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13901] <... open resumed>) = 6 [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13899] <... futex resumed>) = 0 [pid 13901] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... rmdir resumed>) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./494") = 0 [pid 411] mkdir("./495", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13911 [pid 13903] <... mount resumed>) = 0 [pid 13903] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13903] chdir("./bus") = 0 [pid 13903] ioctl(4, LOOP_CLR_FD) = 0 [pid 13903] close(4) = 0 [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13903] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13898] <... futex resumed>) = 0 [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 13911 attached [pid 13911] set_robust_list(0x555555f755e0, 24 [pid 13898] <... futex resumed>) = 1 [pid 13911] <... set_robust_list resumed>) = 0 [pid 13911] chdir("./495" [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13903] <... futex resumed>) = 0 [pid 13903] chdir("./file0") = 0 [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13898] <... futex resumed>) = 0 [pid 13903] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13903] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13903] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13898] <... futex resumed>) = 0 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13901] <... write resumed>) = 1048576 [pid 13903] <... open resumed>) = 4 [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13898] <... futex resumed>) = 0 [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13899] <... futex resumed>) = 0 [pid 13899] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13903] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13903] <... openat resumed>) = 5 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13898] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13903] <... futex resumed>) = 0 [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13903] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13901] <... futex resumed>) = 1 [pid 13901] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13903] <... write resumed>) = 196608 [pid 412] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13903] <... futex resumed>) = 1 [pid 13898] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13903] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] lstat("./492/bus", [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13903] <... mount resumed>) = 0 [pid 13898] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] lstat("./494/bus", [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13898] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "./492/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13898] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 4 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13903] <... futex resumed>) = 1 [pid 13898] <... futex resumed>) = 0 [pid 412] close(4 [pid 13903] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 412] <... close resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13903] <... open resumed>) = 6 [pid 412] rmdir("./492/bus" [pid 408] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13903] <... futex resumed>) = 1 [pid 13898] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 408] openat(AT_FDCWD, "./494/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13903] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... openat resumed>) = 4 [pid 13903] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13898] <... futex resumed>) = 0 [pid 412] close(3 [pid 13903] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 246.968533][T13910] loop3: detected capacity change from 0 to 2048 [ 246.973870][T13903] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/489/bus supports timestamps until 2038 (0x7fffffff) [ 247.001614][T13901] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 412] <... close resumed>) = 0 [pid 408] fstat(4, [pid 13911] <... chdir resumed>) = 0 [pid 412] rmdir("./492" [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13911] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 412] <... rmdir resumed>) = 0 [pid 13911] <... prctl resumed>) = 0 [pid 408] getdents64(4, [pid 412] mkdir("./493", 0777 [pid 13911] setpgid(0, 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13911] <... setpgid resumed>) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 13911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 408] getdents64(4, [pid 13911] <... openat resumed>) = 3 [pid 412] <... openat resumed>) = 3 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13911] write(3, "1000", 4 [pid 412] ioctl(3, LOOP_CLR_FD [pid 408] close(4 [pid 13911] <... write resumed>) = 4 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] <... close resumed>) = 0 [pid 13911] close(3 [pid 412] close(3 [pid 408] rmdir("./494/bus" [pid 13911] <... close resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 13911] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13911] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13911] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... rmdir resumed>) = 0 [pid 13911] <... clone resumed>, parent_tid=[13914], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13914 [pid 408] getdents64(3, [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 13915 [pid 13911] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 408] close(3) = 0 [pid 408] rmdir("./494") = 0 [pid 408] mkdir("./495", 0777) = 0 [pid 13899] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13899] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13899] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13899] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13899] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13899] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13916], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13916 [pid 13899] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13899] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13901] <... openat resumed>) = 7 [pid 13901] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13901] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 13914 attached [pid 13914] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13914] memfd_create("syzkaller", 0) = 3 [pid 13914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13903] <... write resumed>) = 1048576 [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13903] <... futex resumed>) = 1 [pid 13898] <... futex resumed>) = 0 [pid 13903] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 13914] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13914] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13914] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 247.028009][T13901] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 247.049838][T13910] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.062192][T13903] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13914] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13916 attached ./strace-static-x86_64: Process 13915 attached [pid 13898] <... futex resumed>) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 13914] <... ioctl resumed>) = 0 [pid 13914] close(3) = 0 [pid 13914] mkdir("./bus", 0777) = 0 [pid 13914] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13916] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13916] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13916] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13899] <... futex resumed>) = 0 [pid 13916] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13899] exit_group(0 [pid 13916] <... futex resumed>) = ? [pid 13901] <... futex resumed>) = ? [pid 13899] <... exit_group resumed>) = ? [pid 13916] +++ exited with 0 +++ [pid 13901] +++ exited with 0 +++ [pid 13899] +++ exited with 0 +++ [pid 13915] set_robust_list(0x555555f755e0, 24) = 0 [pid 13915] chdir("./493") = 0 [pid 13915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13915] setpgid(0, 0) = 0 [pid 13915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13915] write(3, "1000", 4) = 4 [pid 13915] close(3) = 0 [pid 13915] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13915] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13915] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13917], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13917 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13918 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13899, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 407] umount2("./488", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./488", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./488/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./488/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./488/binderfs") = 0 [pid 407] umount2("./488/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 13918 attached ./strace-static-x86_64: Process 13917 attached [pid 13910] <... mount resumed>) = 0 [pid 13903] <... openat resumed>) = 7 [pid 13918] set_robust_list(0x555555f755e0, 24 [pid 13917] set_robust_list(0x7f1c324369e0, 24 [pid 13910] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13918] <... set_robust_list resumed>) = 0 [pid 13917] <... set_robust_list resumed>) = 0 [pid 13910] <... openat resumed>) = 3 [pid 13918] chdir("./495" [pid 13917] memfd_create("syzkaller", 0 [pid 13910] chdir("./bus" [pid 13918] <... chdir resumed>) = 0 [pid 13917] <... memfd_create resumed>) = 3 [pid 13910] <... chdir resumed>) = 0 [pid 13918] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13910] ioctl(4, LOOP_CLR_FD [pid 13917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13918] <... prctl resumed>) = 0 [pid 13910] <... ioctl resumed>) = 0 [pid 13910] close(4) = 0 [pid 13898] <... futex resumed>) = 0 [pid 13898] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13898] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13903] <... futex resumed>) = 1 [pid 13903] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13898] <... futex resumed>) = 0 [pid 13898] exit_group(0) = ? [pid 13903] <... futex resumed>) = ? [pid 13903] +++ exited with 0 +++ [pid 13898] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13898, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 13917] <... mmap resumed>) = 0x7f1c2a016000 [pid 13918] setpgid(0, 0 [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... restart_syscall resumed>) = 0 [pid 13918] <... setpgid resumed>) = 0 [pid 13918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13910] <... futex resumed>) = 1 [pid 13909] <... futex resumed>) = 0 [pid 409] umount2("./489", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./489", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./489/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./489/binderfs", [pid 13910] chdir("./file0" [pid 13909] <... futex resumed>) = 0 [pid 13918] <... openat resumed>) = 3 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13918] write(3, "1000", 4 [pid 13910] <... chdir resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13918] <... write resumed>) = 4 [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] close(3 [pid 13910] <... futex resumed>) = 1 [pid 13909] <... futex resumed>) = 0 [pid 13918] <... close resumed>) = 0 [pid 13910] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] symlink("/dev/binderfs", "./binderfs" [pid 13910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13909] <... futex resumed>) = 0 [pid 13918] <... symlink resumed>) = 0 [pid 13910] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] unlink("./489/binderfs" [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13917] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13910] <... open resumed>) = 4 [pid 409] <... unlink resumed>) = 0 [pid 13918] <... futex resumed>) = 0 [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13918] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13910] <... futex resumed>) = 1 [pid 13909] <... futex resumed>) = 0 [pid 13918] <... mmap resumed>) = 0x7f1c32416000 [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13910] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13909] <... futex resumed>) = 0 [pid 13918] <... mprotect resumed>) = 0 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13910] <... openat resumed>) = 5 [pid 13918] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13918] <... clone resumed>, parent_tid=[13921], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13921 [pid 13909] <... futex resumed>) = 0 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13910] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] <... futex resumed>) = 0 [pid 13910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13909] <... futex resumed>) = 0 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13910] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13910] <... write resumed>) = 196608 [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] <... futex resumed>) = 0 [pid 13910] <... futex resumed>) = 1 [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = 0 [pid 13910] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 13909] <... futex resumed>) = 0 [pid 13910] <... mount resumed>) = 0 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 13921 attached [pid 13917] <... write resumed>) = 1048576 [pid 13917] munmap(0x7f1c2a016000, 1048576) = 0 [ 247.068356][T13914] loop4: detected capacity change from 0 to 2048 [ 247.076869][T13910] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/498/bus supports timestamps until 2038 (0x7fffffff) [ 247.099812][T13903] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 13917] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 13917] ioctl(4, LOOP_SET_FD, 3 [pid 13921] set_robust_list(0x7f1c324369e0, 24 [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13917] <... ioctl resumed>) = 0 [pid 13917] close(3) = 0 [pid 13917] mkdir("./bus", 0777) = 0 [pid 13917] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13921] <... set_robust_list resumed>) = 0 [pid 13910] <... futex resumed>) = 1 [pid 409] lstat("./489/bus", [pid 13909] <... futex resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13921] memfd_create("syzkaller", 0 [pid 13914] <... mount resumed>) = 0 [pid 13910] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13921] <... memfd_create resumed>) = 3 [pid 13914] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13910] <... open resumed>) = 6 [pid 13909] <... futex resumed>) = 0 [pid 13921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13914] <... openat resumed>) = 3 [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13921] <... mmap resumed>) = 0x7f1c2a016000 [pid 13910] <... futex resumed>) = 0 [pid 13909] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] openat(AT_FDCWD, "./489/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13914] chdir("./bus") = 0 [pid 13914] ioctl(4, LOOP_CLR_FD) = 0 [pid 13914] close(4) = 0 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13914] <... futex resumed>) = 1 [pid 13914] chdir("./file0") = 0 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13921] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13914] <... futex resumed>) = 1 [pid 13914] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13914] <... futex resumed>) = 1 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13910] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 4 [pid 13910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13909] <... futex resumed>) = 0 [pid 409] fstat(4, [pid 13910] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13921] <... write resumed>) = 1048576 [pid 13914] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./489/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [ 247.133718][T13914] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.135502][T13917] loop5: detected capacity change from 0 to 2048 [ 247.144911][T13914] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/495/bus supports timestamps until 2038 (0x7fffffff) [pid 409] rmdir("./489") = 0 [pid 409] mkdir("./490", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 13921] munmap(0x7f1c2a016000, 1048576 [pid 409] ioctl(3, LOOP_CLR_FD [pid 407] <... umount2 resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 407] umount2("./488/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./488/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13921] <... munmap resumed>) = 0 [pid 407] umount2("./488/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./488/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 13924 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13921] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 407] getdents64(4, [pid 13921] <... openat resumed>) = 4 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13921] ioctl(4, LOOP_SET_FD, 3 [pid 407] close(4) = 0 [pid 407] rmdir("./488/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./488") = 0 [pid 407] mkdir("./489", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13925 ./strace-static-x86_64: Process 13925 attached ./strace-static-x86_64: Process 13924 attached [pid 13921] <... ioctl resumed>) = 0 [pid 13914] <... openat resumed>) = 5 [pid 13910] <... write resumed>) = 1048576 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] <... futex resumed>) = 0 [pid 13909] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13909] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13910] <... futex resumed>) = 1 [pid 13910] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13921] close(3) = 0 [pid 13921] mkdir("./bus", 0777 [pid 13925] set_robust_list(0x555555f755e0, 24 [pid 13924] set_robust_list(0x555555f755e0, 24 [pid 13921] <... mkdir resumed>) = 0 [pid 13917] <... mount resumed>) = 0 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13921] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13924] <... set_robust_list resumed>) = 0 [pid 13924] chdir("./490") = 0 [pid 13924] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13924] setpgid(0, 0) = 0 [pid 13924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13924] write(3, "1000", 4) = 4 [pid 13924] close(3) = 0 [pid 13924] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13924] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13924] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13926], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13926 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13926 attached [pid 13926] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13926] memfd_create("syzkaller", 0) = 3 [pid 13926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13914] <... futex resumed>) = 0 [pid 13914] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13914] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13914] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13914] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13926] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13917] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13925] <... set_robust_list resumed>) = 0 [pid 13917] <... openat resumed>) = 3 [pid 13917] chdir("./bus") = 0 [pid 13925] chdir("./489" [pid 13917] ioctl(4, LOOP_CLR_FD [pid 13925] <... chdir resumed>) = 0 [pid 13917] <... ioctl resumed>) = 0 [pid 13925] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13917] close(4 [pid 13925] <... prctl resumed>) = 0 [ 247.177901][T13917] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.195397][T13921] loop1: detected capacity change from 0 to 2048 [ 247.200531][T13917] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/493/bus supports timestamps until 2038 (0x7fffffff) [ 247.213929][T13910] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13926] <... write resumed>) = 1048576 [pid 13926] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13926] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 13926] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 13926] close(3) = 0 [pid 13926] mkdir("./bus", 0777) = 0 [pid 13926] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13925] setpgid(0, 0 [pid 13917] <... close resumed>) = 0 [pid 13909] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13925] <... setpgid resumed>) = 0 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13917] <... futex resumed>) = 1 [pid 13915] <... futex resumed>) = 0 [pid 13909] <... futex resumed>) = 0 [pid 13925] <... openat resumed>) = 3 [pid 13925] write(3, "1000", 4 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13925] <... write resumed>) = 4 [pid 13915] <... futex resumed>) = 0 [pid 13909] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13910] <... openat resumed>) = 7 [pid 13909] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13910] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13925] close(3) = 0 [pid 13925] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13909] <... mprotect resumed>) = 0 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13917] chdir("./file0" [pid 13909] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13914] <... write resumed>) = 1048576 [pid 13925] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13917] <... chdir resumed>) = 0 [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] <... clone resumed>, parent_tid=[13931], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13931 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13914] <... futex resumed>) = 1 [pid 13917] <... futex resumed>) = 1 [pid 13909] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] <... futex resumed>) = 0 [pid 13909] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13909] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13915] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13911] <... futex resumed>) = 0 [pid 13911] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13925] <... mmap resumed>) = 0x7f1c32416000 [pid 13925] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13925] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13932], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13932 [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13917] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13914] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13917] <... open resumed>) = 4 [ 247.244802][T13926] loop2: detected capacity change from 0 to 2048 [ 247.252544][T13910] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 247.276159][T13926] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. ./strace-static-x86_64: Process 13932 attached ./strace-static-x86_64: Process 13931 attached [pid 13926] <... mount resumed>) = 0 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] set_robust_list(0x7f1c324369e0, 24 [pid 13926] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13932] <... set_robust_list resumed>) = 0 [pid 13926] <... openat resumed>) = 3 [pid 13932] memfd_create("syzkaller", 0 [pid 13926] chdir("./bus" [pid 13932] <... memfd_create resumed>) = 3 [pid 13926] <... chdir resumed>) = 0 [pid 13932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13926] ioctl(4, LOOP_CLR_FD [pid 13932] <... mmap resumed>) = 0x7f1c2a016000 [pid 13926] <... ioctl resumed>) = 0 [pid 13932] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13926] close(4) = 0 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13924] <... futex resumed>) = 0 [pid 13926] chdir("./file0" [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13926] <... chdir resumed>) = 0 [pid 13924] <... futex resumed>) = 0 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13926] <... futex resumed>) = 0 [pid 13924] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13926] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13932] <... write resumed>) = 1048576 [pid 13911] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13911] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13911] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13911] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13911] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13933], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13933 [pid 13911] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13911] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13915] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13909] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13917] <... futex resumed>) = 0 [pid 13926] <... open resumed>) = 4 [pid 13917] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13917] <... openat resumed>) = 5 [pid 13915] <... futex resumed>) = 0 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13917] <... futex resumed>) = 0 [pid 13915] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13926] <... futex resumed>) = 1 [pid 13924] <... futex resumed>) = 0 [pid 13917] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13917] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13915] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13917] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13926] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13926] <... openat resumed>) = 5 [pid 13924] <... futex resumed>) = 0 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13926] <... futex resumed>) = 0 [pid 13924] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13926] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13926] <... write resumed>) = 196608 [pid 13924] <... futex resumed>) = 0 [pid 13917] <... write resumed>) = 196608 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13924] <... futex resumed>) = 0 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13926] <... futex resumed>) = 1 [pid 13926] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13924] <... futex resumed>) = 0 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13926] <... futex resumed>) = 1 [pid 13926] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13924] <... futex resumed>) = 0 [pid 13926] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13932] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] ioctl(4, LOOP_SET_FD, 3 [pid 13917] <... futex resumed>) = 1 [pid 13915] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 247.276701][T13914] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.286959][T13926] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/490/bus supports timestamps until 2038 (0x7fffffff) [ 247.302929][T13921] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.327027][T13914] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 13917] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL./strace-static-x86_64: Process 13933 attached [pid 13931] set_robust_list(0x7f1c2a1159e0, 24 [pid 13917] <... mount resumed>) = 0 [pid 13932] <... ioctl resumed>) = 0 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] close(3) = 0 [pid 13932] mkdir("./bus", 0777) = 0 [pid 13932] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13917] <... futex resumed>) = 1 [pid 13915] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13917] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13933] set_robust_list(0x7f1c2a1159e0, 24 [pid 13931] <... set_robust_list resumed>) = 0 [pid 13926] <... write resumed>) = 1048576 [pid 13917] <... open resumed>) = 6 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13914] <... openat resumed>) = 7 [pid 13921] <... mount resumed>) = 0 [pid 13921] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13931] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13931] <... openat resumed>) = 8 [pid 13917] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13917] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13915] <... futex resumed>) = 0 [pid 13931] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13921] chdir("./bus") = 0 [pid 13921] ioctl(4, LOOP_CLR_FD) = 0 [pid 13921] close(4) = 0 [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13921] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13933] <... set_robust_list resumed>) = 0 [pid 13933] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13933] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13911] <... futex resumed>) = 0 [pid 13933] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13924] <... futex resumed>) = 0 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13926] <... futex resumed>) = 1 [pid 13926] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13931] <... futex resumed>) = 0 [pid 13918] <... futex resumed>) = 0 [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13931] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13921] <... futex resumed>) = 0 [pid 13918] <... futex resumed>) = 1 [pid 13909] exit_group(0 [pid 13914] <... futex resumed>) = 0 [pid 13914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13921] chdir("./file0" [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13931] <... futex resumed>) = ? [pid 13910] <... futex resumed>) = ? [pid 13909] <... exit_group resumed>) = ? [pid 13921] <... chdir resumed>) = 0 [pid 13910] +++ exited with 0 +++ [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13911] exit_group(0 [pid 13933] <... futex resumed>) = ? [pid 13911] <... exit_group resumed>) = ? [pid 13933] +++ exited with 0 +++ [pid 13914] <... futex resumed>) = ? [pid 13931] +++ exited with 0 +++ [pid 13909] +++ exited with 0 +++ [pid 13921] <... futex resumed>) = 1 [pid 13918] <... futex resumed>) = 0 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13921] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13909, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 13918] <... futex resumed>) = 0 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 13921] <... open resumed>) = 4 [pid 410] <... restart_syscall resumed>) = 0 [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13918] <... futex resumed>) = 0 [pid 13921] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13921] <... openat resumed>) = 5 [pid 13918] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13921] <... futex resumed>) = 0 [pid 13918] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... openat resumed>) = 3 [pid 13921] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] fstat(3, [pid 13921] <... write resumed>) = 196608 [pid 13918] <... futex resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./498/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./498/binderfs") = 0 [pid 410] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13926] <... openat resumed>) = 7 [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13914] +++ exited with 0 +++ [pid 13911] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13911, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 411] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13921] <... futex resumed>) = 1 [pid 13918] <... futex resumed>) = 0 [pid 13917] <... write resumed>) = 1048576 [pid 411] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13926] <... futex resumed>) = 1 [pid 13924] <... futex resumed>) = 0 [pid 13921] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = 0 [pid 13926] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13924] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13921] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13918] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13926] <... openat resumed>) = 8 [pid 13924] <... futex resumed>) = 0 [pid 13921] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13926] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13924] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13921] <... mount resumed>) = 0 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./495/binderfs", [pid 13926] <... futex resumed>) = 0 [pid 13924] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13926] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13924] exit_group(0 [pid 13921] <... futex resumed>) = 0 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] unlink("./495/binderfs" [pid 13926] <... futex resumed>) = ? [pid 13924] <... exit_group resumed>) = ? [pid 13921] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13918] <... futex resumed>) = 0 [pid 13926] +++ exited with 0 +++ [pid 13924] +++ exited with 0 +++ [pid 13921] <... open resumed>) = 6 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... unlink resumed>) = 0 [pid 410] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13918] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13924, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 13921] <... futex resumed>) = 0 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13921] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13918] <... futex resumed>) = 0 [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] lstat("./498/bus", [pid 409] <... restart_syscall resumed>) = 0 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./490", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./490", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13915] <... futex resumed>) = 0 [pid 410] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13917] <... futex resumed>) = 1 [pid 13915] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 3 [pid 13917] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13915] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] fstat(3, [pid 13915] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] openat(AT_FDCWD, "./498/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, [pid 410] <... openat resumed>) = 4 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./490/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] fstat(4, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] lstat("./490/binderfs", [pid 410] getdents64(4, [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./490/binderfs") = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [ 247.341063][T13932] loop0: detected capacity change from 0 to 2048 [ 247.348832][T13921] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/495/bus supports timestamps until 2038 (0x7fffffff) [ 247.363675][T13926] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.379715][T13926] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 409] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13921] <... write resumed>) = 1048576 [pid 410] getdents64(4, [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13921] <... futex resumed>) = 1 [pid 13918] <... futex resumed>) = 0 [pid 410] close(4 [pid 13921] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... close resumed>) = 0 [pid 13918] <... futex resumed>) = 0 [pid 410] rmdir("./498/bus" [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... rmdir resumed>) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./498") = 0 [pid 411] <... umount2 resumed>) = 0 [pid 410] mkdir("./499", 0777 [pid 411] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... mkdir resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 411] lstat("./495/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./495/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./495/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./495") = 0 [pid 411] mkdir("./496", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13936 [ 247.419645][T13917] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.434942][T13921] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.435425][T13932] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 410] <... openat resumed>) = 3 ./strace-static-x86_64: Process 13936 attached [pid 13932] <... mount resumed>) = 0 [pid 13921] <... openat resumed>) = 7 [pid 13915] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] ioctl(3, LOOP_CLR_FD [pid 13936] set_robust_list(0x555555f755e0, 24 [pid 13932] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13936] <... set_robust_list resumed>) = 0 [pid 13932] <... openat resumed>) = 3 [pid 13932] chdir("./bus") = 0 [pid 13932] ioctl(4, LOOP_CLR_FD) = 0 [pid 13921] <... futex resumed>) = 1 [pid 13918] <... futex resumed>) = 0 [pid 13915] <... futex resumed>) = 0 [pid 410] close(3 [pid 13936] chdir("./496" [pid 13932] close(4 [pid 13921] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13918] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13917] <... openat resumed>) = 7 [pid 410] <... close resumed>) = 0 [pid 13936] <... chdir resumed>) = 0 [pid 13932] <... close resumed>) = 0 [pid 13921] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13918] <... futex resumed>) = 0 [pid 13917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13936] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13921] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13918] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13915] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13936] <... prctl resumed>) = 0 [pid 13921] <... openat resumed>) = 8 [pid 13915] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 13937 [pid 13936] setpgid(0, 0 [pid 13921] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] <... mprotect resumed>) = 0 [pid 13936] <... setpgid resumed>) = 0 [pid 13921] <... futex resumed>) = 1 [pid 13918] <... futex resumed>) = 0 [pid 13915] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13921] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13918] exit_group(0 [pid 13936] <... openat resumed>) = 3 [pid 13921] <... futex resumed>) = ? [pid 13918] <... exit_group resumed>) = ? [pid 13915] <... clone resumed>, parent_tid=[13938], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13938 [pid 13936] write(3, "1000", 4 [pid 13921] +++ exited with 0 +++ [pid 13918] +++ exited with 0 +++ [pid 13915] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13936] <... write resumed>) = 4 [pid 13915] <... futex resumed>) = 0 [pid 13936] close(3 [pid 13915] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13918, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 13936] <... close resumed>) = 0 [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 13936] symlink("/dev/binderfs", "./binderfs") = 0 [pid 408] <... restart_syscall resumed>) = 0 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13936] <... mmap resumed>) = 0x7f1c32416000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13936] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 408] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13936] <... mprotect resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 13936] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13936] <... clone resumed>, parent_tid=[13939], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13939 [pid 408] getdents64(3, [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13936] <... futex resumed>) = 0 [pid 408] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13932] <... futex resumed>) = 1 [pid 13925] <... futex resumed>) = 0 [pid 408] lstat("./495/binderfs", [pid 13932] chdir("./file0" [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13932] <... chdir resumed>) = 0 [pid 13925] <... futex resumed>) = 0 [pid 408] unlink("./495/binderfs" [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... unlink resumed>) = 0 [pid 13932] <... futex resumed>) = 0 [pid 13925] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13932] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13917] <... futex resumed>) = 0 [pid 13917] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 13937 attached [pid 13937] set_robust_list(0x555555f755e0, 24) = 0 [pid 13937] chdir("./499") = 0 [pid 13937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13937] setpgid(0, 0) = 0 [pid 13937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13937] write(3, "1000", 4) = 4 [pid 13937] close(3) = 0 [pid 13937] symlink("/dev/binderfs", "./binderfs" [pid 13932] <... open resumed>) = 4 [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 13939 attached ./strace-static-x86_64: Process 13938 attached ) = 1 [pid 13925] <... futex resumed>) = 0 [pid 13939] set_robust_list(0x7f1c324369e0, 24 [pid 13938] set_robust_list(0x7f1c2a1159e0, 24 [pid 13937] <... symlink resumed>) = 0 [pid 13932] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13925] <... futex resumed>) = 0 [pid 13939] <... set_robust_list resumed>) = 0 [pid 13938] <... set_robust_list resumed>) = 0 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13938] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13938] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13915] <... futex resumed>) = 0 [pid 13915] exit_group(0 [pid 13932] <... openat resumed>) = 5 [pid 13917] <... futex resumed>) = ? [pid 13915] <... exit_group resumed>) = ? [pid 13917] +++ exited with 0 +++ [pid 13938] <... futex resumed>) = ? [pid 13938] +++ exited with 0 +++ [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13915] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13915, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 412] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13939] memfd_create("syzkaller", 0 [pid 13937] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13939] <... memfd_create resumed>) = 3 [pid 13937] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13937] <... mmap resumed>) = 0x7f1c32416000 [pid 412] <... openat resumed>) = 3 [pid 13939] <... mmap resumed>) = 0x7f1c2a016000 [pid 13937] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 412] fstat(3, [pid 13937] <... mprotect resumed>) = 0 [pid 13932] <... futex resumed>) = 1 [pid 13925] <... futex resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13937] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13932] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, [pid 13925] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13937] <... clone resumed>, parent_tid=[13940], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13940 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13937] <... futex resumed>) = 0 [pid 412] lstat("./493/binderfs", [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./493/binderfs") = 0 [pid 412] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13939] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13932] <... write resumed>) = 196608 [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13925] <... futex resumed>) = 0 [pid 13932] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13932] <... mount resumed>) = 0 [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = 0 [pid 13932] <... futex resumed>) = 1 [pid 13925] <... futex resumed>) = 0 [pid 13932] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [ 247.459981][T13932] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/489/bus supports timestamps until 2038 (0x7fffffff) [ 247.465769][T13921] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 247.480959][T13917] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13932] <... open resumed>) = 6 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13925] <... futex resumed>) = 0 [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13925] <... futex resumed>) = 0 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... write resumed>) = 1048576 [pid 13939] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13939] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 13939] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13940 attached [pid 409] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13940] set_robust_list(0x7f1c324369e0, 24 [pid 409] lstat("./490/bus", [pid 13940] <... set_robust_list resumed>) = 0 [pid 13939] <... ioctl resumed>) = 0 [pid 13939] close(3) = 0 [pid 13939] mkdir("./bus", 0777 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13939] <... mkdir resumed>) = 0 [pid 13939] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./490/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, [pid 13940] memfd_create("syzkaller", 0) = 3 [pid 13940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13932] <... write resumed>) = 1048576 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(4, [pid 13940] <... mmap resumed>) = 0x7f1c2a016000 [pid 412] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] lstat("./495/bus", [pid 412] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13925] <... futex resumed>) = 0 [pid 409] getdents64(4, [pid 13925] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13925] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13925] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] lstat("./493/bus", [pid 408] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] close(4 [pid 13932] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... close resumed>) = 0 [pid 408] openat(AT_FDCWD, "./495/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] rmdir("./490/bus" [pid 408] fstat(4, [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "./493/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(3, [pid 412] <... openat resumed>) = 4 [ 247.527747][T13939] loop4: detected capacity change from 0 to 2048 [ 247.554951][T13932] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 412] fstat(4, [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] getdents64(4, [pid 13940] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13940] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13940] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 13940] ioctl(4, LOOP_SET_FD, 3 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] close(3 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13940] <... ioctl resumed>) = 0 [pid 13940] close(3) = 0 [pid 13940] mkdir("./bus", 0777) = 0 [pid 13940] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./493/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./493") = 0 [pid 412] mkdir("./494", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13943 ./strace-static-x86_64: Process 13943 attached [pid 13943] set_robust_list(0x555555f755e0, 24) = 0 [pid 13943] chdir("./494") = 0 [pid 13943] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13943] setpgid(0, 0) = 0 [pid 13943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13943] write(3, "1000", 4) = 4 [pid 13943] close(3) = 0 [pid 13943] symlink("/dev/binderfs", "./binderfs") = 0 [pid 409] <... close resumed>) = 0 [pid 408] close(4 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 408] <... close resumed>) = 0 [pid 409] rmdir("./490" [pid 408] rmdir("./495/bus" [pid 13943] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13939] <... mount resumed>) = 0 [pid 13925] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 409] <... rmdir resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 13925] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] mkdir("./491", 0777 [pid 408] getdents64(3, [pid 13925] <... futex resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13925] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 408] close(3 [pid 13925] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] <... openat resumed>) = 3 [pid 408] <... close resumed>) = 0 [pid 13925] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] rmdir("./495" [pid 13925] <... mprotect resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] <... rmdir resumed>) = 0 [pid 13925] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] close(3 [pid 408] mkdir("./496", 0777 [pid 13943] <... mprotect resumed>) = 0 [pid 13939] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13932] <... openat resumed>) = 7 [pid 409] <... close resumed>) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 13925] <... clone resumed>, parent_tid=[13946], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13946 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13925] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 13925] <... futex resumed>) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 13947 [pid 408] ioctl(3, LOOP_CLR_FD [pid 13925] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13948 ./strace-static-x86_64: Process 13948 attached [pid 13948] set_robust_list(0x555555f755e0, 24) = 0 [pid 13948] chdir("./496") = 0 [pid 13948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13948] setpgid(0, 0) = 0 [pid 13948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13948] write(3, "1000", 4) = 4 [pid 13948] close(3) = 0 [pid 13948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13948] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13948] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13949], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13949 [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13949 attached [pid 13949] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13949] memfd_create("syzkaller", 0) = 3 [pid 13949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13939] <... openat resumed>) = 3 [pid 13943] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13939] chdir("./bus") = 0 [pid 13943] <... clone resumed>, parent_tid=[13950], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13950 ./strace-static-x86_64: Process 13950 attached [pid 13932] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 13947 attached ./strace-static-x86_64: Process 13946 attached [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13939] ioctl(4, LOOP_CLR_FD [pid 13932] <... futex resumed>) = 0 [pid 13950] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13949] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13947] set_robust_list(0x555555f755e0, 24 [pid 13946] set_robust_list(0x7f1c2a1159e0, 24 [pid 13943] <... futex resumed>) = 0 [pid 13939] <... ioctl resumed>) = 0 [ 247.560817][T13939] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.577394][T13940] loop3: detected capacity change from 0 to 2048 [ 247.580412][T13939] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/496/bus supports timestamps until 2038 (0x7fffffff) [ 247.598825][T13932] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 13932] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13939] close(4) = 0 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13936] <... futex resumed>) = 0 [pid 13939] chdir("./file0" [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13939] <... chdir resumed>) = 0 [pid 13936] <... futex resumed>) = 0 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... futex resumed>) = 0 [pid 13936] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13939] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13939] <... open resumed>) = 4 [pid 13936] <... futex resumed>) = 0 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... futex resumed>) = 0 [pid 13936] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13939] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13939] <... openat resumed>) = 5 [pid 13936] <... futex resumed>) = 0 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... futex resumed>) = 0 [pid 13936] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13939] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... write resumed>) = 196608 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13936] <... futex resumed>) = 0 [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... futex resumed>) = 1 [pid 13939] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13936] <... futex resumed>) = 0 [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13950] memfd_create("syzkaller", 0 [pid 13939] <... open resumed>) = 6 [pid 13950] <... memfd_create resumed>) = 3 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13939] <... futex resumed>) = 1 [pid 13936] <... futex resumed>) = 0 [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... mmap resumed>) = 0x7f1c2a016000 [pid 13939] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13947] <... set_robust_list resumed>) = 0 [pid 13940] <... mount resumed>) = 0 [pid 13947] chdir("./491" [pid 13940] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13947] <... chdir resumed>) = 0 [pid 13940] <... openat resumed>) = 3 [pid 13947] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13940] chdir("./bus" [pid 13947] <... prctl resumed>) = 0 [pid 13940] <... chdir resumed>) = 0 [pid 13947] setpgid(0, 0 [pid 13940] ioctl(4, LOOP_CLR_FD) = 0 [pid 13940] close(4 [pid 13950] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13949] <... write resumed>) = 1048576 [pid 13947] <... setpgid resumed>) = 0 [pid 13940] <... close resumed>) = 0 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13937] <... futex resumed>) = 0 [pid 13947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] munmap(0x7f1c2a016000, 1048576 [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13937] <... futex resumed>) = 0 [pid 13940] chdir("./file0" [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13940] <... chdir resumed>) = 0 [pid 13947] <... openat resumed>) = 3 [pid 13946] <... set_robust_list resumed>) = 0 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13946] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13940] <... futex resumed>) = 1 [pid 13937] <... futex resumed>) = 0 [pid 13949] <... munmap resumed>) = 0 [pid 13947] write(3, "1000", 4 [pid 13946] <... openat resumed>) = 8 [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13946] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13937] <... futex resumed>) = 0 [pid 13946] <... futex resumed>) = 1 [pid 13940] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13925] <... futex resumed>) = 0 [pid 13949] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13947] <... write resumed>) = 4 [pid 13946] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13940] <... open resumed>) = 4 [pid 13925] exit_group(0 [pid 13946] <... futex resumed>) = ? [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13932] <... futex resumed>) = ? [pid 13925] <... exit_group resumed>) = ? [pid 13950] <... write resumed>) = 1048576 [pid 13949] <... openat resumed>) = 4 [pid 13947] close(3 [pid 13946] +++ exited with 0 +++ [pid 13940] <... futex resumed>) = 1 [pid 13937] <... futex resumed>) = 0 [pid 13932] +++ exited with 0 +++ [pid 13925] +++ exited with 0 +++ [pid 13950] munmap(0x7f1c2a016000, 1048576 [pid 13949] ioctl(4, LOOP_SET_FD, 3 [pid 13947] <... close resumed>) = 0 [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13939] <... write resumed>) = 1048576 [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13925, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 13950] <... munmap resumed>) = 0 [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13937] <... futex resumed>) = 0 [pid 13940] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13939] <... futex resumed>) = 1 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13936] <... futex resumed>) = 0 [pid 13940] <... openat resumed>) = 5 [pid 13939] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13936] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13939] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13936] <... futex resumed>) = 0 [pid 13940] <... futex resumed>) = 1 [pid 13939] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13937] <... futex resumed>) = 0 [pid 13936] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 13949] <... ioctl resumed>) = 0 [pid 13947] symlink("/dev/binderfs", "./binderfs" [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 13950] <... openat resumed>) = 4 [ 247.621336][T13940] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.631964][T13940] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/499/bus supports timestamps until 2038 (0x7fffffff) [ 247.667045][T13949] loop1: detected capacity change from 0 to 2048 [pid 13949] close(3 [pid 13947] <... symlink resumed>) = 0 [pid 407] <... restart_syscall resumed>) = 0 [pid 13950] ioctl(4, LOOP_SET_FD, 3 [pid 13949] <... close resumed>) = 0 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13937] <... futex resumed>) = 0 [pid 13940] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... ioctl resumed>) = 0 [pid 13949] mkdir("./bus", 0777 [pid 13947] <... futex resumed>) = 0 [pid 13940] <... write resumed>) = 196608 [pid 13950] close(3 [pid 13949] <... mkdir resumed>) = 0 [pid 13947] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] umount2("./489", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13950] <... close resumed>) = 0 [pid 13949] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13947] <... mmap resumed>) = 0x7f1c32416000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13950] mkdir("./bus", 0777 [pid 13947] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] openat(AT_FDCWD, "./489", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13950] <... mkdir resumed>) = 0 [pid 13947] <... mprotect resumed>) = 0 [pid 13940] <... futex resumed>) = 1 [pid 13937] <... futex resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 13950] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13947] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] fstat(3, [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13937] <... futex resumed>) = 0 [pid 13940] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13940] <... mount resumed>) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13947] <... clone resumed>, parent_tid=[13952], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13952 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] <... futex resumed>) = 1 [pid 13937] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 13947] <... futex resumed>) = 0 [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13937] <... futex resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13940] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./489/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13940] <... open resumed>) = 6 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13940] <... futex resumed>) = 1 [pid 13937] <... futex resumed>) = 0 [pid 407] lstat("./489/binderfs", [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13937] <... futex resumed>) = 0 [pid 407] unlink("./489/binderfs" [pid 13940] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13952 attached [pid 407] <... unlink resumed>) = 0 [pid 13952] set_robust_list(0x7f1c324369e0, 24 [pid 407] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13952] <... set_robust_list resumed>) = 0 [pid 13952] memfd_create("syzkaller", 0) = 3 [pid 13952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13952] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13952] munmap(0x7f1c2a016000, 1048576) = 0 [ 247.671751][T13939] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.675823][T13950] loop5: detected capacity change from 0 to 2048 [ 247.702291][T13939] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 13952] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 13952] ioctl(4, LOOP_SET_FD, 3 [pid 13936] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13936] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13936] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13936] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13955], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13955 [pid 13936] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13936] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13939] <... openat resumed>) = 7 [pid 13952] <... ioctl resumed>) = 0 [pid 13939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13939] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13952] close(3./strace-static-x86_64: Process 13955 attached ) = 0 [pid 13949] <... mount resumed>) = 0 [pid 13955] set_robust_list(0x7f1c2a1159e0, 24 [pid 13952] mkdir("./bus", 0777 [pid 13949] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13952] <... mkdir resumed>) = 0 [pid 13955] <... set_robust_list resumed>) = 0 [pid 13952] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13949] <... openat resumed>) = 3 [pid 13955] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13949] chdir("./bus" [pid 13955] <... openat resumed>) = 8 [pid 13949] <... chdir resumed>) = 0 [pid 13955] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] ioctl(4, LOOP_CLR_FD [pid 13955] <... futex resumed>) = 1 [pid 13949] <... ioctl resumed>) = 0 [pid 13955] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13949] close(4) = 0 [pid 13936] <... futex resumed>) = 0 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13949] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13940] <... write resumed>) = 1048576 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13936] exit_group(0 [pid 13955] <... futex resumed>) = ? [pid 13936] <... exit_group resumed>) = ? [pid 13955] +++ exited with 0 +++ [pid 13948] <... futex resumed>) = 0 [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] <... futex resumed>) = 0 [pid 13948] <... futex resumed>) = 1 [pid 13949] chdir("./file0" [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13949] <... chdir resumed>) = 0 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13948] <... futex resumed>) = 0 [pid 13949] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] <... open resumed>) = 4 [pid 13948] <... futex resumed>) = 0 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13949] <... futex resumed>) = 0 [pid 13948] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13949] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13937] <... futex resumed>) = 0 [ 247.724245][T13949] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.728707][T13952] loop2: detected capacity change from 0 to 2048 [ 247.742746][T13949] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/496/bus supports timestamps until 2038 (0x7fffffff) [ 247.761244][T13950] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] <... openat resumed>) = 5 [pid 13940] <... futex resumed>) = 0 [pid 13939] <... futex resumed>) = ? [pid 13937] <... futex resumed>) = 1 [pid 407] <... umount2 resumed>) = 0 [pid 13950] <... mount resumed>) = 0 [pid 13950] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13950] chdir("./bus") = 0 [pid 13950] ioctl(4, LOOP_CLR_FD) = 0 [pid 13950] close(4) = 0 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] chdir("./file0" [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13939] +++ exited with 0 +++ [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13936] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13936, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./496/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./496/binderfs") = 0 [pid 411] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13950] <... chdir resumed>) = 0 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... futex resumed>) = 1 [pid 13950] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13949] <... futex resumed>) = 1 [pid 13948] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./489/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./489/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13949] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13948] <... futex resumed>) = 0 [pid 13949] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13949] <... write resumed>) = 196608 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./489/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./496/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./496/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] getdents64(4, [pid 411] <... openat resumed>) = 4 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 407] rmdir("./489/bus" [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./496/bus" [pid 407] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./489") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [ 247.771893][T13950] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/494/bus supports timestamps until 2038 (0x7fffffff) [ 247.775278][T13952] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.797752][T13940] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 411] rmdir("./496" [pid 13949] <... futex resumed>) = 1 [pid 13948] <... futex resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 407] mkdir("./490", 0777) = 0 [pid 411] mkdir("./497", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13960 ./strace-static-x86_64: Process 13960 attached [pid 13949] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13940] <... openat resumed>) = 7 [pid 13949] <... mount resumed>) = 0 [pid 13948] <... futex resumed>) = 0 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13949] <... futex resumed>) = 0 [pid 13948] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13949] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13949] <... open resumed>) = 6 [pid 13948] <... futex resumed>) = 0 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13949] <... futex resumed>) = 0 [pid 13948] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13949] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13960] set_robust_list(0x555555f755e0, 24 [pid 13952] <... mount resumed>) = 0 [pid 13948] <... futex resumed>) = 0 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13960] <... set_robust_list resumed>) = 0 [pid 13960] chdir("./490") = 0 [pid 13960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13960] setpgid(0, 0) = 0 [pid 13960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13960] write(3, "1000", 4) = 4 [pid 13960] close(3) = 0 [pid 13960] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13960] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13960] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13960] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13961], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13961 [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13937] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13937] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13937] <... futex resumed>) = 0 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13950] <... write resumed>) = 1048576 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13943] <... futex resumed>) = 0 [pid 13950] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13943] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13950] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13943] <... futex resumed>) = 0 [pid 13950] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13943] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13960] <... futex resumed>) = 0 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13952] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13940] <... futex resumed>) = 1 [pid 13937] <... futex resumed>) = 0 [pid 13937] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 13940] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13952] chdir("./bus" [pid 13940] <... openat resumed>) = 8 [pid 13952] <... chdir resumed>) = 0 [pid 13952] ioctl(4, LOOP_CLR_FD) = 0 [pid 13952] close(4) = 0 [pid 13940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13940] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] <... futex resumed>) = 0 [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13952] <... futex resumed>) = 1 [pid 13952] chdir("./file0"./strace-static-x86_64: Process 13961 attached [pid 13961] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13961] memfd_create("syzkaller", 0) = 3 [pid 13961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13961] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13961] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13961] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 13961] ioctl(4, LOOP_SET_FD, 3 [pid 13952] <... chdir resumed>) = 0 [pid 13937] <... futex resumed>) = 0 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13937] exit_group(0 [pid 13952] <... futex resumed>) = 1 [pid 13947] <... futex resumed>) = 0 [pid 13937] <... exit_group resumed>) = ? [pid 13940] <... futex resumed>) = ? [pid 13952] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... ioctl resumed>) = 0 [pid 13961] close(3) = 0 [pid 13940] +++ exited with 0 +++ [pid 13937] +++ exited with 0 +++ [pid 13961] mkdir("./bus", 0777 [pid 13952] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13947] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13937, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [ 247.822528][T13940] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 247.827064][T13952] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/491/bus supports timestamps until 2038 (0x7fffffff) [ 247.848878][T13950] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.860966][T13961] loop0: detected capacity change from 0 to 2048 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... mkdir resumed>) = 0 [pid 13952] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 411] ioctl(3, LOOP_CLR_FD [pid 13949] <... write resumed>) = 1048576 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13948] <... futex resumed>) = 0 [pid 13948] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13948] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13949] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13961] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13952] <... open resumed>) = 4 [pid 13950] <... openat resumed>) = 7 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] close(3 [pid 13952] <... futex resumed>) = 1 [pid 13947] <... futex resumed>) = 0 [pid 13952] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 13952] <... openat resumed>) = 5 [pid 13947] <... futex resumed>) = 0 [pid 13943] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13952] <... futex resumed>) = 0 [pid 13947] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13952] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13950] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] <... futex resumed>) = 0 [pid 13943] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13943] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 13962 [pid 410] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13943] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 410] <... openat resumed>) = 3 ./strace-static-x86_64: Process 13962 attached [pid 13952] <... write resumed>) = 196608 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13943] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 410] fstat(3, [pid 13950] <... futex resumed>) = 0 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13943] <... mprotect resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13962] set_robust_list(0x555555f755e0, 24 [pid 13952] <... futex resumed>) = 0 [pid 13950] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13943] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13943] <... clone resumed>, parent_tid=[13963], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13963 [pid 410] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13943] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13943] <... futex resumed>) = 0 [pid 410] lstat("./499/binderfs", [pid 13943] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./499/binderfs") = 0 [pid 410] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13962] <... set_robust_list resumed>) = 0 [pid 13962] chdir("./497") = 0 [pid 13962] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13962] setpgid(0, 0) = 0 [pid 13962] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13962] write(3, "1000", 4) = 4 [pid 13962] close(3) = 0 [pid 13962] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13962] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13962] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13962] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13964], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13964 [pid 13947] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13963 attached [pid 13952] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 13962] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13964 attached [pid 13964] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13964] memfd_create("syzkaller", 0) = 3 [pid 13964] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13947] <... futex resumed>) = 0 [pid 13952] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13952] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13952] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13947] <... futex resumed>) = 0 [pid 13952] <... open resumed>) = 6 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 247.878871][T13950] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 247.883318][T13949] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.906459][T13949] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 13964] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 13963] set_robust_list(0x7f1c2a1159e0, 24 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13952] <... futex resumed>) = 0 [pid 13947] <... futex resumed>) = 0 [pid 13952] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13963] <... set_robust_list resumed>) = 0 [pid 13948] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13948] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13948] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13948] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13967], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13967 [pid 13948] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13948] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13964] munmap(0x7f1c2a016000, 1048576 [pid 13949] <... openat resumed>) = 7 [pid 13964] <... munmap resumed>) = 0 [pid 13949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13949] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13964] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 13964] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13967 attached ) = 0 [pid 13963] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13961] <... mount resumed>) = 0 [pid 13967] set_robust_list(0x7f1c2a1159e0, 24 [pid 13963] <... openat resumed>) = 8 [pid 13961] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13967] <... set_robust_list resumed>) = 0 [pid 13963] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... openat resumed>) = 3 [pid 13967] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13963] <... futex resumed>) = 1 [pid 13961] chdir("./bus" [pid 13943] <... futex resumed>) = 0 [pid 13967] <... openat resumed>) = 8 [pid 13963] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13961] <... chdir resumed>) = 0 [pid 13943] exit_group(0 [pid 13967] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13963] <... futex resumed>) = ? [pid 13961] ioctl(4, LOOP_CLR_FD [pid 13943] <... exit_group resumed>) = ? [pid 13967] <... futex resumed>) = 1 [pid 13963] +++ exited with 0 +++ [pid 13961] <... ioctl resumed>) = 0 [pid 13967] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13961] close(4) = 0 [pid 13948] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] chdir("./file0" [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13964] close(3) = 0 [pid 13964] mkdir("./bus", 0777) = 0 [pid 13964] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13961] <... chdir resumed>) = 0 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13952] <... write resumed>) = 1048576 [pid 13948] exit_group(0 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13948] <... exit_group resumed>) = ? [pid 13967] <... futex resumed>) = -1 (errno 18446744073709551414) [pid 13961] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13952] <... futex resumed>) = 1 [pid 13947] <... futex resumed>) = 0 [pid 13967] +++ exited with 0 +++ [pid 13950] <... futex resumed>) = ? [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13952] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13961] <... open resumed>) = 4 [pid 13950] +++ exited with 0 +++ [pid 13949] <... futex resumed>) = ? [pid 13947] <... futex resumed>) = 0 [pid 13943] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13943, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 13949] +++ exited with 0 +++ [pid 13948] +++ exited with 0 +++ [pid 412] <... restart_syscall resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13948, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... restart_syscall resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] fstat(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] getdents64(3, [pid 408] <... openat resumed>) = 3 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] fstat(3, [pid 412] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] getdents64(3, [pid 412] lstat("./494/binderfs", [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] unlink("./494/binderfs" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... unlink resumed>) = 0 [pid 408] lstat("./496/binderfs", [pid 412] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./496/binderfs") = 0 [pid 408] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13961] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 247.920914][T13961] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 247.934796][T13961] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/490/bus supports timestamps until 2038 (0x7fffffff) [ 247.946136][T13964] loop4: detected capacity change from 0 to 2048 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... openat resumed>) = 5 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13961] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... write resumed>) = 196608 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13961] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... mount resumed>) = 0 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13961] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... open resumed>) = 6 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13961] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13952] <... openat resumed>) = 7 [pid 410] <... umount2 resumed>) = 0 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13952] <... futex resumed>) = 1 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13952] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] lstat("./499/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13947] <... futex resumed>) = 0 [pid 410] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 13947] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] openat(AT_FDCWD, "./499/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13947] <... futex resumed>) = 1 [pid 410] close(4) = 0 [pid 410] rmdir("./499/bus" [pid 13947] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... rmdir resumed>) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./499") = 0 [pid 410] mkdir("./500", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13970 [pid 13961] <... write resumed>) = 1048576 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13960] <... futex resumed>) = 0 [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... futex resumed>) = 1 [pid 13961] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13952] <... futex resumed>) = 0 [pid 13952] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 13952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13947] <... futex resumed>) = 0 [pid 13947] exit_group(0) = ? [ 247.966098][T13952] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 247.989580][T13952] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 248.003681][T13964] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 248.008854][T13961] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13952] <... futex resumed>) = ? [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./494/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./494/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./494/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./494") = 0 [pid 412] mkdir("./495", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 13961] <... openat resumed>) = 7 [pid 408] <... umount2 resumed>) = 0 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13961] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13960] <... futex resumed>) = 0 [pid 13961] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13960] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13961] <... openat resumed>) = 8 [pid 13961] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13960] <... futex resumed>) = 0 [pid 13961] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13960] exit_group(0 [pid 13961] <... futex resumed>) = ? [pid 13960] <... exit_group resumed>) = ? [pid 13961] +++ exited with 0 +++ [pid 13960] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13960, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 407] umount2("./490", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./490", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./490/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./490/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./490/binderfs") = 0 [pid 407] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] ioctl(3, LOOP_CLR_FD [pid 13952] +++ exited with 0 +++ [pid 13947] +++ exited with 0 +++ [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13947, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 412] close(3 [pid 409] <... restart_syscall resumed>) = 0 [pid 409] umount2("./491", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... close resumed>) = 0 [pid 409] getdents64(3, ./strace-static-x86_64: Process 13970 attached [pid 13964] <... mount resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13970] set_robust_list(0x555555f755e0, 24 [pid 13964] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13970] <... set_robust_list resumed>) = 0 [pid 13964] <... openat resumed>) = 3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13970] chdir("./500" [pid 13964] chdir("./bus" [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] lstat("./496/bus", [pid 13970] <... chdir resumed>) = 0 [pid 13964] <... chdir resumed>) = 0 [pid 409] umount2("./491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13970] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13964] ioctl(4, LOOP_CLR_FD [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13970] <... prctl resumed>) = 0 [pid 13964] <... ioctl resumed>) = 0 [pid 13970] setpgid(0, 0 [pid 13964] close(4 [pid 13970] <... setpgid resumed>) = 0 [pid 13964] <... close resumed>) = 0 [pid 408] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13970] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./491/binderfs", [pid 13970] <... openat resumed>) = 3 [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13970] write(3, "1000", 4 [pid 13964] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "./496/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13970] <... write resumed>) = 4 [pid 13964] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13962] <... futex resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13970] close(3 [pid 13964] chdir("./file0" [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... openat resumed>) = 4 [pid 13970] <... close resumed>) = 0 [pid 13970] symlink("/dev/binderfs", "./binderfs" [pid 13964] <... chdir resumed>) = 0 [pid 408] fstat(4, [pid 13970] <... symlink resumed>) = 0 [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] unlink("./491/binderfs" [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 13970] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13964] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13962] <... futex resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 408] getdents64(4, [pid 13970] <... mmap resumed>) = 0x7f1c32416000 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13970] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13970] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13971], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13971 [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(4, [pid 13970] <... futex resumed>) = 0 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13964] <... open resumed>) = 4 [pid 409] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] close(4 [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... close resumed>) = 0 [pid 13964] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] rmdir("./496/bus" [pid 13964] <... openat resumed>) = 5 [pid 408] <... rmdir resumed>) = 0 [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(3, [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 13964] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13962] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13964] <... write resumed>) = 196608 [pid 408] close(3./strace-static-x86_64: Process 13971 attached [pid 13971] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13971] memfd_create("syzkaller", 0) = 3 [pid 13971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./496") = 0 [pid 408] mkdir("./497", 0777) = 0 [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 13972 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 13964] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] ioctl(3, LOOP_CLR_FD [pid 13964] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13964] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 13962] <... futex resumed>) = 0 [pid 408] close(3 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... close resumed>) = 0 [pid 13971] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13964] <... mount resumed>) = 0 [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 13973 [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13964] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13962] <... futex resumed>) = 0 [pid 13964] <... open resumed>) = 6 [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13964] <... futex resumed>) = 0 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13964] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13971] <... write resumed>) = 1048576 [pid 13971] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13971] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 248.028058][T13961] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 248.039298][T13964] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/497/bus supports timestamps until 2038 (0x7fffffff) [pid 13971] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 13973 attached [pid 13973] set_robust_list(0x555555f755e0, 24) = 0 [pid 13973] chdir("./497") = 0 [pid 13973] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13973] setpgid(0, 0) = 0 [pid 13973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 13972 attached [pid 13973] write(3, "1000", 4 [pid 13971] <... ioctl resumed>) = 0 [pid 13971] close(3) = 0 [pid 13971] mkdir("./bus", 0777) = 0 [pid 13971] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./490/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./490/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./490/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./490/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./490") = 0 [pid 407] mkdir("./491", 0777 [pid 13972] set_robust_list(0x555555f755e0, 24 [pid 407] <... mkdir resumed>) = 0 [pid 13973] <... write resumed>) = 4 [pid 13972] <... set_robust_list resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 13973] close(3 [pid 13972] chdir("./495" [pid 407] <... openat resumed>) = 3 [pid 13973] <... close resumed>) = 0 [pid 13972] <... chdir resumed>) = 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 13973] symlink("/dev/binderfs", "./binderfs" [pid 13972] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13973] <... symlink resumed>) = 0 [pid 13972] <... prctl resumed>) = 0 [pid 407] close(3 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] setpgid(0, 0 [pid 407] <... close resumed>) = 0 [pid 13973] <... futex resumed>) = 0 [pid 13972] <... setpgid resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13973] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13973] <... mmap resumed>) = 0x7f1c32416000 [pid 13972] <... openat resumed>) = 3 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 13974 [pid 13973] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 13972] write(3, "1000", 4 [pid 13973] <... mprotect resumed>) = 0 [pid 13972] <... write resumed>) = 4 [pid 13973] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13972] close(3) = 0 [pid 13973] <... clone resumed>, parent_tid=[13975], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13975 [pid 13972] symlink("/dev/binderfs", "./binderfs" [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] <... symlink resumed>) = 0 [pid 13973] <... futex resumed>) = 0 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13972] <... futex resumed>) = 0 [pid 13972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13972] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13972] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13976], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13976 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./491/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./491/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 13974 attached ) = 4 [pid 13964] <... write resumed>) = 1048576 [pid 409] fstat(4, [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13964] <... futex resumed>) = 1 [pid 13962] <... futex resumed>) = 0 [pid 409] getdents64(4, [pid 13964] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13962] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13962] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13976 attached ./strace-static-x86_64: Process 13975 attached [pid 13974] set_robust_list(0x555555f755e0, 24 [pid 409] getdents64(4, [pid 13976] set_robust_list(0x7f1c324369e0, 24 [pid 13975] set_robust_list(0x7f1c324369e0, 24 [pid 13974] <... set_robust_list resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13976] <... set_robust_list resumed>) = 0 [pid 13975] <... set_robust_list resumed>) = 0 [pid 13974] chdir("./491" [pid 409] close(4 [pid 13976] memfd_create("syzkaller", 0 [pid 13975] memfd_create("syzkaller", 0 [pid 13974] <... chdir resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 13976] <... memfd_create resumed>) = 3 [pid 13975] <... memfd_create resumed>) = 3 [pid 13974] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 409] rmdir("./491/bus" [pid 13976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13974] <... prctl resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 13976] <... mmap resumed>) = 0x7f1c2a016000 [pid 13975] <... mmap resumed>) = 0x7f1c2a016000 [pid 13974] setpgid(0, 0 [pid 409] getdents64(3, [pid 13976] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13975] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13974] <... setpgid resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 409] close(3 [pid 13974] <... openat resumed>) = 3 [pid 409] <... close resumed>) = 0 [pid 13974] write(3, "1000", 4 [pid 409] rmdir("./491" [pid 13974] <... write resumed>) = 4 [pid 409] <... rmdir resumed>) = 0 [pid 13974] close(3 [pid 409] mkdir("./492", 0777 [pid 13974] <... close resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 13974] symlink("/dev/binderfs", "./binderfs" [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 13974] <... symlink resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] ioctl(3, LOOP_CLR_FD [pid 13974] <... futex resumed>) = 0 [ 248.079530][T13971] loop3: detected capacity change from 0 to 2048 [ 248.112582][T13964] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 13974] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] close(3 [pid 13974] <... mmap resumed>) = 0x7f1c32416000 [pid 409] <... close resumed>) = 0 [pid 13974] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 13974] <... mprotect resumed>) = 0 [pid 13974] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 13979 [pid 13974] <... clone resumed>, parent_tid=[13980], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13980 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13975] <... write resumed>) = 1048576 [pid 13975] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13975] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 13975] ioctl(4, LOOP_SET_FD, 3 [pid 13976] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 13980 attached ./strace-static-x86_64: Process 13979 attached [pid 13980] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13979] set_robust_list(0x555555f755e0, 24 [pid 13980] memfd_create("syzkaller", 0 [pid 13976] munmap(0x7f1c2a016000, 1048576 [pid 13979] <... set_robust_list resumed>) = 0 [pid 13976] <... munmap resumed>) = 0 [pid 13979] chdir("./492" [pid 13976] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 13980] <... memfd_create resumed>) = 3 [pid 13976] <... openat resumed>) = 4 [pid 13980] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 13976] ioctl(4, LOOP_SET_FD, 3 [pid 13979] <... chdir resumed>) = 0 [pid 13980] <... mmap resumed>) = 0x7f1c2a016000 [pid 13979] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13979] setpgid(0, 0) = 0 [pid 13979] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13979] write(3, "1000", 4) = 4 [pid 13979] close(3) = 0 [pid 13979] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13979] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13979] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13979] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13981], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13981 [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 13962] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13962] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13962] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13962] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13962] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13982], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13982 [pid 13962] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13962] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13981 attached [pid 13981] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13981] memfd_create("syzkaller", 0) = 3 [pid 13981] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13976] <... ioctl resumed>) = 0 [pid 13975] <... ioctl resumed>) = 0 [pid 13980] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13981] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 13982 attached [pid 13982] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 248.133923][T13971] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 248.143444][T13975] loop1: detected capacity change from 0 to 2048 [ 248.156715][T13976] loop5: detected capacity change from 0 to 2048 [ 248.167159][T13971] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/500/bus supports timestamps until 2038 (0x7fffffff) [pid 13982] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13980] <... write resumed>) = 1048576 [pid 13980] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 13976] close(3 [pid 13975] close(3 [pid 13976] <... close resumed>) = 0 [pid 13975] <... close resumed>) = 0 [pid 13976] mkdir("./bus", 0777 [pid 13975] mkdir("./bus", 0777 [pid 13980] ioctl(4, LOOP_SET_FD, 3 [pid 13981] <... write resumed>) = 1048576 [pid 13976] <... mkdir resumed>) = 0 [pid 13975] <... mkdir resumed>) = 0 [pid 13971] <... mount resumed>) = 0 [pid 13964] <... openat resumed>) = 7 [pid 13976] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13975] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13964] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13982] <... openat resumed>) = 8 [pid 13964] <... futex resumed>) = 0 [pid 13982] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13964] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13982] <... futex resumed>) = 1 [pid 13982] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13962] <... futex resumed>) = 0 [pid 13962] exit_group(0) = ? [pid 13982] <... futex resumed>) = ? [pid 13981] munmap(0x7f1c2a016000, 1048576 [pid 13980] <... ioctl resumed>) = 0 [pid 13971] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13964] <... futex resumed>) = ? [pid 13982] +++ exited with 0 +++ [pid 13981] <... munmap resumed>) = 0 [pid 13980] close(3 [pid 13971] <... openat resumed>) = 3 [pid 13964] +++ exited with 0 +++ [pid 13962] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13962, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./497/binderfs") = 0 [pid 411] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13981] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 13980] <... close resumed>) = 0 [pid 13971] chdir("./bus") = 0 [pid 13971] ioctl(4, LOOP_CLR_FD) = 0 [pid 13971] close(4) = 0 [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13971] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13980] mkdir("./bus", 0777) = 0 [pid 13981] <... openat resumed>) = 4 [pid 13981] ioctl(4, LOOP_SET_FD, 3 [pid 13980] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13970] <... futex resumed>) = 0 [pid 13981] <... ioctl resumed>) = 0 [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13981] close(3 [pid 13970] <... futex resumed>) = 1 [pid 13981] <... close resumed>) = 0 [pid 13981] mkdir("./bus", 0777 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13981] <... mkdir resumed>) = 0 [pid 13981] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13971] <... futex resumed>) = 0 [ 248.176549][T13964] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 248.188389][T13980] loop0: detected capacity change from 0 to 2048 [ 248.206375][T13981] loop2: detected capacity change from 0 to 2048 [ 248.219570][T13976] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [pid 13971] chdir("./file0" [pid 13975] <... mount resumed>) = 0 [pid 13971] <... chdir resumed>) = 0 [pid 13975] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13975] chdir("./bus") = 0 [pid 13975] ioctl(4, LOOP_CLR_FD) = 0 [pid 13975] close(4) = 0 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13975] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13976] <... mount resumed>) = 0 [pid 13976] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 13976] chdir("./bus") = 0 [pid 13976] ioctl(4, LOOP_CLR_FD) = 0 [pid 13976] close(4) = 0 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13976] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13971] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13973] <... futex resumed>) = 0 [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] <... futex resumed>) = 0 [pid 13973] <... futex resumed>) = 1 [pid 13975] chdir("./file0" [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13972] <... futex resumed>) = 0 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13976] <... futex resumed>) = 0 [pid 13976] chdir("./file0" [pid 13975] <... chdir resumed>) = 0 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13973] <... futex resumed>) = 0 [pid 13975] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] <... futex resumed>) = 0 [pid 13975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13973] <... futex resumed>) = 0 [pid 13975] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13975] <... open resumed>) = 4 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] <... futex resumed>) = 1 [pid 13973] <... futex resumed>) = 0 [pid 13975] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13973] <... futex resumed>) = 0 [pid 13975] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13975] <... openat resumed>) = 5 [pid 411] <... umount2 resumed>) = 0 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] <... futex resumed>) = 0 [pid 13970] <... futex resumed>) = 1 [pid 13975] <... futex resumed>) = 1 [pid 13973] <... futex resumed>) = 0 [pid 13971] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13975] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13973] <... futex resumed>) = 0 [pid 13975] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13975] <... write resumed>) = 196608 [pid 13971] <... open resumed>) = 4 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13973] <... futex resumed>) = 0 [pid 13975] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] <... mount resumed>) = 0 [pid 13973] <... futex resumed>) = 0 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13975] <... futex resumed>) = 0 [pid 13973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13975] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] <... open resumed>) = 6 [pid 13973] <... futex resumed>) = 0 [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13971] <... futex resumed>) = 1 [pid 13970] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13975] <... futex resumed>) = 0 [pid 13973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13971] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] lstat("./497/bus", [pid 13975] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13970] <... futex resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13975] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13973] <... futex resumed>) = 0 [pid 13971] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 248.219733][T13975] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/497/bus supports timestamps until 2038 (0x7fffffff) [ 248.242040][T13976] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/495/bus supports timestamps until 2038 (0x7fffffff) [ 248.243448][T13980] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/491/bus supports timestamps until 2038 (0x7fffffff) [pid 411] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13975] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13971] <... openat resumed>) = 5 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13980] <... mount resumed>) = 0 [pid 13976] <... chdir resumed>) = 0 [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./497/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13980] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] <... futex resumed>) = 1 [pid 13970] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 13980] <... openat resumed>) = 3 [pid 13976] <... futex resumed>) = 1 [pid 13972] <... futex resumed>) = 0 [pid 13971] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] fstat(4, [pid 13980] chdir("./bus" [pid 13976] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13970] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13980] <... chdir resumed>) = 0 [pid 13976] <... open resumed>) = 4 [pid 13972] <... futex resumed>) = 0 [pid 13971] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(4, [pid 13980] ioctl(4, LOOP_CLR_FD [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13971] <... write resumed>) = 196608 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 13980] <... ioctl resumed>) = 0 [pid 13976] <... futex resumed>) = 0 [pid 13972] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(4, [pid 13980] close(4 [pid 13976] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] <... futex resumed>) = 1 [pid 13970] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 13981] <... mount resumed>) = 0 [pid 13972] <... futex resumed>) = 0 [pid 13981] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(4 [pid 13970] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] rmdir("./497/bus" [pid 13981] <... openat resumed>) = 3 [pid 13981] chdir("./bus") = 0 [pid 13981] ioctl(4, LOOP_CLR_FD) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 411] getdents64(3, [pid 13981] close(4) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 411] close(3 [pid 13979] <... futex resumed>) = 0 [pid 13981] chdir("./file0" [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 13979] <... futex resumed>) = 0 [pid 411] rmdir("./497" [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] <... close resumed>) = 0 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13980] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13974] <... futex resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] mkdir("./498", 0777 [pid 13974] <... futex resumed>) = 1 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 13991 attached [pid 13991] set_robust_list(0x555555f755e0, 24) = 0 [pid 13971] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 13991] chdir("./498") = 0 [pid 13991] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 13991] setpgid(0, 0) = 0 [pid 13991] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 13991] write(3, "1000", 4) = 4 [pid 13991] close(3) = 0 [pid 13991] symlink("/dev/binderfs", "./binderfs") = 0 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13991] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 13991] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13991] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13971] <... mount resumed>) = 0 [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 13991 [pid 13971] <... futex resumed>) = 1 [pid 13970] <... futex resumed>) = 0 [pid 13971] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13970] <... futex resumed>) = 0 [pid 13980] <... futex resumed>) = 0 [pid 13971] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13991] <... clone resumed>, parent_tid=[13992], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 13992 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 13992 attached [pid 13992] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 13992] memfd_create("syzkaller", 0) = 3 [pid 13992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13971] <... open resumed>) = 6 [pid 13980] chdir("./file0" [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13970] <... futex resumed>) = 0 [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] <... chdir resumed>) = 0 [pid 13971] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13975] <... write resumed>) = 1048576 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] <... futex resumed>) = 0 [pid 13980] <... futex resumed>) = 1 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 13975] <... futex resumed>) = 1 [pid 13973] <... futex resumed>) = 0 [pid 13973] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13992] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13980] <... futex resumed>) = 1 [pid 13974] <... futex resumed>) = 0 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13992] <... write resumed>) = 1048576 [pid 13992] munmap(0x7f1c2a016000, 1048576) = 0 [pid 13992] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 248.281819][T13981] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/492/bus supports timestamps until 2038 (0x7fffffff) [ 248.315848][T13975] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13992] ioctl(4, LOOP_SET_FD, 3 [pid 13981] <... chdir resumed>) = 0 [pid 13980] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13976] <... openat resumed>) = 5 [pid 13992] <... ioctl resumed>) = 0 [pid 13980] <... openat resumed>) = 5 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] close(3) = 0 [pid 13992] mkdir("./bus", 0777) = 0 [pid 13992] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13980] <... futex resumed>) = 1 [pid 13974] <... futex resumed>) = 0 [pid 13980] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13980] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13981] <... futex resumed>) = 1 [pid 13979] <... futex resumed>) = 0 [pid 13976] <... futex resumed>) = 1 [pid 13974] <... futex resumed>) = 0 [pid 13972] <... futex resumed>) = 0 [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13979] <... futex resumed>) = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] <... write resumed>) = 196608 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13980] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13974] <... futex resumed>) = 0 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13981] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13980] <... futex resumed>) = 0 [pid 13980] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 13976] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13980] <... mount resumed>) = 0 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] <... futex resumed>) = 0 [pid 13980] <... futex resumed>) = 1 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13980] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13974] <... futex resumed>) = 0 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] <... open resumed>) = 6 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13981] <... open resumed>) = 4 [pid 13980] <... futex resumed>) = 1 [pid 13974] <... futex resumed>) = 0 [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13980] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] <... futex resumed>) = 0 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13979] <... futex resumed>) = 0 [pid 13981] <... futex resumed>) = 1 [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13981] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13979] <... futex resumed>) = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13981] <... openat resumed>) = 5 [pid 13976] <... write resumed>) = 196608 [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13979] <... futex resumed>) = 0 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13976] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] <... futex resumed>) = 0 [pid 13970] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13970] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13979] <... futex resumed>) = 0 [pid 13970] <... futex resumed>) = 0 [pid 13972] <... futex resumed>) = 1 [pid 13976] <... futex resumed>) = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13976] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13971] <... write resumed>) = 1048576 [pid 13970] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13981] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13976] <... mount resumed>) = 0 [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13976] <... futex resumed>) = 1 [pid 13972] <... futex resumed>) = 0 [pid 13971] <... futex resumed>) = 0 [pid 13970] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13976] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13970] <... mprotect resumed>) = 0 [pid 13976] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13972] <... futex resumed>) = 0 [pid 13976] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13970] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13976] <... open resumed>) = 6 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 13972] <... futex resumed>) = 0 [pid 13976] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] <... clone resumed>, parent_tid=[13994], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13994 [pid 13976] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13972] <... futex resumed>) = 0 [pid 13970] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13976] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13970] <... futex resumed>) = 0 [pid 13973] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13973] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 13973] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13973] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13973] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13973] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13995], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13995 [pid 13973] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13973] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13970] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13995 attached [pid 13995] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13995] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 13994 attached ) = 8 [pid 13975] <... openat resumed>) = 7 [pid 13995] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13975] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13995] <... futex resumed>) = 1 [pid 13973] <... futex resumed>) = 0 [pid 13995] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13973] exit_group(0 [pid 13995] <... futex resumed>) = ? [pid 13975] <... futex resumed>) = ? [pid 13973] <... exit_group resumed>) = ? [pid 13995] +++ exited with 0 +++ [pid 13981] <... write resumed>) = 196608 [pid 13975] +++ exited with 0 +++ [pid 13973] +++ exited with 0 +++ [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13973, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 13979] <... futex resumed>) = 0 [pid 13981] <... futex resumed>) = 1 [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13981] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 13979] <... futex resumed>) = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13981] <... mount resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13981] <... futex resumed>) = 1 [pid 13979] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 13981] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] fstat(3, [pid 13979] <... futex resumed>) = 0 [pid 13981] <... open resumed>) = 6 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(3, [pid 13979] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13981] <... futex resumed>) = 0 [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13981] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13979] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./497/binderfs" [pid 13994] set_robust_list(0x7f1c2a1159e0, 24 [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13994] <... set_robust_list resumed>) = 0 [ 248.318432][T13992] loop4: detected capacity change from 0 to 2048 [ 248.349087][T13975] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 13994] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13974] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13974] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13974] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13974] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13980] <... write resumed>) = 1048576 [pid 13974] <... mprotect resumed>) = 0 [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 13980] <... futex resumed>) = 0 [pid 13974] <... clone resumed>, parent_tid=[13997], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13997 [pid 13976] <... write resumed>) = 1048576 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] <... futex resumed>) = 0 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13976] <... futex resumed>) = 1 [pid 13976] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 13997 attached [pid 13992] <... mount resumed>) = 0 [pid 13980] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13974] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13997] set_robust_list(0x7f1c2a1159e0, 24 [pid 13992] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13974] <... futex resumed>) = 0 [pid 13970] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13997] <... set_robust_list resumed>) = 0 [pid 13992] <... openat resumed>) = 3 [pid 13974] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13971] <... futex resumed>) = 0 [pid 13970] <... futex resumed>) = 1 [pid 13997] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13992] chdir("./bus" [pid 13971] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 248.385647][T13994] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 248.401966][T13992] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/498/bus supports timestamps until 2038 (0x7fffffff) [ 248.409615][T13976] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 13970] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13992] <... chdir resumed>) = 0 [pid 13981] <... write resumed>) = 1048576 [pid 13979] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13992] ioctl(4, LOOP_CLR_FD [pid 13979] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] <... ioctl resumed>) = 0 [pid 13979] <... futex resumed>) = 0 [pid 13992] close(4 [pid 13979] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 13992] <... close resumed>) = 0 [pid 13979] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13979] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 13992] <... futex resumed>) = 1 [pid 13979] <... mprotect resumed>) = 0 [pid 13992] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13979] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[13998], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 13998 [pid 13979] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13979] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 13998 attached [pid 13991] <... futex resumed>) = 0 [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13976] <... openat resumed>) = 7 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./497/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./497/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./497/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./497") = 0 [pid 408] mkdir("./498", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 13999 [pid 13998] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 13998] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13981] <... futex resumed>) = 0 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13972] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13992] <... futex resumed>) = 0 [pid 13991] <... futex resumed>) = 1 [pid 13981] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13976] <... futex resumed>) = 0 [pid 13972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] chdir("./file0" [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13976] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13972] <... futex resumed>) = 0 [pid 13992] <... chdir resumed>) = 0 [pid 13976] <... openat resumed>) = 8 [pid 13972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] <... futex resumed>) = 1 [pid 13991] <... futex resumed>) = 0 [pid 13976] <... futex resumed>) = 1 [pid 13972] <... futex resumed>) = 0 [pid 13992] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13976] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13972] exit_group(0 [pid 13992] <... open resumed>) = 4 [pid 13991] <... futex resumed>) = 0 [pid 13976] <... futex resumed>) = ? [pid 13972] <... exit_group resumed>) = ? [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13976] +++ exited with 0 +++ [pid 13972] +++ exited with 0 +++ [pid 13992] <... futex resumed>) = 0 [pid 13991] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13992] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13972, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 13992] <... openat resumed>) = 5 [pid 13991] <... futex resumed>) = 0 [pid 412] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13992] <... futex resumed>) = 0 [pid 13991] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13992] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13994] <... openat resumed>) = 7 [pid 13974] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13971] <... openat resumed>) = 8 [pid 13970] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... openat resumed>) = 3 [ 248.420144][T13997] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 248.433152][T13976] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 248.442576][T13994] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 248.455576][T13997] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 248.466095][T13998] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 ./strace-static-x86_64: Process 13999 attached [pid 13992] <... write resumed>) = 196608 [pid 13991] <... futex resumed>) = 0 [pid 412] fstat(3, [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13999] set_robust_list(0x555555f755e0, 24 [pid 13997] <... openat resumed>) = 7 [pid 13994] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] <... futex resumed>) = 0 [pid 13991] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13974] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13971] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13970] exit_group(0 [pid 412] getdents64(3, [pid 13998] <... openat resumed>) = 7 [pid 13999] <... set_robust_list resumed>) = 0 [pid 13994] <... futex resumed>) = ? [pid 13992] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13980] <... futex resumed>) = 0 [pid 13974] <... futex resumed>) = 1 [pid 13971] <... futex resumed>) = ? [pid 13970] <... exit_group resumed>) = ? [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13999] chdir("./498" [pid 13994] +++ exited with 0 +++ [pid 13992] <... mount resumed>) = 0 [pid 13991] <... futex resumed>) = 0 [pid 13980] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13974] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13971] +++ exited with 0 +++ [pid 13970] +++ exited with 0 +++ [pid 412] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13999] <... chdir resumed>) = 0 [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] <... openat resumed>) = 8 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13999] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 13997] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] <... futex resumed>) = 0 [pid 13991] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13980] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13970, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 13999] <... prctl resumed>) = 0 [pid 13997] <... futex resumed>) = 0 [pid 13992] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13980] <... futex resumed>) = 1 [pid 13974] <... futex resumed>) = 0 [pid 412] lstat("./495/binderfs", [pid 13999] setpgid(0, 0 [pid 13997] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13991] <... futex resumed>) = 0 [pid 13980] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13979] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13974] exit_group(0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 13999] <... setpgid resumed>) = 0 [pid 13998] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 13997] <... futex resumed>) = ? [pid 13992] <... open resumed>) = 6 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13980] <... futex resumed>) = ? [pid 13979] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 13974] <... exit_group resumed>) = ? [pid 412] unlink("./495/binderfs" [pid 13999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 13997] +++ exited with 0 +++ [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13991] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13980] +++ exited with 0 +++ [pid 13979] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... unlink resumed>) = 0 [pid 13999] <... openat resumed>) = 3 [pid 13992] <... futex resumed>) = 0 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13979] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13974] +++ exited with 0 +++ [pid 412] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13999] write(3, "1000", 4 [pid 13998] <... futex resumed>) = 0 [pid 13992] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13991] <... futex resumed>) = 0 [pid 13981] <... futex resumed>) = 0 [pid 13979] <... futex resumed>) = 1 [pid 13999] <... write resumed>) = 4 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13981] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13979] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13974, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 13999] close(3 [pid 13998] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13981] <... openat resumed>) = 8 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13999] <... close resumed>) = 0 [pid 13981] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13999] symlink("/dev/binderfs", "./binderfs" [pid 13981] <... futex resumed>) = 1 [pid 13979] <... futex resumed>) = 0 [pid 13999] <... symlink resumed>) = 0 [pid 13981] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13979] exit_group(0 [pid 410] <... openat resumed>) = 3 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13998] <... futex resumed>) = ? [pid 13981] <... futex resumed>) = ? [pid 13979] <... exit_group resumed>) = ? [pid 410] fstat(3, [pid 13999] <... futex resumed>) = 0 [pid 13998] +++ exited with 0 +++ [pid 13981] +++ exited with 0 +++ [pid 13979] +++ exited with 0 +++ [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 13999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] getdents64(3, [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13979, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 13999] <... mmap resumed>) = 0x7f1c32416000 [pid 13999] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 13999] <... mprotect resumed>) = 0 [pid 410] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13999] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] umount2("./491", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./492", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13999] <... clone resumed>, parent_tid=[14000], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14000 [pid 410] lstat("./500/binderfs", [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 13999] <... futex resumed>) = 0 [pid 410] unlink("./500/binderfs" [pid 407] openat(AT_FDCWD, "./491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] openat(AT_FDCWD, "./492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] <... unlink resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 407] <... openat resumed>) = 3 [pid 410] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] fstat(3, [pid 407] fstat(3, [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] getdents64(3, ./strace-static-x86_64: Process 14000 attached 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./492/binderfs", [pid 407] lstat("./491/binderfs", [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14000] set_robust_list(0x7f1c324369e0, 24 [pid 409] unlink("./492/binderfs" [pid 407] unlink("./491/binderfs" [pid 14000] <... set_robust_list resumed>) = 0 [pid 407] <... unlink resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 407] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14000] memfd_create("syzkaller", 0) = 3 [pid 14000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14000] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14000] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14000] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 248.480567][T13998] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14000] ioctl(4, LOOP_SET_FD, 3 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./500/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./500/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./500/bus") = 0 [pid 14000] <... ioctl resumed>) = 0 [pid 410] getdents64(3, [pid 14000] close(3 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14000] <... close resumed>) = 0 [pid 410] close(3 [pid 14000] mkdir("./bus", 0777 [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./500" [pid 14000] <... mkdir resumed>) = 0 [pid 14000] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 410] <... rmdir resumed>) = 0 [pid 410] mkdir("./501", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = 0 [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14002 [pid 13992] <... write resumed>) = 1048576 [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13991] <... futex resumed>) = 0 [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 13992] <... futex resumed>) = 1 [pid 13992] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14002 attached [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./492/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./492/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./492/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./492") = 0 [pid 409] mkdir("./493", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14003 [pid 14002] set_robust_list(0x555555f755e0, 24) = 0 [pid 14002] chdir("./501") = 0 [pid 14002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14002] setpgid(0, 0) = 0 [pid 14002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14002] write(3, "1000", 4) = 4 [pid 14002] close(3) = 0 ./strace-static-x86_64: Process 14003 attached [pid 14002] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14003] set_robust_list(0x555555f755e0, 24 [pid 14002] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14003] <... set_robust_list resumed>) = 0 [pid 14002] <... mmap resumed>) = 0x7f1c32416000 [pid 14003] chdir("./493" [pid 14002] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14003] <... chdir resumed>) = 0 [pid 14002] <... mprotect resumed>) = 0 [pid 14003] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14002] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14003] <... prctl resumed>) = 0 [pid 14003] setpgid(0, 0 [pid 14002] <... clone resumed>, parent_tid=[14005], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14005 [pid 14003] <... setpgid resumed>) = 0 [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14002] <... futex resumed>) = 0 [pid 14003] <... openat resumed>) = 3 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14003] write(3, "1000", 4) = 4 [pid 14003] close(3) = 0 [pid 14003] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14003] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14003] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14003] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14006], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14006 [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14005 attached [pid 14005] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14005] memfd_create("syzkaller", 0) = 3 [ 248.519772][T14000] loop1: detected capacity change from 0 to 2048 [ 248.546112][T13992] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14005] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14005] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14005] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14005] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 14006 attached [pid 14006] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14006] memfd_create("syzkaller", 0) = 3 [pid 14006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 13992] <... openat resumed>) = 7 [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14000] <... mount resumed>) = 0 [pid 14006] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14005] <... openat resumed>) = 4 [pid 13992] <... futex resumed>) = 1 [pid 13991] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 13992] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13991] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 13992] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13991] <... futex resumed>) = 0 [pid 13992] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13991] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] ioctl(4, LOOP_SET_FD, 3 [pid 14000] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 13992] <... openat resumed>) = 8 [pid 14006] <... write resumed>) = 1048576 [pid 14000] <... openat resumed>) = 3 [pid 13992] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 13992] <... futex resumed>) = 1 [pid 13991] <... futex resumed>) = 0 [pid 13992] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13991] exit_group(0 [pid 13992] <... futex resumed>) = ? [pid 13991] <... exit_group resumed>) = ? [pid 14006] munmap(0x7f1c2a016000, 1048576 [pid 14005] <... ioctl resumed>) = 0 [pid 14000] chdir("./bus" [pid 13992] +++ exited with 0 +++ [pid 13991] +++ exited with 0 +++ [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./495/bus", [pid 407] lstat("./491/bus", [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./491/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13991, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 411] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] openat(AT_FDCWD, "./495/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 3 [pid 407] openat(AT_FDCWD, "./491/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] fstat(3, [pid 14000] <... chdir resumed>) = 0 [pid 412] <... openat resumed>) = 4 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... openat resumed>) = 4 [pid 14000] ioctl(4, LOOP_CLR_FD [pid 412] fstat(4, [pid 411] getdents64(3, [pid 407] fstat(4, [pid 14000] <... ioctl resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14000] close(4 [pid 412] getdents64(4, [pid 411] lstat("./498/binderfs", [pid 407] getdents64(4, [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14000] <... close resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] unlink("./498/binderfs" [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(4, [pid 407] getdents64(4, [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14000] chdir("./file0" [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14000] <... chdir resumed>) = 0 [pid 412] close(4 [pid 407] close(4 [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 411] <... unlink resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 411] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [pid 412] rmdir("./495/bus" [pid 407] rmdir("./491/bus" [pid 14000] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... rmdir resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 407] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 407] close(3 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 412] rmdir("./495" [pid 407] rmdir("./491" [pid 412] <... rmdir resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 412] mkdir("./496", 0777 [pid 407] mkdir("./492", 0777 [pid 412] <... mkdir resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 412] <... openat resumed>) = 3 [pid 407] <... openat resumed>) = 3 [pid 14000] <... open resumed>) = 4 [pid 412] ioctl(3, LOOP_CLR_FD [pid 407] ioctl(3, LOOP_CLR_FD [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [pid 412] close(3 [pid 407] close(3 [pid 14000] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 14000] <... openat resumed>) = 5 [pid 13999] <... futex resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] close(3 [pid 13999] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14007 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14008 [pid 14006] <... munmap resumed>) = 0 [pid 14005] <... close resumed>) = 0 [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14005] mkdir("./bus", 0777 [pid 13999] <... futex resumed>) = 0 [pid 14006] <... openat resumed>) = 4 [pid 14005] <... mkdir resumed>) = 0 [pid 14000] <... futex resumed>) = 0 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14006] ioctl(4, LOOP_SET_FD, 3 [pid 14005] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14000] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14007 attached [pid 14007] set_robust_list(0x555555f755e0, 24) = 0 [pid 14007] chdir("./496") = 0 [pid 14007] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./498/bus", [pid 14007] <... prctl resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14007] setpgid(0, 0) = 0 [pid 14007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 411] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./498/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14007] write(3, "1000", 4) = 4 [pid 411] getdents64(4, [pid 14007] close(3 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14000] <... write resumed>) = 196608 [pid 411] getdents64(4, [pid 14007] <... close resumed>) = 0 [pid 14007] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14007] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14007] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14010], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14010 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14010 attached [pid 14010] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14010] memfd_create("syzkaller", 0) = 3 [pid 14010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(4 [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [ 248.565137][T13992] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 248.575252][T14000] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/498/bus supports timestamps until 2038 (0x7fffffff) [ 248.599276][T14005] loop3: detected capacity change from 0 to 2048 [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14010] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14010] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14010] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14010] ioctl(4, LOOP_SET_FD, 3 [pid 14000] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 13999] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] rmdir("./498/bus" [pid 14000] <... mount resumed>) = 0 ./strace-static-x86_64: Process 14008 attached [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 14008] set_robust_list(0x555555f755e0, 24 [pid 14000] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14000] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13999] <... futex resumed>) = 0 [pid 411] close(3 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... close resumed>) = 0 [pid 14000] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 411] rmdir("./498" [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [pid 14000] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] mkdir("./499", 0777 [pid 14010] <... ioctl resumed>) = 0 [pid 14010] close(3) = 0 [pid 14010] mkdir("./bus", 0777) = 0 [pid 14010] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14006] <... ioctl resumed>) = 0 [pid 14006] close(3) = 0 [pid 14006] mkdir("./bus", 0777) = 0 [pid 14006] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 13999] <... futex resumed>) = 0 [pid 14008] <... set_robust_list resumed>) = 0 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14008] chdir("./492") = 0 [pid 14008] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14008] setpgid(0, 0) = 0 [pid 14008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14008] write(3, "1000", 4 [pid 14005] <... mount resumed>) = 0 [pid 14005] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14008] <... write resumed>) = 4 [pid 14008] close(3) = 0 [pid 14008] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] <... openat resumed>) = 3 [pid 14008] <... futex resumed>) = 0 [pid 14005] chdir("./bus" [pid 14008] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14005] <... chdir resumed>) = 0 [pid 14008] <... mmap resumed>) = 0x7f1c32416000 [pid 14005] ioctl(4, LOOP_CLR_FD [pid 14008] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14005] <... ioctl resumed>) = 0 [pid 14008] <... mprotect resumed>) = 0 [pid 14005] close(4 [pid 14008] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14005] <... close resumed>) = 0 [pid 14008] <... clone resumed>, parent_tid=[14013], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14013 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14008] <... futex resumed>) = 0 [pid 14002] <... futex resumed>) = 0 [pid 14005] <... futex resumed>) = 1 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14005] chdir("./file0" [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] <... chdir resumed>) = 0 [pid 14002] <... futex resumed>) = 0 [ 248.640708][T14006] loop2: detected capacity change from 0 to 2048 [ 248.646464][T14010] loop5: detected capacity change from 0 to 2048 [ 248.661390][T14005] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/501/bus supports timestamps until 2038 (0x7fffffff) [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14013 attached ) = 0 [pid 14002] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14013] set_robust_list(0x7f1c324369e0, 24 [pid 14005] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] <... set_robust_list resumed>) = 0 [pid 14005] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14002] <... futex resumed>) = 0 [pid 14013] memfd_create("syzkaller", 0 [pid 14005] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14013] <... memfd_create resumed>) = 3 [pid 14013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14013] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14000] <... write resumed>) = 1048576 [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 14000] <... futex resumed>) = 1 [pid 13999] <... futex resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 14000] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 13999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14000] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 13999] <... futex resumed>) = 0 [pid 411] close(3 [pid 14000] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... close resumed>) = 0 [pid 14005] <... open resumed>) = 4 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14002] <... futex resumed>) = 0 [pid 14005] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14002] <... futex resumed>) = 0 [pid 14005] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] <... openat resumed>) = 5 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14002] <... futex resumed>) = 0 [pid 14005] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14002] <... futex resumed>) = 0 [pid 14005] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] <... write resumed>) = 196608 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14002] <... futex resumed>) = 0 [pid 14005] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] <... mount resumed>) = 0 [pid 14002] <... futex resumed>) = 0 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] <... futex resumed>) = 0 [pid 14002] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14005] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] <... open resumed>) = 6 [pid 14002] <... futex resumed>) = 0 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14005] <... futex resumed>) = 0 [pid 14002] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14005] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14010] <... mount resumed>) = 0 [pid 14010] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14010] chdir("./bus") = 0 [pid 14010] ioctl(4, LOOP_CLR_FD) = 0 [pid 14010] close(4) = 0 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14010] chdir("./file0") = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14016 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14010] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14005] <... write resumed>) = 1048576 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14002] <... futex resumed>) = 0 [pid 14005] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14002] <... futex resumed>) = 0 [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14010] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14010] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14010] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [ 248.690534][T14010] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/496/bus supports timestamps until 2038 (0x7fffffff) [ 248.704804][T14000] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14010] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14016 attached [pid 14013] <... write resumed>) = 1048576 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14016] set_robust_list(0x555555f755e0, 24 [pid 14013] munmap(0x7f1c2a016000, 1048576 [pid 14016] <... set_robust_list resumed>) = 0 [pid 14013] <... munmap resumed>) = 0 [pid 14016] chdir("./499" [pid 14013] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14016] <... chdir resumed>) = 0 [pid 14013] <... openat resumed>) = 4 [pid 14016] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14013] ioctl(4, LOOP_SET_FD, 3 [pid 14016] <... prctl resumed>) = 0 [pid 13999] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 13999] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 13999] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 13999] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14019], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14019 [pid 13999] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 13999] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 1 [pid 14005] <... openat resumed>) = 7 [pid 14010] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14005] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14019 attached [pid 14016] setpgid(0, 0 [pid 14013] <... ioctl resumed>) = 0 [pid 14006] <... mount resumed>) = 0 [pid 14002] <... futex resumed>) = 0 [pid 14000] <... openat resumed>) = 7 [pid 14019] set_robust_list(0x7f1c2a1159e0, 24 [pid 14016] <... setpgid resumed>) = 0 [pid 14013] close(3 [pid 14006] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14019] <... set_robust_list resumed>) = 0 [pid 14016] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14013] <... close resumed>) = 0 [pid 14006] <... openat resumed>) = 3 [pid 14002] <... futex resumed>) = 1 [pid 14019] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14016] <... openat resumed>) = 3 [pid 14013] mkdir("./bus", 0777 [pid 14006] chdir("./bus" [pid 14002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14019] <... openat resumed>) = 8 [pid 14016] write(3, "1000", 4 [pid 14013] <... mkdir resumed>) = 0 [pid 14006] <... chdir resumed>) = 0 [pid 14005] <... futex resumed>) = 0 [pid 14000] <... futex resumed>) = 0 [pid 14019] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] <... write resumed>) = 4 [pid 14013] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14006] ioctl(4, LOOP_CLR_FD [pid 14000] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14019] <... futex resumed>) = 1 [pid 14016] close(3 [pid 14006] <... ioctl resumed>) = 0 [pid 14005] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 13999] <... futex resumed>) = 0 [pid 14019] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14016] <... close resumed>) = 0 [pid 14006] close(4 [pid 14005] <... openat resumed>) = 8 [pid 14016] symlink("/dev/binderfs", "./binderfs" [pid 14006] <... close resumed>) = 0 [pid 13999] exit_group(0 [pid 14016] <... symlink resumed>) = 0 [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14005] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 13999] <... exit_group resumed>) = ? [pid 14019] <... futex resumed>) = -1 (errno 18446744073709551414) [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] <... futex resumed>) = 1 [pid 14005] <... futex resumed>) = 1 [pid 14003] <... futex resumed>) = 0 [pid 14002] <... futex resumed>) = 0 [pid 14000] <... futex resumed>) = ? [pid 14019] +++ exited with 0 +++ [pid 14016] <... futex resumed>) = 0 [pid 14006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14002] exit_group(0 [pid 14016] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14003] <... futex resumed>) = 0 [pid 14002] <... exit_group resumed>) = ? [pid 14016] <... mmap resumed>) = 0x7f1c32416000 [pid 14006] chdir("./file0" [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14000] +++ exited with 0 +++ [pid 13999] +++ exited with 0 +++ [pid 14016] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14006] <... chdir resumed>) = 0 [pid 14016] <... mprotect resumed>) = 0 [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14006] <... futex resumed>) = 1 [pid 14003] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13999, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14016] <... clone resumed>, parent_tid=[14021], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14021 [pid 14006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14003] <... futex resumed>) = 0 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14016] <... futex resumed>) = 0 [ 248.731515][T14005] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 248.746615][T14000] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 248.750134][T14005] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 248.756065][T14006] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/493/bus supports timestamps until 2038 (0x7fffffff) [ 248.767056][T14013] loop0: detected capacity change from 0 to 2048 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14006] <... open resumed>) = 4 [pid 14005] +++ exited with 0 +++ [pid 14002] +++ exited with 0 +++ [pid 408] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 14021 attached [pid 14021] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14021] memfd_create("syzkaller", 0) = 3 [pid 14021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14002, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] <... openat resumed>) = 3 [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] fstat(3, [pid 14006] <... futex resumed>) = 1 [pid 14003] <... futex resumed>) = 0 [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14003] <... futex resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14006] <... openat resumed>) = 5 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14003] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] getdents64(3, [pid 14006] <... futex resumed>) = 0 [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14003] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14006] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... openat resumed>) = 3 [pid 408] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14006] <... write resumed>) = 196608 [pid 410] fstat(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] lstat("./498/binderfs", [pid 410] getdents64(3, [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] unlink("./498/binderfs" [pid 410] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... unlink resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] lstat("./501/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./501/binderfs") = 0 [pid 410] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14007] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14007] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14007] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14007] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14023], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14023 [pid 14007] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14007] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] <... write resumed>) = 1048576 [pid 14021] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14021] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14021] ioctl(4, LOOP_SET_FD, 3 [pid 14010] <... write resumed>) = 1048576 [pid 14006] <... futex resumed>) = 1 [pid 14003] <... futex resumed>) = 0 [pid 14006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14003] <... futex resumed>) = 0 [pid 14006] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] <... ioctl resumed>) = 0 [pid 14006] <... mount resumed>) = 0 ./strace-static-x86_64: Process 14023 attached [pid 14023] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14023] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14021] close(3 [pid 14013] <... mount resumed>) = 0 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] <... close resumed>) = 0 [pid 14010] <... futex resumed>) = 0 [pid 14006] <... futex resumed>) = 1 [pid 14003] <... futex resumed>) = 0 [pid 14021] mkdir("./bus", 0777 [pid 14010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14006] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] <... mkdir resumed>) = 0 [pid 14006] <... open resumed>) = 6 [pid 14003] <... futex resumed>) = 0 [pid 14021] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14006] <... futex resumed>) = 0 [pid 14003] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14013] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14006] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14007] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14003] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14010] <... futex resumed>) = 0 [pid 14010] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14023] <... openat resumed>) = 7 [pid 14023] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14023] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14013] <... openat resumed>) = 3 [pid 14013] chdir("./bus" [pid 14010] <... openat resumed>) = 8 [pid 14010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14010] <... futex resumed>) = 1 [pid 14010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14007] <... futex resumed>) = 0 [pid 410] lstat("./501/bus", [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14007] exit_group(0 [pid 14010] <... futex resumed>) = ? [pid 14007] <... exit_group resumed>) = ? [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] lstat("./498/bus", [pid 14010] +++ exited with 0 +++ [pid 410] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "./501/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 4 [pid 408] openat(AT_FDCWD, "./498/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14023] <... futex resumed>) = ? [pid 14023] +++ exited with 0 +++ [pid 14007] +++ exited with 0 +++ [pid 14013] <... chdir resumed>) = 0 [pid 14013] ioctl(4, LOOP_CLR_FD) = 0 [pid 14013] close(4) = 0 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14008] <... futex resumed>) = 0 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14013] <... futex resumed>) = 1 [pid 14013] chdir("./file0") = 0 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14008] <... futex resumed>) = 0 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14013] <... futex resumed>) = 1 [pid 14013] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14007, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] close(4) = 0 [pid 412] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... openat resumed>) = 4 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] fstat(4, [pid 412] <... openat resumed>) = 3 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, [pid 412] getdents64(3, [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] getdents64(4, [pid 412] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./496/binderfs", [pid 408] close(4 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14006] <... write resumed>) = 1048576 [pid 412] unlink("./496/binderfs" [pid 408] <... close resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 408] rmdir("./498/bus" [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] rmdir("./501/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./501") = 0 [pid 408] <... rmdir resumed>) = 0 [pid 410] mkdir("./502", 0777 [pid 408] getdents64(3, [pid 410] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14026 [pid 14013] <... open resumed>) = 4 [pid 14006] <... futex resumed>) = 1 [pid 14006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [ 248.823264][T14021] loop4: detected capacity change from 0 to 2048 [ 248.830838][T14013] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/492/bus supports timestamps until 2038 (0x7fffffff) [ 248.830907][T14023] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 248.857676][T14023] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 408] rmdir("./498") = 0 [pid 408] mkdir("./499", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14027 ./strace-static-x86_64: Process 14027 attached [pid 14027] set_robust_list(0x555555f755e0, 24) = 0 [pid 14027] chdir("./499") = 0 [pid 14027] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14027] setpgid(0, 0) = 0 [pid 14027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14027] write(3, "1000", 4) = 4 [pid 14027] close(3) = 0 [pid 14027] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14027] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14027] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14027] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14028], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14028 [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14028 attached [pid 14028] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14028] memfd_create("syzkaller", 0) = 3 [pid 14028] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14003] <... futex resumed>) = 0 [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] <... futex resumed>) = 0 [pid 14003] <... futex resumed>) = 1 [pid 14006] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14028] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14028] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14028] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14028] ioctl(4, LOOP_SET_FD, 3) = 0 ./strace-static-x86_64: Process 14026 attached [pid 14028] close(3 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14028] <... close resumed>) = 0 [pid 14013] <... futex resumed>) = 1 [pid 14008] <... futex resumed>) = 0 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14028] mkdir("./bus", 0777 [pid 14026] set_robust_list(0x555555f755e0, 24 [pid 14013] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14008] <... futex resumed>) = 0 [pid 14028] <... mkdir resumed>) = 0 [pid 14026] <... set_robust_list resumed>) = 0 [pid 14013] <... openat resumed>) = 5 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14026] chdir("./502" [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] <... chdir resumed>) = 0 [pid 14028] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14013] <... futex resumed>) = 1 [pid 14026] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14021] <... mount resumed>) = 0 [pid 14008] <... futex resumed>) = 0 [pid 14026] <... prctl resumed>) = 0 [pid 14021] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14013] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] setpgid(0, 0 [pid 14021] <... openat resumed>) = 3 [pid 14013] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14008] <... futex resumed>) = 0 [pid 14026] <... setpgid resumed>) = 0 [pid 14021] chdir("./bus" [pid 14013] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] <... chdir resumed>) = 0 [pid 14026] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14021] ioctl(4, LOOP_CLR_FD [pid 14013] <... write resumed>) = 196608 [pid 14006] <... openat resumed>) = 7 [pid 14026] <... openat resumed>) = 3 [pid 14021] <... ioctl resumed>) = 0 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] write(3, "1000", 4 [pid 14021] close(4) = 0 [pid 14026] <... write resumed>) = 4 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] <... futex resumed>) = 1 [pid 14008] <... futex resumed>) = 0 [pid 14026] close(3 [pid 14021] <... futex resumed>) = 1 [pid 14016] <... futex resumed>) = 0 [pid 14013] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] <... futex resumed>) = 1 [pid 14003] <... futex resumed>) = 0 [pid 14003] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14003] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14026] <... close resumed>) = 0 [pid 14021] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14008] <... futex resumed>) = 0 [pid 14026] symlink("/dev/binderfs", "./binderfs" [pid 14021] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14013] <... mount resumed>) = 0 [pid 14006] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14016] <... futex resumed>) = 0 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14026] <... symlink resumed>) = 0 [pid 14021] chdir("./file0" [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14008] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] <... futex resumed>) = 0 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] <... futex resumed>) = 0 [pid 14021] <... chdir resumed>) = 0 [pid 14013] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14008] <... futex resumed>) = 0 [pid 14026] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14013] <... open resumed>) = 6 [ 248.890574][T14021] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/499/bus supports timestamps until 2038 (0x7fffffff) [ 248.904588][T14006] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 248.911505][T14028] loop1: detected capacity change from 0 to 2048 [ 248.927809][T14006] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14026] <... mmap resumed>) = 0x7f1c32416000 [pid 14021] <... futex resumed>) = 1 [pid 14016] <... futex resumed>) = 0 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14006] <... openat resumed>) = 8 [pid 14026] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14021] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] <... futex resumed>) = 1 [pid 14008] <... futex resumed>) = 0 [pid 14026] <... mprotect resumed>) = 0 [pid 14021] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14016] <... futex resumed>) = 0 [pid 14013] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14021] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14008] <... futex resumed>) = 0 [pid 14021] <... open resumed>) = 4 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14026] <... clone resumed>, parent_tid=[14031], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14031 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] <... futex resumed>) = 1 [pid 14016] <... futex resumed>) = 0 [pid 14026] <... futex resumed>) = 0 [pid 14021] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14021] <... openat resumed>) = 5 [pid 14016] <... futex resumed>) = 0 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] <... futex resumed>) = 0 [pid 14016] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14021] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] <... write resumed>) = 196608 [pid 14016] <... futex resumed>) = 0 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] <... futex resumed>) = 0 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] <... futex resumed>) = 1 [pid 14021] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] <... futex resumed>) = 0 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] <... futex resumed>) = 1 [pid 14021] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14016] <... futex resumed>) = 0 [pid 14021] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14003] <... futex resumed>) = 0 [pid 14003] exit_group(0) = ? [pid 14006] <... futex resumed>) = ? [pid 14006] +++ exited with 0 +++ [pid 14003] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14003, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./493/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./493/binderfs") = 0 [pid 409] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14031 attached [pid 14031] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14031] memfd_create("syzkaller", 0) = 3 [pid 14031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] <... umount2 resumed>) = 0 [pid 14013] <... write resumed>) = 1048576 [pid 412] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14031] <... write resumed>) = 1048576 [pid 14031] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14031] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14021] <... write resumed>) = 1048576 [pid 14013] <... futex resumed>) = 1 [pid 14008] <... futex resumed>) = 0 [pid 412] lstat("./496/bus", [pid 14013] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] <... openat resumed>) = 4 [pid 14031] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14031] close(3) = 0 [pid 14031] mkdir("./bus", 0777) = 0 [pid 14031] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14028] <... mount resumed>) = 0 [pid 14028] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14028] chdir("./bus") = 0 [pid 14028] ioctl(4, LOOP_CLR_FD) = 0 [pid 14028] close(4) = 0 [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14028] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14021] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./496/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./496/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./496") = 0 [ 248.949449][T14028] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/499/bus supports timestamps until 2038 (0x7fffffff) [ 248.986830][T14031] loop3: detected capacity change from 0 to 2048 [pid 412] mkdir("./497", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14032 ./strace-static-x86_64: Process 14032 attached [pid 14027] <... futex resumed>) = 0 [pid 14016] <... futex resumed>) = 0 [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14028] <... futex resumed>) = 0 [pid 14027] <... futex resumed>) = 1 [pid 14021] <... futex resumed>) = 0 [pid 14016] <... futex resumed>) = 1 [pid 14028] chdir("./file0" [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14021] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14032] set_robust_list(0x555555f755e0, 24 [pid 14028] <... chdir resumed>) = 0 [pid 14032] <... set_robust_list resumed>) = 0 [pid 14032] chdir("./497") = 0 [pid 14032] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14032] setpgid(0, 0) = 0 [pid 14032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14032] write(3, "1000", 4) = 4 [pid 14032] close(3) = 0 [pid 14032] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14032] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14032] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14032] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14033], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14033 [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14033 attached [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] <... openat resumed>) = 7 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14013] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14033] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14033] memfd_create("syzkaller", 0) = 3 [pid 14033] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14033] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14028] <... futex resumed>) = 1 [pid 14027] <... futex resumed>) = 0 [pid 14008] <... futex resumed>) = 0 [pid 14028] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] <... openat resumed>) = 7 [pid 14008] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14027] <... futex resumed>) = 0 [pid 14008] <... futex resumed>) = 1 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14008] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14028] <... open resumed>) = 4 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./493/bus", [pid 14028] <... futex resumed>) = 1 [pid 14027] <... futex resumed>) = 0 [pid 14021] <... futex resumed>) = 1 [pid 14016] <... futex resumed>) = 0 [pid 14013] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14028] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14021] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14016] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14028] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14027] <... futex resumed>) = 0 [pid 14016] <... futex resumed>) = 0 [pid 14028] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14016] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14021] <... openat resumed>) = 8 [pid 14013] <... openat resumed>) = 8 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14028] <... openat resumed>) = 5 [pid 14021] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "./493/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14033] <... write resumed>) = 1048576 [pid 14033] munmap(0x7f1c2a016000, 1048576 [pid 409] getdents64(4, [pid 14033] <... munmap resumed>) = 0 [pid 14033] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 248.986915][T14013] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.008287][T14021] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.015746][T14013] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 249.022313][T14021] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14033] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14033] <... ioctl resumed>) = 0 [pid 14033] close(3) = 0 [pid 14033] mkdir("./bus", 0777) = 0 [pid 14033] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14021] <... futex resumed>) = 1 [pid 14021] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14013] <... futex resumed>) = 1 [pid 14013] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14028] <... futex resumed>) = 1 [pid 14028] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] close(4 [pid 14008] <... futex resumed>) = 0 [pid 14008] exit_group(0 [pid 14027] <... futex resumed>) = 0 [pid 14016] <... futex resumed>) = 0 [pid 14008] <... exit_group resumed>) = ? [pid 14016] exit_group(0 [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14016] <... exit_group resumed>) = ? [pid 409] <... close resumed>) = 0 [pid 14027] <... futex resumed>) = 1 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] rmdir("./493/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3 [pid 14028] <... futex resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14021] <... futex resumed>) = 0 [pid 14028] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14013] <... futex resumed>) = ? [pid 409] rmdir("./493" [pid 14031] <... mount resumed>) = 0 [pid 14031] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14031] chdir("./bus") = 0 [pid 14031] ioctl(4, LOOP_CLR_FD) = 0 [pid 14028] <... write resumed>) = 196608 [pid 409] <... rmdir resumed>) = 0 [pid 14021] +++ exited with 0 +++ [pid 14016] +++ exited with 0 +++ [pid 409] mkdir("./494", 0777 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14016, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14013] +++ exited with 0 +++ [pid 14008] +++ exited with 0 +++ [pid 409] <... openat resumed>) = 3 [pid 409] ioctl(3, LOOP_CLR_FD [pid 14028] <... futex resumed>) = 1 [pid 14027] <... futex resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14028] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] close(3 [pid 14027] <... futex resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... restart_syscall resumed>) = 0 [pid 14028] <... mount resumed>) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14008, si_uid=0, si_status=0, si_utime=0, si_stime=11} --- [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14036 [pid 14028] <... futex resumed>) = 1 [pid 14027] <... futex resumed>) = 0 [pid 14028] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14028] <... open resumed>) = 6 [pid 411] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] umount2("./492", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 407] openat(AT_FDCWD, "./492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14028] <... futex resumed>) = 1 [pid 14027] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 407] <... openat resumed>) = 3 [pid 14028] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] fstat(3, [pid 14028] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14027] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14028] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] getdents64(3, [pid 411] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] lstat("./499/binderfs", [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] lstat("./492/binderfs", [pid 411] unlink("./499/binderfs" [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] <... unlink resumed>) = 0 [pid 407] unlink("./492/binderfs" [pid 411] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... unlink resumed>) = 0 [pid 407] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14031] close(4) = 0 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14036 attached [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14036] set_robust_list(0x555555f755e0, 24) = 0 [pid 14036] chdir("./494") = 0 [pid 14036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14036] setpgid(0, 0) = 0 [pid 14036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14036] write(3, "1000", 4) = 4 [pid 14036] close(3) = 0 [pid 14036] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14036] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14036] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14037], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14037 [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14037 attached [pid 14037] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14037] memfd_create("syzkaller", 0) = 3 [pid 14037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14031] chdir("./file0") = 0 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14037] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14031] <... open resumed>) = 4 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] <... futex resumed>) = 0 [pid 14031] <... futex resumed>) = 1 [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14037] <... write resumed>) = 1048576 [pid 14037] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14037] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 249.051888][T14033] loop5: detected capacity change from 0 to 2048 [ 249.052379][T14031] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/502/bus supports timestamps until 2038 (0x7fffffff) [pid 14037] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14037] close(3) = 0 [pid 14037] mkdir("./bus", 0777) = 0 [pid 14037] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14031] <... write resumed>) = 196608 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14031] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] <... mount resumed>) = 0 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14031] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] <... open resumed>) = 6 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14031] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14031] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14027] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14027] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14027] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14027] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14027] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14040], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14040 [pid 14027] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14027] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14040 attached [pid 14040] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14040] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 407] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./492/bus", [pid 411] lstat("./499/bus", [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./492/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./492/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "./499/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... openat resumed>) = 4 [pid 411] <... openat resumed>) = 4 [pid 407] fstat(4, [pid 411] fstat(4, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 249.108961][T14037] loop2: detected capacity change from 0 to 2048 [ 249.109594][T14033] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/497/bus supports timestamps until 2038 (0x7fffffff) [ 249.143357][T14040] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 407] getdents64(4, [pid 411] getdents64(4, [pid 14033] <... mount resumed>) = 0 [pid 14031] <... write resumed>) = 1048576 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14031] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14026] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(4, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14031] <... futex resumed>) = 0 [pid 14026] <... futex resumed>) = 1 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 14031] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] close(4 [pid 407] <... close resumed>) = 0 [pid 14033] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14028] <... write resumed>) = 1048576 [pid 411] <... close resumed>) = 0 [pid 407] rmdir("./492/bus" [pid 14033] <... openat resumed>) = 3 [pid 14033] chdir("./bus") = 0 [pid 14033] ioctl(4, LOOP_CLR_FD) = 0 [pid 14033] close(4) = 0 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14028] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14040] <... openat resumed>) = 7 [pid 14040] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14027] <... futex resumed>) = 0 [pid 14040] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14027] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14027] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14028] <... futex resumed>) = 0 [pid 14028] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14028] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14027] <... futex resumed>) = 0 [pid 14027] exit_group(0 [pid 14040] <... futex resumed>) = ? [pid 14027] <... exit_group resumed>) = ? [pid 14040] +++ exited with 0 +++ [pid 14028] <... futex resumed>) = ? [pid 14028] +++ exited with 0 +++ [pid 14027] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14027, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./499/binderfs", [pid 14032] <... futex resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] rmdir("./499/bus" [pid 408] unlink("./499/binderfs" [pid 407] <... rmdir resumed>) = 0 [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14032] <... futex resumed>) = 1 [pid 411] <... rmdir resumed>) = 0 [pid 407] getdents64(3, [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14033] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3 [pid 14033] chdir("./file0" [pid 411] close(3 [pid 14033] <... chdir resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] rmdir("./499" [pid 407] rmdir("./492" [pid 14037] <... mount resumed>) = 0 [pid 14033] <... futex resumed>) = 1 [pid 14032] <... futex resumed>) = 0 [pid 14037] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 14037] <... openat resumed>) = 3 [pid 14037] chdir("./bus") = 0 [pid 14037] ioctl(4, LOOP_CLR_FD) = 0 [pid 14037] close(4) = 0 [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14033] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14033] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14032] <... futex resumed>) = 0 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] mkdir("./500", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14043 [pid 407] mkdir("./493", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14044 ./strace-static-x86_64: Process 14044 attached ./strace-static-x86_64: Process 14043 attached [pid 14036] <... futex resumed>) = 0 [pid 14033] <... open resumed>) = 4 [pid 14031] <... openat resumed>) = 7 [pid 14044] set_robust_list(0x555555f755e0, 24 [pid 14043] set_robust_list(0x555555f755e0, 24 [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] <... set_robust_list resumed>) = 0 [pid 14043] <... set_robust_list resumed>) = 0 [pid 14037] <... futex resumed>) = 0 [pid 14036] <... futex resumed>) = 1 [pid 14033] <... futex resumed>) = 1 [pid 14032] <... futex resumed>) = 0 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] chdir("./493" [pid 14043] chdir("./500" [pid 14037] chdir("./file0" [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14026] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14044] <... chdir resumed>) = 0 [pid 14043] <... chdir resumed>) = 0 [pid 14037] <... chdir resumed>) = 0 [pid 14033] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14032] <... futex resumed>) = 0 [pid 14031] <... futex resumed>) = 0 [pid 14026] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14043] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14026] <... futex resumed>) = 0 [pid 14044] <... prctl resumed>) = 0 [pid 14043] <... prctl resumed>) = 0 [pid 14037] <... futex resumed>) = 1 [pid 14036] <... futex resumed>) = 0 [pid 14033] <... openat resumed>) = 5 [pid 14031] <... openat resumed>) = 8 [pid 14026] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] setpgid(0, 0 [pid 14043] setpgid(0, 0 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14031] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] <... setpgid resumed>) = 0 [pid 14043] <... setpgid resumed>) = 0 [pid 14037] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14036] <... futex resumed>) = 0 [pid 14033] <... futex resumed>) = 1 [pid 14032] <... futex resumed>) = 0 [pid 14044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 249.166875][T14040] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 249.172475][T14031] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.191406][T14037] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/494/bus supports timestamps until 2038 (0x7fffffff) [ 249.208580][T14031] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14043] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14037] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14031] <... futex resumed>) = 1 [pid 14026] <... futex resumed>) = 0 [pid 14044] <... openat resumed>) = 3 [pid 14043] <... openat resumed>) = 3 [pid 14037] <... open resumed>) = 4 [pid 14033] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14032] <... futex resumed>) = 0 [pid 14031] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14026] exit_group(0 [pid 14044] write(3, "1000", 4 [pid 14043] write(3, "1000", 4 [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14031] <... futex resumed>) = ? [pid 14026] <... exit_group resumed>) = ? [pid 14044] <... write resumed>) = 4 [pid 14043] <... write resumed>) = 4 [pid 14037] <... futex resumed>) = 1 [pid 14036] <... futex resumed>) = 0 [pid 14031] +++ exited with 0 +++ [pid 14044] close(3 [pid 14043] close(3 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] <... write resumed>) = 196608 [pid 14026] +++ exited with 0 +++ [pid 14044] <... close resumed>) = 0 [pid 14043] <... close resumed>) = 0 [pid 14037] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14036] <... futex resumed>) = 0 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] symlink("/dev/binderfs", "./binderfs" [pid 14043] symlink("/dev/binderfs", "./binderfs" [pid 14037] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14033] <... futex resumed>) = 1 [pid 14032] <... futex resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14026, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14044] <... symlink resumed>) = 0 [pid 14043] <... symlink resumed>) = 0 [pid 14037] <... openat resumed>) = 5 [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14032] <... futex resumed>) = 0 [pid 410] <... restart_syscall resumed>) = 0 [pid 14044] <... futex resumed>) = 0 [pid 14043] <... futex resumed>) = 0 [pid 14037] <... futex resumed>) = 1 [pid 14036] <... futex resumed>) = 0 [pid 14033] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14043] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] <... mount resumed>) = 0 [pid 14044] <... mmap resumed>) = 0x7f1c32416000 [pid 14043] <... mmap resumed>) = 0x7f1c32416000 [pid 14037] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14036] <... futex resumed>) = 0 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14043] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14037] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14033] <... futex resumed>) = 1 [pid 14032] <... futex resumed>) = 0 [pid 410] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14044] <... mprotect resumed>) = 0 [pid 14043] <... mprotect resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./502/binderfs") = 0 [pid 14037] <... write resumed>) = 196608 [pid 410] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] <... futex resumed>) = 0 [pid 14032] <... futex resumed>) = 1 [pid 14033] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14033] <... open resumed>) = 6 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14032] <... futex resumed>) = 0 [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14033] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14032] <... futex resumed>) = 0 [pid 14033] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14043] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14043] <... clone resumed>, parent_tid=[14045], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14045 [pid 408] lstat("./499/bus", [pid 14044] <... clone resumed>, parent_tid=[14046], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14046 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14037] <... futex resumed>) = 1 [pid 14036] <... futex resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] <... futex resumed>) = 0 [pid 14037] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14044] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14037] <... mount resumed>) = 0 [pid 14036] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] openat(AT_FDCWD, "./499/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14037] <... futex resumed>) = 0 [pid 14036] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] <... openat resumed>) = 4 [pid 14037] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] fstat(4, [pid 14037] <... open resumed>) = 6 [pid 14036] <... futex resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] getdents64(4, [pid 14037] <... futex resumed>) = 0 [pid 14036] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(4, [pid 14037] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14036] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14037] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] close(4) = 0 [pid 408] rmdir("./499/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./499") = 0 [pid 408] mkdir("./500", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14047 ./strace-static-x86_64: Process 14045 attached [pid 14045] set_robust_list(0x7f1c324369e0, 24./strace-static-x86_64: Process 14046 attached [pid 14046] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14046] memfd_create("syzkaller", 0) = 3 [pid 14046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14045] <... set_robust_list resumed>) = 0 [pid 14033] <... write resumed>) = 1048576 [pid 14045] memfd_create("syzkaller", 0 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14032] <... futex resumed>) = 0 [pid 14032] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14032] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14033] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14046] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14046] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14046] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14046] ioctl(4, LOOP_SET_FD, 3 [pid 14045] <... memfd_create resumed>) = 3 [pid 14045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14046] <... ioctl resumed>) = 0 [pid 14046] close(3) = 0 [pid 14046] mkdir("./bus", 0777) = 0 [pid 14046] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14047 attached [pid 14047] set_robust_list(0x555555f755e0, 24) = 0 [pid 14047] chdir("./500") = 0 [pid 14047] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14047] setpgid(0, 0) = 0 [pid 14047] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14047] write(3, "1000", 4) = 4 [pid 14047] close(3) = 0 [pid 14047] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14047] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14047] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14047] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14048], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14048 [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14048 attached [pid 14048] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14048] memfd_create("syzkaller", 0) = 3 [pid 14048] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14045] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14045] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14045] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 249.264070][T14033] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.274567][T14046] loop0: detected capacity change from 0 to 2048 [ 249.301254][T14045] loop4: detected capacity change from 0 to 2048 [pid 14045] ioctl(4, LOOP_SET_FD, 3 [pid 14036] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... umount2 resumed>) = 0 [pid 14045] <... ioctl resumed>) = 0 [pid 14045] close(3) = 0 [pid 14045] mkdir("./bus", 0777) = 0 [pid 14045] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14037] <... write resumed>) = 1048576 [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14048] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14032] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14032] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14036] <... futex resumed>) = 1 [pid 14032] <... futex resumed>) = 0 [pid 14037] <... futex resumed>) = 0 [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14032] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14037] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14032] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14032] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14032] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14049], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14049 [pid 14032] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14032] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./502/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./502/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./502/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./502") = 0 [pid 410] mkdir("./503", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 ./strace-static-x86_64: Process 14049 attached [pid 14048] <... write resumed>) = 1048576 [pid 14033] <... openat resumed>) = 7 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14049] set_robust_list(0x7f1c2a1159e0, 24 [pid 14048] munmap(0x7f1c2a016000, 1048576 [pid 14033] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14049] <... set_robust_list resumed>) = 0 [pid 14048] <... munmap resumed>) = 0 [pid 14033] <... futex resumed>) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14053 [pid 14049] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14033] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14049] <... openat resumed>) = 8 [pid 14048] <... openat resumed>) = 4 [pid 14049] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14053 attached [pid 14053] set_robust_list(0x555555f755e0, 24) = 0 [pid 14053] chdir("./503") = 0 [pid 14053] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14053] setpgid(0, 0) = 0 [pid 14053] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14053] write(3, "1000", 4) = 4 [pid 14053] close(3) = 0 [pid 14053] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14053] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14053] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14053] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14054], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14054 [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14054 attached [pid 14054] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14054] memfd_create("syzkaller", 0) = 3 [pid 14054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14054] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14049] <... futex resumed>) = 1 [pid 14048] <... ioctl resumed>) = 0 [pid 14037] <... openat resumed>) = 7 [pid 14049] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] close(3 [pid 14037] <... futex resumed>) = 1 [pid 14048] <... close resumed>) = 0 [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14048] mkdir("./bus", 0777) = 0 [pid 14048] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14046] <... mount resumed>) = 0 [pid 14036] <... futex resumed>) = 0 [pid 14032] <... futex resumed>) = 0 [pid 14032] exit_group(0 [ 249.306107][T14033] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 249.317221][T14037] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.331587][T14037] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 249.337928][T14048] loop1: detected capacity change from 0 to 2048 [ 249.347103][T14046] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/493/bus supports timestamps until 2038 (0x7fffffff) [pid 14036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... write resumed>) = 1048576 [pid 14049] <... futex resumed>) = ? [pid 14046] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14036] <... futex resumed>) = 1 [pid 14033] <... futex resumed>) = ? [pid 14032] <... exit_group resumed>) = ? [pid 14036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14054] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14054] ioctl(4, LOOP_SET_FD, 3 [pid 14049] +++ exited with 0 +++ [pid 14046] <... openat resumed>) = 3 [pid 14045] <... mount resumed>) = 0 [pid 14037] <... futex resumed>) = 0 [pid 14033] +++ exited with 0 +++ [pid 14032] +++ exited with 0 +++ [pid 14037] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14032, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14037] <... openat resumed>) = 8 [pid 14037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 412] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14037] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./497/binderfs") = 0 [pid 412] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14045] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14046] chdir("./bus" [pid 14036] <... futex resumed>) = 0 [pid 14054] <... ioctl resumed>) = 0 [pid 14036] exit_group(0) = ? [pid 14046] <... chdir resumed>) = 0 [pid 14045] chdir("./bus") = 0 [pid 14046] ioctl(4, LOOP_CLR_FD) = 0 [pid 14045] ioctl(4, LOOP_CLR_FD) = 0 [pid 14046] close(4) = 0 [pid 14045] close(4) = 0 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14043] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14045] <... futex resumed>) = 1 [pid 14046] <... futex resumed>) = 1 [pid 14045] chdir("./file0" [pid 14046] chdir("./file0" [pid 14045] <... chdir resumed>) = 0 [pid 14046] <... chdir resumed>) = 0 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] <... futex resumed>) = 1 [pid 14043] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14046] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14045] <... futex resumed>) = 1 [pid 14045] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14046] <... open resumed>) = 4 [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14045] <... futex resumed>) = 1 [pid 14046] <... futex resumed>) = 1 [pid 14045] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14046] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14045] <... openat resumed>) = 5 [pid 14046] <... openat resumed>) = 5 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] <... futex resumed>) = 1 [pid 14043] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14046] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14045] <... futex resumed>) = 1 [pid 14046] <... write resumed>) = 196608 [pid 14045] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14045] <... futex resumed>) = 1 [pid 14046] <... futex resumed>) = 1 [pid 14045] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14046] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14045] <... mount resumed>) = 0 [pid 14046] <... mount resumed>) = 0 [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14044] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] close(3 [pid 14048] <... mount resumed>) = 0 [pid 14046] <... futex resumed>) = 1 [pid 14045] <... futex resumed>) = 1 [pid 14043] <... futex resumed>) = 0 [pid 14037] <... futex resumed>) = ? [pid 14054] <... close resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14037] +++ exited with 0 +++ [pid 14036] +++ exited with 0 +++ [pid 14054] mkdir("./bus", 0777 [pid 14046] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14045] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14054] <... mkdir resumed>) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14036, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14054] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./494/binderfs") = 0 [pid 409] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14045] <... open resumed>) = 6 [pid 14046] <... open resumed>) = 6 [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14045] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14046] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14048] <... openat resumed>) = 3 [pid 14048] chdir("./bus") = 0 [pid 14044] <... futex resumed>) = 0 [pid 14043] <... futex resumed>) = 0 [pid 14048] ioctl(4, LOOP_CLR_FD) = 0 [pid 14048] close(4) = 0 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14048] chdir("./file0" [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] <... chdir resumed>) = 0 [pid 14047] <... futex resumed>) = 0 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] <... futex resumed>) = 0 [pid 14047] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14048] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] <... futex resumed>) = 0 [pid 14045] <... futex resumed>) = 0 [pid 14044] <... futex resumed>) = 1 [pid 14043] <... futex resumed>) = 1 [pid 14046] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14045] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14048] <... open resumed>) = 4 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14048] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14047] <... futex resumed>) = 0 [pid 14048] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 249.361118][T14045] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/500/bus supports timestamps until 2038 (0x7fffffff) [ 249.364606][T14054] loop3: detected capacity change from 0 to 2048 [ 249.381090][T14048] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/500/bus supports timestamps until 2038 (0x7fffffff) [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] <... openat resumed>) = 5 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14048] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14047] <... futex resumed>) = 0 [pid 14048] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] <... write resumed>) = 196608 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14048] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] <... mount resumed>) = 0 [pid 14047] <... futex resumed>) = 0 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] <... futex resumed>) = 0 [pid 14047] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14048] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] <... open resumed>) = 6 [pid 14047] <... futex resumed>) = 0 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] <... futex resumed>) = 0 [pid 14047] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14048] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] <... mount resumed>) = 0 [pid 14048] <... write resumed>) = 1048576 [pid 14054] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14054] chdir("./bus") = 0 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] ioctl(4, LOOP_CLR_FD) = 0 [pid 14054] close(4) = 0 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] <... futex resumed>) = 0 [pid 14048] <... futex resumed>) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... futex resumed>) = 0 [pid 14053] <... futex resumed>) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14045] <... write resumed>) = 1048576 [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14045] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14046] <... write resumed>) = 1048576 [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14046] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14054] chdir("./file0") = 0 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... futex resumed>) = 0 [pid 14053] <... futex resumed>) = 1 [pid 14054] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] <... open resumed>) = 4 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14053] <... futex resumed>) = 0 [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14053] <... futex resumed>) = 0 [pid 14054] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] <... openat resumed>) = 5 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14053] <... futex resumed>) = 0 [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14053] <... futex resumed>) = 0 [pid 14054] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] <... write resumed>) = 196608 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14053] <... futex resumed>) = 0 [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14053] <... futex resumed>) = 0 [pid 14054] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] <... mount resumed>) = 0 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14053] <... futex resumed>) = 0 [ 249.418395][T14054] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/503/bus supports timestamps until 2038 (0x7fffffff) [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14053] <... futex resumed>) = 0 [pid 14054] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14043] <... futex resumed>) = 0 [pid 14054] <... open resumed>) = 6 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14044] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14045] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] <... futex resumed>) = 1 [pid 14054] <... futex resumed>) = 1 [pid 14053] <... futex resumed>) = 0 [pid 14046] <... futex resumed>) = 0 [pid 14045] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14044] <... futex resumed>) = 1 [pid 14043] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14046] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... umount2 resumed>) = 0 [pid 14054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14053] <... futex resumed>) = 0 [pid 14044] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./494/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./494/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 14054] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./494/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./494") = 0 [pid 409] mkdir("./495", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 412] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14054] <... write resumed>) = 1048576 [pid 412] lstat("./497/bus", [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 249.456175][T14048] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.473359][T14045] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.477236][T14048] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 249.489249][T14046] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 412] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./497/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./497/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./497") = 0 [pid 412] mkdir("./498", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14060 ./strace-static-x86_64: Process 14060 attached [pid 14060] set_robust_list(0x555555f755e0, 24) = 0 [pid 14060] chdir("./498") = 0 [pid 14060] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14060] setpgid(0, 0 [pid 14048] <... openat resumed>) = 7 [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14047] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14054] <... futex resumed>) = 1 [pid 14053] <... futex resumed>) = 0 [pid 14048] <... futex resumed>) = 0 [pid 14060] <... setpgid resumed>) = 0 [pid 14053] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14048] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14047] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14053] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14047] <... futex resumed>) = 0 [pid 14054] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14048] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14047] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14060] write(3, "1000", 4) = 4 [pid 14060] close(3) = 0 [pid 14060] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14060] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14060] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14060] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14062], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14062 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14062 attached [pid 14062] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14062] memfd_create("syzkaller", 0) = 3 [pid 14062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14048] <... openat resumed>) = 8 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14061 [pid 14048] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14047] <... futex resumed>) = 0 [pid 14048] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14047] exit_group(0) = ? [pid 14048] <... futex resumed>) = ? [pid 14048] +++ exited with 0 +++ [pid 14047] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14047, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 14043] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14043] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14043] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 408] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14043] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14043] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14043] <... clone resumed>, parent_tid=[14063], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14063 [pid 14043] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 14043] <... futex resumed>) = 0 [pid 14043] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./500/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./500/binderfs") = 0 [pid 408] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14044] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14044] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14044] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14044] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14062] <... write resumed>) = 1048576 [pid 14062] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14062] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14062] ioctl(4, LOOP_SET_FD, 3 [pid 14044] <... clone resumed>, parent_tid=[14064], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14064 [pid 14044] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 249.518828][T14046] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 249.529789][T14054] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.555883][T14045] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14044] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14064 attached ./strace-static-x86_64: Process 14063 attached ./strace-static-x86_64: Process 14061 attached [pid 14046] <... openat resumed>) = 7 [pid 14045] <... openat resumed>) = 7 [pid 14062] <... ioctl resumed>) = 0 [pid 14062] close(3) = 0 [pid 14062] mkdir("./bus", 0777) = 0 [pid 14062] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14064] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14064] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14064] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14064] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14063] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14063] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14063] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14063] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14061] set_robust_list(0x555555f755e0, 24) = 0 [pid 14061] chdir("./495") = 0 [pid 14061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14061] setpgid(0, 0) = 0 [pid 14061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14061] write(3, "1000", 4) = 4 [pid 14061] close(3) = 0 [pid 14061] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14061] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14061] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14061] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14065], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14065 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14046] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14045] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14045] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14044] <... futex resumed>) = 0 [pid 14043] <... futex resumed>) = 0 [pid 14053] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14053] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14043] exit_group(0 [pid 14053] <... futex resumed>) = 0 [pid 14044] exit_group(0./strace-static-x86_64: Process 14065 attached [pid 14065] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14065] memfd_create("syzkaller", 0) = 3 [pid 14053] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14064] <... futex resumed>) = 9 [pid 14044] <... exit_group resumed>) = ? [pid 14063] <... futex resumed>) = ? [pid 14043] <... exit_group resumed>) = ? [pid 14064] +++ exited with 0 +++ [pid 14063] +++ exited with 0 +++ [pid 14053] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14046] <... futex resumed>) = ? [pid 14045] <... futex resumed>) = ? [pid 14053] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14046] +++ exited with 0 +++ [pid 14045] +++ exited with 0 +++ [pid 14044] +++ exited with 0 +++ [pid 14043] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14043, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14044, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14054] <... openat resumed>) = 7 [pid 411] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 3 [pid 407] <... openat resumed>) = 3 [pid 411] fstat(3, [pid 407] fstat(3, [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, [pid 407] getdents64(3, [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./500/binderfs", [pid 407] lstat("./493/binderfs", [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./500/binderfs" [pid 407] unlink("./493/binderfs" [pid 14053] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... unlink resumed>) = 0 [pid 407] <... unlink resumed>) = 0 [pid 411] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14053] <... clone resumed>, parent_tid=[14066], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14066 [pid 14053] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14053] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14054] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14054] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./500/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14065] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./500/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./500/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./500") = 0 [pid 408] mkdir("./501", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14067 [pid 14065] <... write resumed>) = 1048576 [pid 14065] munmap(0x7f1c2a016000, 1048576./strace-static-x86_64: Process 14066 attached ./strace-static-x86_64: Process 14067 attached [pid 14066] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14067] set_robust_list(0x555555f755e0, 24 [pid 14066] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14067] <... set_robust_list resumed>) = 0 [pid 14065] <... munmap resumed>) = 0 [pid 14066] <... openat resumed>) = 8 [pid 14066] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14053] <... futex resumed>) = 0 [pid 14066] <... futex resumed>) = 1 [pid 14053] exit_group(0 [pid 14066] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14054] <... futex resumed>) = ? [pid 14067] chdir("./501" [pid 14066] <... futex resumed>) = ? [pid 14065] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14053] <... exit_group resumed>) = ? [pid 14054] +++ exited with 0 +++ [pid 14067] <... chdir resumed>) = 0 [pid 14065] <... openat resumed>) = 4 [pid 14066] +++ exited with 0 +++ [pid 14067] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14053] +++ exited with 0 +++ [pid 14065] ioctl(4, LOOP_SET_FD, 3 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14053, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 249.556037][T14062] loop5: detected capacity change from 0 to 2048 [ 249.567918][T14054] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 410] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14067] <... prctl resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./503/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./503/binderfs") = 0 [pid 410] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14067] setpgid(0, 0) = 0 [pid 14067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14067] write(3, "1000", 4) = 4 [pid 14067] close(3) = 0 [pid 14067] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14065] <... ioctl resumed>) = 0 [pid 14065] close(3) = 0 [pid 14065] mkdir("./bus", 0777) = 0 [pid 14065] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14067] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14067] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14067] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14070], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14070 [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14070 attached [pid 14070] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14070] memfd_create("syzkaller", 0) = 3 [pid 14070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14070] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14070] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14070] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14070] close(3) = 0 [pid 14070] mkdir("./bus", 0777) = 0 [pid 14070] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14062] <... mount resumed>) = 0 [pid 14062] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14062] chdir("./bus") = 0 [pid 14062] ioctl(4, LOOP_CLR_FD) = 0 [pid 14062] close(4) = 0 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14060] <... futex resumed>) = 0 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14062] <... futex resumed>) = 1 [pid 14062] chdir("./file0" [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./500/bus", [pid 14062] <... chdir resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14062] <... futex resumed>) = 1 [pid 14060] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./500/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14062] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14060] <... futex resumed>) = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... openat resumed>) = 4 [pid 407] <... umount2 resumed>) = 0 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./500/bus") = 0 [pid 407] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./500") = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./493/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] mkdir("./501", 0777 [pid 407] umount2("./493/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14062] <... open resumed>) = 4 [pid 407] openat(AT_FDCWD, "./493/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... mkdir resumed>) = 0 [pid 407] <... openat resumed>) = 4 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] fstat(4, [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 14060] <... futex resumed>) = 0 [pid 14062] <... futex resumed>) = 1 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 249.631297][T14065] loop2: detected capacity change from 0 to 2048 [ 249.639696][T14062] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/498/bus supports timestamps until 2038 (0x7fffffff) [ 249.650956][T14070] loop1: detected capacity change from 0 to 2048 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14075 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14062] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14060] <... futex resumed>) = 0 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14062] <... futex resumed>) = 1 [pid 14062] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14060] <... futex resumed>) = 0 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14062] <... futex resumed>) = 1 [pid 14062] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./493/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./493") = 0 [pid 407] mkdir("./494", 0777./strace-static-x86_64: Process 14075 attached [pid 14065] <... mount resumed>) = 0 [pid 14062] <... futex resumed>) = 1 [pid 14060] <... futex resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 14075] set_robust_list(0x555555f755e0, 24 [pid 14062] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... set_robust_list resumed>) = 0 [pid 14062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14060] <... futex resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14075] chdir("./501" [pid 14062] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14075] <... chdir resumed>) = 0 [pid 14062] <... open resumed>) = 6 [pid 407] <... openat resumed>) = 3 [pid 14075] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... prctl resumed>) = 0 [pid 14062] <... futex resumed>) = 1 [pid 14060] <... futex resumed>) = 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 14075] setpgid(0, 0 [pid 14062] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... setpgid resumed>) = 0 [pid 14062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14060] <... futex resumed>) = 0 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14062] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14075] <... openat resumed>) = 3 [pid 407] close(3 [pid 14075] write(3, "1000", 4 [pid 407] <... close resumed>) = 0 [pid 14075] <... write resumed>) = 4 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14070] <... mount resumed>) = 0 [pid 14065] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14070] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14065] <... openat resumed>) = 3 [pid 14070] chdir("./bus" [pid 14065] chdir("./bus" [pid 14070] <... chdir resumed>) = 0 [pid 14065] <... chdir resumed>) = 0 [pid 14070] ioctl(4, LOOP_CLR_FD [pid 14065] ioctl(4, LOOP_CLR_FD [pid 14070] <... ioctl resumed>) = 0 [pid 14065] <... ioctl resumed>) = 0 [pid 14070] close(4 [pid 14065] close(4 [pid 410] <... umount2 resumed>) = 0 [pid 14070] <... close resumed>) = 0 [pid 14065] <... close resumed>) = 0 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14061] <... futex resumed>) = 0 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14067] <... futex resumed>) = 0 [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14065] <... futex resumed>) = 1 [pid 14070] <... futex resumed>) = 1 [pid 14070] chdir("./file0" [pid 14065] chdir("./file0") = 0 [pid 14070] <... chdir resumed>) = 0 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] close(3 [pid 410] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14076 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14067] <... futex resumed>) = 0 [pid 410] lstat("./503/bus", [pid 14075] <... close resumed>) = 0 [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14070] <... futex resumed>) = 1 [pid 14070] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14061] <... futex resumed>) = 0 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14065] <... futex resumed>) = 1 [pid 14065] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14075] symlink("/dev/binderfs", "./binderfs" [pid 14065] <... open resumed>) = 4 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 14076 attached [pid 14075] <... symlink resumed>) = 0 [pid 14070] <... open resumed>) = 4 [pid 14062] <... write resumed>) = 1048576 [pid 410] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14076] set_robust_list(0x555555f755e0, 24 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14076] <... set_robust_list resumed>) = 0 [pid 14075] <... futex resumed>) = 0 [pid 14070] <... futex resumed>) = 1 [pid 14067] <... futex resumed>) = 0 [pid 14065] <... futex resumed>) = 1 [pid 14062] <... futex resumed>) = 1 [pid 14061] <... futex resumed>) = 0 [pid 14060] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./503/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14076] chdir("./494" [pid 14075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14062] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... chdir resumed>) = 0 [pid 14075] <... mmap resumed>) = 0x7f1c32416000 [pid 14070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14067] <... futex resumed>) = 0 [pid 14065] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14061] <... futex resumed>) = 0 [pid 14060] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 4 [pid 14076] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14075] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14070] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14065] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14062] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] fstat(4, [pid 14076] <... prctl resumed>) = 0 [pid 14070] <... openat resumed>) = 5 [pid 14076] setpgid(0, 0 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... setpgid resumed>) = 0 [pid 14070] <... futex resumed>) = 1 [pid 14067] <... futex resumed>) = 0 [pid 14076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... openat resumed>) = 3 [pid 14070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14067] <... futex resumed>) = 0 [pid 14076] write(3, "1000", 4 [pid 14070] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14076] <... write resumed>) = 4 [pid 14075] <... mprotect resumed>) = 0 [pid 14070] <... write resumed>) = 196608 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14076] close(3 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... close resumed>) = 0 [pid 14070] <... futex resumed>) = 1 [pid 14067] <... futex resumed>) = 0 [pid 14076] symlink("/dev/binderfs", "./binderfs" [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... symlink resumed>) = 0 [pid 14070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14067] <... futex resumed>) = 0 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14070] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [ 249.680041][T14065] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/495/bus supports timestamps until 2038 (0x7fffffff) [ 249.695136][T14070] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/501/bus supports timestamps until 2038 (0x7fffffff) [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14076] <... futex resumed>) = 0 [pid 14070] <... mount resumed>) = 0 [pid 14076] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... mmap resumed>) = 0x7f1c32416000 [pid 14070] <... futex resumed>) = 1 [pid 14067] <... futex resumed>) = 0 [pid 14076] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... mprotect resumed>) = 0 [pid 14070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14067] <... futex resumed>) = 0 [pid 14076] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14070] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14070] <... open resumed>) = 6 [pid 14076] <... clone resumed>, parent_tid=[14077], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14077 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14070] <... futex resumed>) = 1 [pid 14067] <... futex resumed>) = 0 [pid 14076] <... futex resumed>) = 0 [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14067] <... futex resumed>) = 0 [pid 14070] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] getdents64(4, [pid 14075] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, [pid 14075] <... clone resumed>, parent_tid=[14078], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14078 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(4 [pid 14075] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] rmdir("./503/bus" [pid 14065] <... openat resumed>) = 5 [pid 410] <... rmdir resumed>) = 0 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(3, [pid 14065] <... futex resumed>) = 1 [pid 14061] <... futex resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14065] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(3 [pid 14061] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 ./strace-static-x86_64: Process 14078 attached ./strace-static-x86_64: Process 14077 attached [pid 14065] <... write resumed>) = 196608 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] rmdir("./503" [pid 14078] set_robust_list(0x7f1c324369e0, 24 [pid 14077] set_robust_list(0x7f1c324369e0, 24 [pid 14078] <... set_robust_list resumed>) = 0 [pid 14077] <... set_robust_list resumed>) = 0 [pid 14078] memfd_create("syzkaller", 0 [pid 14077] memfd_create("syzkaller", 0 [pid 14078] <... memfd_create resumed>) = 3 [pid 14077] <... memfd_create resumed>) = 3 [pid 14078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14078] <... mmap resumed>) = 0x7f1c2a016000 [pid 14077] <... mmap resumed>) = 0x7f1c2a016000 [pid 14078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14062] <... openat resumed>) = 7 [pid 410] <... rmdir resumed>) = 0 [pid 14065] <... futex resumed>) = 1 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14061] <... futex resumed>) = 0 [pid 410] mkdir("./504", 0777 [pid 14077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14070] <... write resumed>) = 1048576 [pid 14065] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14062] <... futex resumed>) = 1 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14060] <... futex resumed>) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 14078] <... write resumed>) = 1048576 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14062] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14061] <... futex resumed>) = 0 [pid 14060] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14078] munmap(0x7f1c2a016000, 1048576 [pid 14070] <... futex resumed>) = 1 [pid 14067] <... futex resumed>) = 0 [pid 14065] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14060] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 14078] <... munmap resumed>) = 0 [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] <... mount resumed>) = 0 [pid 14062] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14060] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] ioctl(3, LOOP_CLR_FD [pid 14078] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14067] <... futex resumed>) = 0 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14062] <... openat resumed>) = 8 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14078] <... openat resumed>) = 4 [pid 14070] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14067] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14065] <... futex resumed>) = 1 [pid 14062] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14061] <... futex resumed>) = 0 [pid 410] close(3 [pid 14077] <... write resumed>) = 1048576 [pid 14077] munmap(0x7f1c2a016000, 1048576) = 0 [ 249.729576][T14062] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.750290][T14062] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14077] ioctl(4, LOOP_SET_FD, 3 [pid 14078] ioctl(4, LOOP_SET_FD, 3 [pid 14065] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14062] <... futex resumed>) = 1 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14060] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 14077] <... ioctl resumed>) = 0 [pid 14077] close(3) = 0 [pid 14077] mkdir("./bus", 0777) = 0 [pid 14077] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14065] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14062] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14061] <... futex resumed>) = 0 [pid 14060] exit_group(0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14065] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14062] <... futex resumed>) = ? [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14060] <... exit_group resumed>) = ? [pid 14062] +++ exited with 0 +++ [pid 14065] <... open resumed>) = 6 [pid 14078] <... ioctl resumed>) = 0 [pid 14078] close(3 [pid 14060] +++ exited with 0 +++ [pid 14078] <... close resumed>) = 0 [pid 14078] mkdir("./bus", 0777) = 0 [pid 14078] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14060, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 14065] <... futex resumed>) = 1 [pid 14061] <... futex resumed>) = 0 [pid 412] <... restart_syscall resumed>) = 0 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14065] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14080 ./strace-static-x86_64: Process 14080 attached [pid 14080] set_robust_list(0x555555f755e0, 24) = 0 [pid 14080] chdir("./504") = 0 [pid 14080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14080] setpgid(0, 0 [pid 412] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 14080] <... setpgid resumed>) = 0 [pid 14080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14080] write(3, "1000", 4) = 4 [pid 14080] close(3) = 0 [pid 14080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14080] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14080] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14081], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14081 [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14081 attached [pid 14081] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14081] memfd_create("syzkaller", 0) = 3 [pid 14081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./498/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] unlink("./498/binderfs") = 0 [pid 412] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14081] <... write resumed>) = 1048576 [pid 14081] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14081] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 249.771230][T14070] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.773465][T14077] loop0: detected capacity change from 0 to 2048 [ 249.790670][T14070] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 249.792628][T14078] loop4: detected capacity change from 0 to 2048 [pid 14081] ioctl(4, LOOP_SET_FD, 3 [pid 14070] <... openat resumed>) = 7 [pid 14067] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14067] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14067] <... futex resumed>) = 0 [pid 14067] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14070] <... futex resumed>) = 0 [pid 14070] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14067] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14067] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14067] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14084], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14084 [pid 14067] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14067] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14084 attached [pid 14084] set_robust_list(0x7f1c2a1159e0, 24 [pid 14081] <... ioctl resumed>) = 0 [pid 14084] <... set_robust_list resumed>) = 0 [pid 14081] close(3 [pid 14084] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14084] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14067] <... futex resumed>) = 0 [pid 14067] exit_group(0 [pid 14070] <... futex resumed>) = ? [pid 14067] <... exit_group resumed>) = ? [pid 14070] +++ exited with 0 +++ [pid 14084] <... futex resumed>) = ? [pid 14084] +++ exited with 0 +++ [pid 14067] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14067, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./501/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./501/binderfs") = 0 [pid 408] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14081] <... close resumed>) = 0 [pid 14081] mkdir("./bus", 0777) = 0 [pid 14081] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14078] <... mount resumed>) = 0 [pid 14078] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14078] chdir("./bus") = 0 [pid 14078] ioctl(4, LOOP_CLR_FD) = 0 [pid 14078] close(4) = 0 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] chdir("./file0") = 0 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14065] <... write resumed>) = 1048576 [pid 14061] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... umount2 resumed>) = 0 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14065] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14078] <... open resumed>) = 4 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14078] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] <... futex resumed>) = 0 [pid 14061] <... futex resumed>) = 1 [pid 14065] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 249.829066][T14081] loop3: detected capacity change from 0 to 2048 [ 249.841438][T14078] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/501/bus supports timestamps until 2038 (0x7fffffff) [ 249.865668][T14077] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/494/bus supports timestamps until 2038 (0x7fffffff) [pid 412] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14077] <... mount resumed>) = 0 [pid 14077] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14077] chdir("./bus") = 0 [pid 14077] ioctl(4, LOOP_CLR_FD) = 0 [pid 14077] close(4) = 0 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] <... futex resumed>) = 0 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14077] <... futex resumed>) = 1 [pid 14077] chdir("./file0" [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./498/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./498/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./498/bus" [pid 14078] <... write resumed>) = 1048576 [pid 14077] <... chdir resumed>) = 0 [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14076] <... futex resumed>) = 0 [pid 14077] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] <... futex resumed>) = 1 [pid 14075] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14081] <... mount resumed>) = 0 [pid 14078] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14077] <... open resumed>) = 4 [pid 412] <... rmdir resumed>) = 0 [ 249.878430][T14065] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.901441][T14065] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 249.901743][T14081] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/504/bus supports timestamps until 2038 (0x7fffffff) [pid 14081] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] <... openat resumed>) = 7 [pid 412] getdents64(3, [pid 408] <... umount2 resumed>) = 0 [pid 14077] <... futex resumed>) = 1 [pid 14076] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14077] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] close(3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14077] <... openat resumed>) = 5 [pid 14076] <... futex resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 408] lstat("./501/bus", [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] rmdir("./498" [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14077] <... futex resumed>) = 0 [pid 14076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... rmdir resumed>) = 0 [pid 408] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14077] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] mkdir("./499", 0777 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14077] <... write resumed>) = 196608 [pid 14076] <... futex resumed>) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 408] openat(AT_FDCWD, "./501/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 408] <... openat resumed>) = 4 [pid 412] <... openat resumed>) = 3 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] fstat(4, [pid 14081] <... openat resumed>) = 3 [pid 14077] <... futex resumed>) = 1 [pid 14076] <... futex resumed>) = 0 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] ioctl(3, LOOP_CLR_FD [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14081] chdir("./bus" [pid 14077] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14081] <... chdir resumed>) = 0 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] <... futex resumed>) = 1 [pid 14061] <... futex resumed>) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] getdents64(4, [pid 14081] ioctl(4, LOOP_CLR_FD) = 0 [pid 14081] close(4) = 0 [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14080] <... futex resumed>) = 0 [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 14081] chdir("./file0" [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14081] <... chdir resumed>) = 0 [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14080] <... futex resumed>) = 0 [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 14081] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14076] <... futex resumed>) = 1 [pid 14065] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14061] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] close(3 [pid 14078] <... openat resumed>) = 7 [pid 14077] <... futex resumed>) = 0 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14065] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14061] <... futex resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14081] <... open resumed>) = 4 [pid 14077] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14065] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14061] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] getdents64(4, [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] <... mount resumed>) = 0 [pid 14065] <... openat resumed>) = 8 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14081] <... futex resumed>) = 1 [pid 14080] <... futex resumed>) = 0 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14089 [pid 408] close(4 [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] <... futex resumed>) = 1 [pid 14076] <... futex resumed>) = 0 [pid 14065] <... futex resumed>) = 1 [pid 14061] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 14077] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14065] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14061] exit_group(0 [pid 408] rmdir("./501/bus" [pid 14081] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14077] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14076] <... futex resumed>) = 0 [pid 14065] <... futex resumed>) = ? [pid 14061] <... exit_group resumed>) = ? [pid 408] <... rmdir resumed>) = 0 [pid 14081] <... openat resumed>) = 5 [pid 14077] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14075] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14065] +++ exited with 0 +++ [pid 14061] +++ exited with 0 +++ [pid 408] getdents64(3, [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] <... open resumed>) = 6 [pid 14075] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14081] <... futex resumed>) = 1 [pid 14080] <... futex resumed>) = 0 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14061, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] close(3 [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] <... futex resumed>) = 1 [pid 14076] <... futex resumed>) = 0 [pid 14075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... close resumed>) = 0 [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 14077] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] rmdir("./501" [pid 14081] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14078] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14076] <... futex resumed>) = 0 [pid 14075] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... rmdir resumed>) = 0 [pid 14078] <... futex resumed>) = 0 [pid 14077] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] mkdir("./502", 0777./strace-static-x86_64: Process 14089 attached [pid 14081] <... write resumed>) = 196608 [pid 14075] <... mprotect resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 14089] set_robust_list(0x555555f755e0, 24 [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] fstat(3, [pid 408] <... mkdir resumed>) = 0 [pid 14089] <... set_robust_list resumed>) = 0 [pid 14081] <... futex resumed>) = 1 [pid 14080] <... futex resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... clone resumed>, parent_tid=[14090], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14090 [pid 409] getdents64(3, [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 14075] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14081] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14075] <... futex resumed>) = 0 [pid 409] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... openat resumed>) = 3 [pid 14081] <... mount resumed>) = 0 [pid 14075] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] ioctl(3, LOOP_CLR_FD [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./495/binderfs", [pid 14081] <... futex resumed>) = 1 [pid 14080] <... futex resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] unlink("./495/binderfs" [pid 408] close(3 [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 14089] chdir("./499" [pid 14078] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] <... close resumed>) = 0 [pid 14081] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14081] <... open resumed>) = 6 [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14080] <... futex resumed>) = 0 [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14080] <... futex resumed>) = 0 [pid 14081] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14089] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 14090 attached [pid 14090] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14090] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14090] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14075] <... futex resumed>) = 0 [pid 14075] exit_group(0) = ? [pid 14090] <... futex resumed>) = ? [pid 14090] +++ exited with 0 +++ [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14091 ./strace-static-x86_64: Process 14091 attached [pid 14091] set_robust_list(0x555555f755e0, 24) = 0 [pid 14091] chdir("./502") = 0 [pid 14091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14091] setpgid(0, 0) = 0 [pid 14091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14091] write(3, "1000", 4) = 4 [pid 14091] close(3) = 0 [pid 14091] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14091] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14091] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14091] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14092], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14092 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14092 attached [pid 14092] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14092] memfd_create("syzkaller", 0) = 3 [pid 14092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14081] <... write resumed>) = 1048576 [pid 409] <... umount2 resumed>) = 0 [ 249.912622][T14078] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.936772][T14078] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14080] <... futex resumed>) = 0 [pid 14089] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 409] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14080] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14081] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14080] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14080] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14092] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14092] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14092] ioctl(4, LOOP_SET_FD, 3 [pid 14089] <... prctl resumed>) = 0 [pid 14078] <... futex resumed>) = ? [pid 409] lstat("./495/bus", [pid 14092] <... ioctl resumed>) = 0 [pid 14092] close(3) = 0 [pid 14092] mkdir("./bus", 0777) = 0 [pid 14092] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14089] setpgid(0, 0) = 0 [pid 14089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14089] write(3, "1000", 4) = 4 [pid 409] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14089] close(3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14089] <... close resumed>) = 0 [pid 14089] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14089] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14089] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14093], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14093 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14078] +++ exited with 0 +++ [pid 14075] +++ exited with 0 +++ [pid 14076] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14076] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14075, si_uid=0, si_status=0, si_utime=1, si_stime=5} --- [pid 14076] <... futex resumed>) = 0 [pid 14076] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14076] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 411] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14076] <... mprotect resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14076] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14076] <... clone resumed>, parent_tid=[14094], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14094 [pid 411] fstat(3, [pid 409] openat(AT_FDCWD, "./495/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14076] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14076] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 4 [pid 14077] <... write resumed>) = 1048576 [pid 14076] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 409] fstat(4, [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./501/binderfs", [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] getdents64(4, [pid 411] unlink("./501/binderfs"./strace-static-x86_64: Process 14093 attached ) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(4, [pid 14093] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14093] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 14094 attached [pid 14094] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14094] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [ 249.979863][T14081] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 249.988210][T14092] loop1: detected capacity change from 0 to 2048 [ 250.008891][T14081] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14080] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 409] close(4 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14077] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 409] <... close resumed>) = 0 [pid 14093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14081] <... openat resumed>) = 7 [pid 14080] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] rmdir("./495/bus" [pid 14081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14080] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 14081] <... futex resumed>) = 0 [pid 14080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] getdents64(3, [pid 14081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14080] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14080] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] close(3 [pid 14080] <... mprotect resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14080] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] rmdir("./495"./strace-static-x86_64: Process 14096 attached [pid 14094] <... openat resumed>) = 7 [pid 14093] <... write resumed>) = 1048576 [pid 409] <... rmdir resumed>) = 0 [pid 14094] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14094] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14093] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14093] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14093] ioctl(4, LOOP_SET_FD, 3 [pid 14096] set_robust_list(0x7f1c2a1159e0, 24 [pid 14092] <... mount resumed>) = 0 [pid 14080] <... clone resumed>, parent_tid=[14096], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14096 [pid 14076] <... futex resumed>) = 0 [pid 409] mkdir("./496", 0777 [pid 14080] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... mkdir resumed>) = 0 [pid 14080] <... futex resumed>) = 0 [pid 14076] <... futex resumed>) = 1 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14080] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14092] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14096] <... set_robust_list resumed>) = 0 [pid 14092] <... openat resumed>) = 3 [pid 14096] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14092] chdir("./bus") = 0 [pid 14092] ioctl(4, LOOP_CLR_FD) = 0 [pid 14092] close(4 [pid 14096] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14080] <... futex resumed>) = 0 [pid 14080] exit_group(0 [pid 14081] <... futex resumed>) = ? [pid 14080] <... exit_group resumed>) = ? [pid 14081] +++ exited with 0 +++ [pid 14092] <... close resumed>) = 0 [pid 14096] <... futex resumed>) = ? [pid 14077] <... futex resumed>) = 0 [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14092] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14091] <... futex resumed>) = 0 [pid 14096] +++ exited with 0 +++ [pid 14080] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14080, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 410] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./504/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./504/binderfs") = 0 [pid 410] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14092] <... futex resumed>) = 0 [pid 14091] <... futex resumed>) = 1 [pid 14092] chdir("./file0" [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14077] <... openat resumed>) = 8 [pid 14092] <... chdir resumed>) = 0 [pid 14077] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14093] <... ioctl resumed>) = 0 [pid 14093] close(3) = 0 [pid 14093] mkdir("./bus", 0777) = 0 [pid 14093] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14077] <... futex resumed>) = 1 [pid 14076] <... futex resumed>) = 0 [pid 14092] <... futex resumed>) = 1 [pid 14091] <... futex resumed>) = 0 [pid 14077] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14076] exit_group(0 [pid 14092] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14094] <... futex resumed>) = ? [pid 14077] <... futex resumed>) = ? [pid 14076] <... exit_group resumed>) = ? [pid 14091] <... futex resumed>) = 0 [pid 14077] +++ exited with 0 +++ [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14094] +++ exited with 0 +++ [pid 14092] <... open resumed>) = 4 [pid 14076] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14076, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 407] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14092] <... futex resumed>) = 1 [pid 14091] <... futex resumed>) = 0 [pid 411] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] ioctl(3, LOOP_CLR_FD [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14092] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] lstat("./501/bus", [pid 409] close(3 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... close resumed>) = 0 [pid 411] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14092] <... openat resumed>) = 5 [pid 14091] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "./501/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14098 [pid 411] <... openat resumed>) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./501/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... openat resumed>) = 3 [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] fstat(3, [pid 411] <... close resumed>) = 0 [pid 411] rmdir("./501" [pid 14092] <... futex resumed>) = 1 [pid 14091] <... futex resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14092] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] mkdir("./502", 0777 [pid 407] getdents64(3, [pid 14092] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14091] <... futex resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 14092] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14099 [pid 407] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 ./strace-static-x86_64: Process 14098 attached [pid 407] unlink("./494/binderfs" [pid 14098] set_robust_list(0x555555f755e0, 24) = 0 [pid 407] <... unlink resumed>) = 0 [pid 14098] chdir("./496" [pid 407] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14098] <... chdir resumed>) = 0 [pid 14098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14098] setpgid(0, 0) = 0 [pid 14098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14098] write(3, "1000", 4) = 4 [pid 14098] close(3) = 0 [pid 14098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14098] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14098] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14100], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14100 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14100 attached [pid 14100] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14100] memfd_create("syzkaller", 0) = 3 [pid 14100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14092] <... write resumed>) = 196608 [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14091] <... futex resumed>) = 0 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14092] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14091] <... futex resumed>) = 0 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14092] <... futex resumed>) = 1 [pid 14091] <... futex resumed>) = 0 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14092] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14091] <... futex resumed>) = 0 [pid 14092] <... futex resumed>) = 1 [ 250.021880][T14094] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.039743][T14094] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 250.050137][T14092] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/502/bus supports timestamps until 2038 (0x7fffffff) [ 250.053112][T14093] loop5: detected capacity change from 0 to 2048 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14092] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14091] <... futex resumed>) = 0 [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... write resumed>) = 1048576 [pid 14100] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14100] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14100] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14100] close(3) = 0 [pid 14100] mkdir("./bus", 0777) = 0 [pid 14100] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14099 attached [pid 14099] set_robust_list(0x555555f755e0, 24) = 0 [pid 14099] chdir("./502") = 0 [pid 14099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14099] setpgid(0, 0) = 0 [pid 14099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14099] write(3, "1000", 4) = 4 [pid 14099] close(3) = 0 [pid 14099] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14099] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14099] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14101], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14101 [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14101 attached [pid 14101] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14101] memfd_create("syzkaller", 0) = 3 [pid 14101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14092] <... write resumed>) = 1048576 [pid 14101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14101] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14101] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14101] ioctl(4, LOOP_SET_FD, 3 [pid 410] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14101] <... ioctl resumed>) = 0 [pid 14101] close(3) = 0 [pid 14101] mkdir("./bus", 0777) = 0 [pid 14101] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14092] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14093] <... mount resumed>) = 0 [pid 14093] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14093] chdir("./bus") = 0 [pid 14093] ioctl(4, LOOP_CLR_FD) = 0 [pid 14093] close(4) = 0 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14093] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14091] <... futex resumed>) = 0 [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14091] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14089] <... futex resumed>) = 1 [pid 14092] <... futex resumed>) = 0 [pid 14091] <... futex resumed>) = 1 [pid 14092] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14091] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./504/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./504/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./504/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./504") = 0 [pid 410] mkdir("./505", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 250.107456][T14100] loop2: detected capacity change from 0 to 2048 [ 250.128691][T14093] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/499/bus supports timestamps until 2038 (0x7fffffff) [ 250.132850][T14101] loop4: detected capacity change from 0 to 2048 [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14104 [pid 407] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./494/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./494/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./494/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./494/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./494") = 0 [pid 407] mkdir("./495", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14105 [pid 14093] <... futex resumed>) = 0 [pid 14093] chdir("./file0") = 0 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14093] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14093] <... futex resumed>) = 0 [pid 14093] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] <... open resumed>) = 4 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 ./strace-static-x86_64: Process 14104 attached [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14093] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14093] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14104] set_robust_list(0x555555f755e0, 24) = 0 [pid 14104] chdir("./505") = 0 [pid 14104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14104] setpgid(0, 0) = 0 [pid 14104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14104] write(3, "1000", 4) = 4 [pid 14104] close(3) = 0 [pid 14104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14104] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14104] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14110], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14110 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14093] <... write resumed>) = 196608 ./strace-static-x86_64: Process 14110 attached [pid 14110] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14110] memfd_create("syzkaller", 0) = 3 [pid 14110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14093] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] <... mount resumed>) = 0 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14089] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14089] <... futex resumed>) = 0 [pid 14093] <... futex resumed>) = 1 [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14110] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14110] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 250.149964][T14092] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.186033][T14092] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 250.188925][T14110] loop3: detected capacity change from 0 to 2048 [pid 14110] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14110] close(3) = 0 [pid 14110] mkdir("./bus", 0777) = 0 [pid 14110] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14105 attached [pid 14105] set_robust_list(0x555555f755e0, 24) = 0 [pid 14105] chdir("./495") = 0 [pid 14105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14105] setpgid(0, 0) = 0 [pid 14105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14105] write(3, "1000", 4) = 4 [pid 14105] close(3) = 0 [pid 14105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14105] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14105] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14111], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14111 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14111 attached [pid 14111] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14111] memfd_create("syzkaller", 0) = 3 [pid 14111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14111] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14111] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14111] close(3) = 0 [pid 14111] mkdir("./bus", 0777) = 0 [pid 14111] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14101] <... mount resumed>) = 0 [pid 14101] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14101] chdir("./bus") = 0 [pid 14101] ioctl(4, LOOP_CLR_FD) = 0 [pid 14101] close(4) = 0 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14099] <... futex resumed>) = 0 [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] <... futex resumed>) = 1 [pid 14101] chdir("./file0") = 0 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14099] <... futex resumed>) = 0 [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] <... futex resumed>) = 1 [pid 14101] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14091] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14089] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14091] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14089] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14091] <... futex resumed>) = 0 [pid 14089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14100] <... mount resumed>) = 0 [pid 14100] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14100] chdir("./bus" [pid 14092] <... openat resumed>) = 7 [pid 14091] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14089] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14091] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14092] <... futex resumed>) = 0 [pid 14089] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14092] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14091] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14089] <... mprotect resumed>) = 0 [pid 14101] <... open resumed>) = 4 [pid 14091] <... mprotect resumed>) = 0 [pid 14091] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14089] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14100] <... chdir resumed>) = 0 [pid 14100] ioctl(4, LOOP_CLR_FD [pid 14101] <... futex resumed>) = 1 [pid 14099] <... futex resumed>) = 0 [pid 14091] <... clone resumed>, parent_tid=[14112], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14112 [pid 14089] <... clone resumed>, parent_tid=[14113], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14113 [pid 14101] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14091] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14089] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14099] <... futex resumed>) = 0 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] <... openat resumed>) = 5 [pid 14089] <... futex resumed>) = 0 [pid 14091] <... futex resumed>) = 0 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14099] <... futex resumed>) = 0 [pid 14091] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14089] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14099] <... futex resumed>) = 0 [pid 14101] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... ioctl resumed>) = 0 [pid 14100] close(4) = 0 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] chdir("./file0") = 0 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14101] <... write resumed>) = 196608 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14093] <... write resumed>) = 1048576 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14093] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14101] <... futex resumed>) = 1 [pid 14099] <... futex resumed>) = 0 [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14099] <... futex resumed>) = 0 [pid 14101] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14099] <... futex resumed>) = 0 [pid 14101] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] <... open resumed>) = 6 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14099] <... futex resumed>) = 0 [pid 14101] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14099] <... futex resumed>) = 0 [pid 14101] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14112 attached [pid 14112] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14112] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14112] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14091] <... futex resumed>) = 0 [pid 14091] exit_group(0 [pid 14092] <... futex resumed>) = ? [pid 14091] <... exit_group resumed>) = ? [pid 14092] +++ exited with 0 +++ [pid 14112] +++ exited with 0 +++ [pid 14091] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14091, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14113 attached ) = -1 EINVAL (Invalid argument) [pid 14113] set_robust_list(0x7f1c2a1159e0, 24 [pid 408] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14113] <... set_robust_list resumed>) = 0 [pid 408] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./502/binderfs") = 0 [pid 14100] <... open resumed>) = 4 [pid 408] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [ 250.200682][T14101] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/502/bus supports timestamps until 2038 (0x7fffffff) [ 250.212375][T14111] loop0: detected capacity change from 0 to 2048 [ 250.213278][T14100] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/496/bus supports timestamps until 2038 (0x7fffffff) [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14113] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14100] <... write resumed>) = 1048576 [pid 14089] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14089] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14093] <... futex resumed>) = 0 [pid 14089] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14093] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14110] <... mount resumed>) = 0 [pid 14110] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14110] chdir("./bus") = 0 [pid 14110] ioctl(4, LOOP_CLR_FD) = 0 [pid 14110] close(4) = 0 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] <... futex resumed>) = 1 [pid 14110] chdir("./file0") = 0 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] <... futex resumed>) = 1 [ 250.263477][T14110] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/505/bus supports timestamps until 2038 (0x7fffffff) [ 250.278023][T14113] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.296872][T14113] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14110] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14098] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14100] <... futex resumed>) = 1 [pid 14100] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14099] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14110] <... open resumed>) = 4 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] <... futex resumed>) = 1 [pid 14110] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] <... futex resumed>) = 1 [pid 14110] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14104] <... futex resumed>) = 0 [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14110] <... futex resumed>) = 1 [pid 14110] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14099] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14099] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14099] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14118], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14118 [pid 14099] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14099] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] <... write resumed>) = 1048576 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14101] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14113] <... openat resumed>) = 7 [pid 14113] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14113] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14111] <... mount resumed>) = 0 [pid 14111] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14111] chdir("./bus") = 0 [pid 14111] ioctl(4, LOOP_CLR_FD) = 0 [pid 14111] close(4) = 0 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] chdir("./file0") = 0 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14089] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14093] <... openat resumed>) = 8 [pid 14093] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14093] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14089] exit_group(0) = ? [pid 14113] <... futex resumed>) = ? [pid 14113] +++ exited with 0 +++ [pid 14093] <... futex resumed>) = ? [pid 14093] +++ exited with 0 +++ [pid 14089] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14089, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 14098] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 412] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14098] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14098] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14098] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... openat resumed>) = 3 [pid 412] fstat(3, [pid 14098] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14098] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 14098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14098] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 412] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14098] <... mprotect resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14098] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] lstat("./499/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14098] <... clone resumed>, parent_tid=[14119], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14119 [pid 412] unlink("./499/binderfs" [pid 14098] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14098] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14118 attached [pid 14118] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 250.302062][T14100] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.306240][T14111] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/495/bus supports timestamps until 2038 (0x7fffffff) [ 250.335525][T14100] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14118] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14111] <... write resumed>) = 1048576 [pid 14110] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 14119 attached [pid 14119] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14119] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14105] <... futex resumed>) = 0 [pid 14105] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] <... futex resumed>) = 1 [pid 14111] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14104] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14104] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14119] <... openat resumed>) = 8 [pid 14118] <... openat resumed>) = 7 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14100] <... openat resumed>) = 7 [pid 14104] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14104] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14104] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14120], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14120 [pid 14104] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14104] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14119] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14098] <... futex resumed>) = 0 [pid 14119] <... futex resumed>) = 1 [pid 14119] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14118] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14118] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14110] <... futex resumed>) = 0 [pid 14110] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14100] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14120 attached [pid 14120] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14120] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14099] <... futex resumed>) = 0 [pid 14098] exit_group(0 [pid 14119] <... futex resumed>) = ? [pid 14100] <... futex resumed>) = ? [pid 14098] <... exit_group resumed>) = ? [pid 14119] +++ exited with 0 +++ [pid 14100] +++ exited with 0 +++ [pid 14098] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14098, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = 0 [pid 409] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./496/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./496/binderfs") = 0 [pid 409] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14101] <... futex resumed>) = 0 [pid 14101] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14101] <... openat resumed>) = 8 [pid 14101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14099] <... futex resumed>) = 0 [ 250.357653][T14118] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.375353][T14118] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 250.376121][T14111] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14101] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14099] exit_group(0 [pid 408] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14099] <... exit_group resumed>) = ? [pid 14118] <... futex resumed>) = ? [pid 14101] <... futex resumed>) = ? [pid 14118] +++ exited with 0 +++ [pid 14101] +++ exited with 0 +++ [pid 14099] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14099, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./502/binderfs") = 0 [pid 411] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./502/bus", [pid 14105] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 408] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14105] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14105] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 408] openat(AT_FDCWD, "./502/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14105] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... openat resumed>) = 4 [pid 14105] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] fstat(4, [pid 14105] <... futex resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14105] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] getdents64(4, [pid 14105] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14105] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 408] getdents64(4, [pid 14105] <... mprotect resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14105] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] close(4 [pid 14105] <... clone resumed>, parent_tid=[14121], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14121 [pid 14105] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14105] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./502/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./502") = 0 [pid 408] mkdir("./503", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14122 ./strace-static-x86_64: Process 14122 attached [pid 14122] set_robust_list(0x555555f755e0, 24) = 0 [pid 14122] chdir("./503") = 0 [pid 14122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14122] setpgid(0, 0) = 0 [pid 14122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14122] write(3, "1000", 4) = 4 [pid 14122] close(3) = 0 [pid 14122] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 14121 attached ) = 0x7f1c32416000 [pid 14111] <... openat resumed>) = 7 [pid 14104] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14110] <... futex resumed>) = 0 [pid 14104] <... futex resumed>) = 1 [pid 14111] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14110] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14111] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14110] <... openat resumed>) = 8 [pid 14110] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14104] <... futex resumed>) = 0 [pid 14110] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14120] <... openat resumed>) = 7 [pid 14120] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14120] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14122] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14122] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14123], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14123 [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14123 attached [pid 14121] set_robust_list(0x7f1c2a1159e0, 24 [pid 412] <... umount2 resumed>) = 0 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14104] exit_group(0 [pid 14123] set_robust_list(0x7f1c324369e0, 24 [pid 14121] <... set_robust_list resumed>) = 0 [pid 14120] <... futex resumed>) = ? [pid 14110] <... futex resumed>) = ? [pid 14104] <... exit_group resumed>) = ? [pid 412] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14123] <... set_robust_list resumed>) = 0 [pid 14121] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14120] +++ exited with 0 +++ [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14123] memfd_create("syzkaller", 0 [pid 14110] +++ exited with 0 +++ [pid 14104] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14104, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14123] <... memfd_create resumed>) = 3 [pid 14123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] lstat("./499/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] openat(AT_FDCWD, "./499/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... openat resumed>) = 4 [pid 410] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] fstat(4, [pid 410] <... openat resumed>) = 3 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] fstat(3, [pid 412] getdents64(4, [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(3, [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] close(4 [pid 410] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... close resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] rmdir("./499/bus" [pid 410] lstat("./505/binderfs", [pid 412] <... rmdir resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] getdents64(3, [pid 410] unlink("./505/binderfs" [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 410] <... unlink resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 410] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] rmdir("./499") = 0 [pid 412] mkdir("./500", 0777 [pid 14123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 14123] <... write resumed>) = 1048576 [pid 14123] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14123] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14123] <... openat resumed>) = 4 [pid 14123] ioctl(4, LOOP_SET_FD, 3 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14124 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./496/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./496/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./496/bus" [pid 411] <... umount2 resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 411] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] getdents64(3, [pid 411] lstat("./502/bus", [pid 14105] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14105] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14105] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14105] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14105] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./496" [pid 411] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14121] <... openat resumed>) = 8 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14121] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./502/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14121] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14124 attached [pid 14121] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... openat resumed>) = 4 [pid 409] <... rmdir resumed>) = 0 [pid 14124] set_robust_list(0x555555f755e0, 24 [pid 14105] exit_group(0 [pid 409] mkdir("./497", 0777 [ 250.404426][T14120] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.410439][T14111] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 250.431394][T14120] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 411] fstat(4, [pid 14124] <... set_robust_list resumed>) = 0 [pid 14121] <... futex resumed>) = ? [pid 14111] <... futex resumed>) = ? [pid 14105] <... exit_group resumed>) = ? [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14125 ./strace-static-x86_64: Process 14125 attached [pid 14125] set_robust_list(0x555555f755e0, 24) = 0 [pid 14125] chdir("./497") = 0 [pid 14125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14125] setpgid(0, 0) = 0 [pid 14125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14125] write(3, "1000", 4) = 4 [pid 14125] close(3) = 0 [pid 14125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14111] +++ exited with 0 +++ [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14121] +++ exited with 0 +++ [pid 14105] +++ exited with 0 +++ [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14105, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] close(4 [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 411] <... close resumed>) = 0 [pid 407] <... restart_syscall resumed>) = 0 [pid 411] rmdir("./502/bus" [pid 407] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... rmdir resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] getdents64(3, [pid 407] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] fstat(3, [pid 411] close(3 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... close resumed>) = 0 [pid 407] getdents64(3, [pid 14125] <... futex resumed>) = 0 [pid 411] rmdir("./502" [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... rmdir resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./495/binderfs", [pid 411] mkdir("./503", 0777 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./495/binderfs" [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 407] <... unlink resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 407] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14125] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14125] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 14125] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14124] chdir("./500" [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14125] <... clone resumed>, parent_tid=[14126], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14126 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14126 attached [pid 14126] set_robust_list(0x7f1c324369e0, 24 [pid 14124] <... chdir resumed>) = 0 [pid 411] close(3 [pid 14124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 411] <... close resumed>) = 0 [pid 14124] <... prctl resumed>) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14124] setpgid(0, 0) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14127 [pid 14124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14126] <... set_robust_list resumed>) = 0 [pid 14124] <... openat resumed>) = 3 [pid 14124] write(3, "1000", 4) = 4 [pid 14124] close(3) = 0 [pid 14124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14124] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14124] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14128], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14128 [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14126] memfd_create("syzkaller", 0./strace-static-x86_64: Process 14128 attached ./strace-static-x86_64: Process 14127 attached ) = 3 [pid 14123] <... ioctl resumed>) = 0 [pid 14127] set_robust_list(0x555555f755e0, 24) = 0 [pid 14127] chdir("./503") = 0 [pid 14127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14127] setpgid(0, 0) = 0 [pid 14127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14127] write(3, "1000", 4) = 4 [pid 14127] close(3) = 0 [pid 14127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14127] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14127] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14129], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14129 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14128] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14128] memfd_create("syzkaller", 0) = 3 [pid 14128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14123] close(3) = 0 [pid 14123] mkdir("./bus", 0777) = 0 [pid 14126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14123] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14129 attached [pid 14129] set_robust_list(0x7f1c324369e0, 24 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./505/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./505/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./505/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./505") = 0 [pid 410] mkdir("./506", 0777 [pid 14129] <... set_robust_list resumed>) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14130 [pid 14129] memfd_create("syzkaller", 0./strace-static-x86_64: Process 14130 attached [pid 14130] set_robust_list(0x555555f755e0, 24) = 0 [pid 14130] chdir("./506" [pid 14129] <... memfd_create resumed>) = 3 [pid 407] <... umount2 resumed>) = 0 [pid 14129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 407] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14130] <... chdir resumed>) = 0 [pid 14130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14130] setpgid(0, 0) = 0 [pid 14130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14129] <... mmap resumed>) = 0x7f1c2a016000 [pid 407] lstat("./495/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./495/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14130] write(3, "1000", 4) = 4 [pid 14130] close(3) = 0 [pid 14130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 407] openat(AT_FDCWD, "./495/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 4 [pid 14130] <... futex resumed>) = 0 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, [pid 14130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14130] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14130] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14132], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14132 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./495/bus" [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14130] <... futex resumed>) = 0 [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./495") = 0 [pid 407] mkdir("./496", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14133 [pid 14128] <... write resumed>) = 1048576 [pid 14128] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14128] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 250.479822][T14123] loop1: detected capacity change from 0 to 2048 [pid 14128] ioctl(4, LOOP_SET_FD, 3 [pid 14129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14132 attached [pid 14132] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14132] memfd_create("syzkaller", 0) = 3 [pid 14132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 14133 attached [pid 14126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14133] set_robust_list(0x555555f755e0, 24) = 0 [pid 14133] chdir("./496") = 0 [pid 14133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14133] setpgid(0, 0) = 0 [pid 14133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14133] write(3, "1000", 4) = 4 [pid 14133] close(3) = 0 [pid 14133] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14133] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14133] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14133] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14135], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14135 [pid 14132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14126] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 14135 attached [pid 14132] <... write resumed>) = 1048576 [pid 14129] <... write resumed>) = 1048576 [pid 14128] <... ioctl resumed>) = 0 [pid 14126] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14126] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14129] munmap(0x7f1c2a016000, 1048576 [pid 14126] ioctl(4, LOOP_SET_FD, 3 [pid 14129] <... munmap resumed>) = 0 [pid 14128] close(3) = 0 [pid 14128] mkdir("./bus", 0777 [pid 14129] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14128] <... mkdir resumed>) = 0 [pid 14135] set_robust_list(0x7f1c324369e0, 24 [pid 14123] <... mount resumed>) = 0 [pid 14132] munmap(0x7f1c2a016000, 1048576 [pid 14135] <... set_robust_list resumed>) = 0 [pid 14132] <... munmap resumed>) = 0 [pid 14126] <... ioctl resumed>) = 0 [pid 14123] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14135] memfd_create("syzkaller", 0 [pid 14132] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14129] <... openat resumed>) = 4 [pid 14128] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14123] <... openat resumed>) = 3 [pid 14135] <... memfd_create resumed>) = 3 [pid 14129] ioctl(4, LOOP_SET_FD, 3 [pid 14135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14132] <... openat resumed>) = 4 [pid 14123] chdir("./bus" [pid 14135] <... mmap resumed>) = 0x7f1c2a016000 [pid 14132] ioctl(4, LOOP_SET_FD, 3 [pid 14123] <... chdir resumed>) = 0 [pid 14129] <... ioctl resumed>) = 0 [pid 14126] close(3 [pid 14129] close(3 [pid 14126] <... close resumed>) = 0 [pid 14129] <... close resumed>) = 0 [pid 14126] mkdir("./bus", 0777 [pid 14129] mkdir("./bus", 0777 [pid 14126] <... mkdir resumed>) = 0 [pid 14129] <... mkdir resumed>) = 0 [pid 14129] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14126] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [ 250.534407][T14128] loop5: detected capacity change from 0 to 2048 [ 250.554644][T14123] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/503/bus supports timestamps until 2038 (0x7fffffff) [ 250.559870][T14126] loop2: detected capacity change from 0 to 2048 [ 250.576395][T14129] loop4: detected capacity change from 0 to 2048 [pid 14123] ioctl(4, LOOP_CLR_FD [pid 14135] <... write resumed>) = 1048576 [pid 14135] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14135] ioctl(4, LOOP_SET_FD, 3 [pid 14132] <... ioctl resumed>) = 0 [pid 14123] <... ioctl resumed>) = 0 [pid 14123] close(4) = 0 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14122] <... futex resumed>) = 0 [pid 14123] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14123] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14122] <... futex resumed>) = 0 [pid 14123] chdir("./file0" [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] <... chdir resumed>) = 0 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14122] <... futex resumed>) = 0 [pid 14123] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14123] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14122] <... futex resumed>) = 0 [pid 14132] close(3 [pid 14123] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14132] <... close resumed>) = 0 [pid 14123] <... open resumed>) = 4 [pid 14132] mkdir("./bus", 0777 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... ioctl resumed>) = 0 [pid 14123] <... futex resumed>) = 1 [pid 14122] <... futex resumed>) = 0 [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14135] close(3 [pid 14123] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14135] <... close resumed>) = 0 [pid 14132] <... mkdir resumed>) = 0 [pid 14126] <... mount resumed>) = 0 [pid 14135] mkdir("./bus", 0777 [pid 14126] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14135] <... mkdir resumed>) = 0 [pid 14126] <... openat resumed>) = 3 [pid 14135] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14126] chdir("./bus") = 0 [pid 14126] ioctl(4, LOOP_CLR_FD) = 0 [pid 14126] close(4) = 0 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14125] <... futex resumed>) = 0 [pid 14126] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14126] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14125] <... futex resumed>) = 0 [pid 14126] chdir("./file0" [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... chdir resumed>) = 0 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14123] <... openat resumed>) = 5 [pid 14126] <... futex resumed>) = 1 [pid 14125] <... futex resumed>) = 0 [pid 14126] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14128] <... mount resumed>) = 0 [pid 14125] <... futex resumed>) = 0 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] <... futex resumed>) = 1 [pid 14123] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14122] <... futex resumed>) = 0 [ 250.588796][T14132] loop3: detected capacity change from 0 to 2048 [ 250.595112][T14135] loop0: detected capacity change from 0 to 2048 [ 250.615601][T14128] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/500/bus supports timestamps until 2038 (0x7fffffff) [ 250.615602][T14126] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/497/bus supports timestamps until 2038 (0x7fffffff) [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14128] chdir("./bus") = 0 [pid 14128] ioctl(4, LOOP_CLR_FD) = 0 [pid 14128] close(4) = 0 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14126] <... open resumed>) = 4 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14125] <... futex resumed>) = 0 [pid 14126] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14126] <... openat resumed>) = 5 [pid 14125] <... futex resumed>) = 0 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... futex resumed>) = 0 [pid 14125] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14126] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14126] <... write resumed>) = 196608 [pid 14125] <... futex resumed>) = 0 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] <... futex resumed>) = 0 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... futex resumed>) = 1 [pid 14126] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] <... futex resumed>) = 0 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... futex resumed>) = 1 [pid 14126] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] <... futex resumed>) = 0 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14126] <... futex resumed>) = 1 [pid 14125] <... futex resumed>) = 0 [pid 14126] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14124] <... futex resumed>) = 0 [pid 14122] <... futex resumed>) = 1 [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] <... futex resumed>) = 0 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14122] <... futex resumed>) = 0 [pid 14123] <... futex resumed>) = 1 [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14123] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] <... mount resumed>) = 0 [pid 14129] <... mount resumed>) = 0 [pid 14128] <... futex resumed>) = 0 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] chdir("./file0" [pid 14123] <... futex resumed>) = 1 [pid 14122] <... futex resumed>) = 0 [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] <... chdir resumed>) = 0 [pid 14123] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14122] <... futex resumed>) = 0 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] <... open resumed>) = 6 [pid 14128] <... futex resumed>) = 1 [pid 14124] <... futex resumed>) = 0 [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14128] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14124] <... futex resumed>) = 0 [pid 14123] <... futex resumed>) = 1 [pid 14122] <... futex resumed>) = 0 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14123] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14122] <... futex resumed>) = 0 [pid 14129] <... openat resumed>) = 3 [pid 14129] chdir("./bus") = 0 [pid 14129] ioctl(4, LOOP_CLR_FD) = 0 [pid 14129] close(4) = 0 [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14129] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14127] <... futex resumed>) = 0 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... write resumed>) = 1048576 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] <... futex resumed>) = 0 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... futex resumed>) = 1 [pid 14126] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14128] <... open resumed>) = 4 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] <... futex resumed>) = 0 [pid 14128] <... futex resumed>) = 1 [pid 14124] <... futex resumed>) = 0 [pid 14129] chdir("./file0" [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14124] <... futex resumed>) = 0 [pid 14128] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14128] <... openat resumed>) = 5 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] <... chdir resumed>) = 0 [pid 14128] <... futex resumed>) = 1 [pid 14124] <... futex resumed>) = 0 [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] <... futex resumed>) = 1 [pid 14128] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14127] <... futex resumed>) = 0 [pid 14124] <... futex resumed>) = 0 [pid 14129] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14128] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [ 250.641638][T14129] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/503/bus supports timestamps until 2038 (0x7fffffff) [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14128] <... write resumed>) = 196608 [pid 14127] <... futex resumed>) = 0 [pid 14129] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... openat resumed>) = 7 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] <... futex resumed>) = 0 [pid 14125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14126] <... futex resumed>) = 1 [pid 14126] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14126] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14125] <... futex resumed>) = 0 [pid 14125] exit_group(0) = ? [pid 14126] <... futex resumed>) = ? [pid 14128] <... futex resumed>) = 1 [pid 14124] <... futex resumed>) = 0 [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14124] <... futex resumed>) = 0 [pid 14128] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14128] <... mount resumed>) = 0 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] <... open resumed>) = 4 [pid 14128] <... futex resumed>) = 1 [pid 14124] <... futex resumed>) = 0 [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] <... futex resumed>) = 1 [pid 14128] <... open resumed>) = 6 [pid 14127] <... futex resumed>) = 0 [pid 14124] <... futex resumed>) = 0 [pid 14129] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14128] <... futex resumed>) = 0 [pid 14127] <... futex resumed>) = 0 [pid 14124] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14122] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14129] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14122] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14124] <... futex resumed>) = 0 [pid 14122] <... futex resumed>) = 0 [pid 14128] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14122] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14122] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14146], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14146 [pid 14122] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14122] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... openat resumed>) = 5 [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] <... futex resumed>) = 0 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... futex resumed>) = 1 [pid 14129] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14146 attached [pid 14146] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14146] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14129] <... write resumed>) = 196608 [ 250.688116][T14126] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.693585][T14132] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/506/bus supports timestamps until 2038 (0x7fffffff) [ 250.702677][T14126] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 250.715301][T14135] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/496/bus supports timestamps until 2038 (0x7fffffff) [pid 14126] +++ exited with 0 +++ [pid 14125] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14125, si_uid=0, si_status=0, si_utime=1, si_stime=9} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./497/binderfs") = 0 [pid 409] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14123] <... write resumed>) = 1048576 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14123] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] <... futex resumed>) = 0 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... futex resumed>) = 1 [pid 14129] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14127] <... futex resumed>) = 0 [pid 14129] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] <... open resumed>) = 6 [pid 14127] <... futex resumed>) = 0 [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... futex resumed>) = 0 [pid 14127] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14129] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... mount resumed>) = 0 [pid 14132] <... mount resumed>) = 0 [pid 14128] <... write resumed>) = 1048576 [pid 14127] <... futex resumed>) = 0 [pid 14146] <... openat resumed>) = 7 [pid 14135] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14132] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14146] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... openat resumed>) = 3 [pid 14132] <... openat resumed>) = 3 [pid 14128] <... futex resumed>) = 1 [pid 14146] <... futex resumed>) = 1 [pid 14135] chdir("./bus" [pid 14132] chdir("./bus" [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14124] <... futex resumed>) = 0 [pid 14122] <... futex resumed>) = 0 [pid 14146] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14135] <... chdir resumed>) = 0 [pid 14132] <... chdir resumed>) = 0 [pid 14135] ioctl(4, LOOP_CLR_FD [pid 14132] ioctl(4, LOOP_CLR_FD [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14122] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... ioctl resumed>) = 0 [pid 14132] <... ioctl resumed>) = 0 [pid 14128] <... futex resumed>) = 0 [pid 14124] <... futex resumed>) = 1 [pid 14123] <... futex resumed>) = 0 [pid 14122] <... futex resumed>) = 1 [pid 14135] close(4 [pid 14132] close(4 [pid 14128] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14123] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14122] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14135] <... close resumed>) = 0 [pid 14132] <... close resumed>) = 0 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... futex resumed>) = 1 [pid 14132] <... futex resumed>) = 1 [pid 14130] <... futex resumed>) = 0 [pid 14135] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14130] <... futex resumed>) = 0 [pid 14132] chdir("./file0" [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14133] <... futex resumed>) = 0 [pid 14123] <... openat resumed>) = 8 [pid 14123] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14123] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... chdir resumed>) = 0 [pid 14122] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14130] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14130] <... futex resumed>) = 0 [pid 14135] <... futex resumed>) = 0 [pid 14133] <... futex resumed>) = 1 [pid 14132] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14135] chdir("./file0" [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14122] exit_group(0 [pid 14146] <... futex resumed>) = ? [pid 14122] <... exit_group resumed>) = ? [pid 14146] +++ exited with 0 +++ [pid 14135] <... chdir resumed>) = 0 [pid 14132] <... open resumed>) = 4 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14133] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... futex resumed>) = 1 [pid 14130] <... futex resumed>) = 0 [pid 14135] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14133] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14130] <... futex resumed>) = 0 [pid 14132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14132] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14132] <... openat resumed>) = 5 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14123] <... futex resumed>) = ? [pid 14123] +++ exited with 0 +++ [pid 14122] +++ exited with 0 +++ [ 250.747372][T14146] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.764396][T14146] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 250.776322][T14128] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14132] <... futex resumed>) = 1 [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14122, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14135] <... open resumed>) = 4 [pid 14130] <... futex resumed>) = 0 [pid 408] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14135] <... futex resumed>) = 1 [pid 14133] <... futex resumed>) = 0 [pid 14132] <... futex resumed>) = 0 [pid 14130] <... futex resumed>) = 1 [pid 14129] <... write resumed>) = 1048576 [pid 14128] <... openat resumed>) = 7 [pid 408] lstat("./503/binderfs", [pid 14135] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14129] <... futex resumed>) = 1 [pid 408] unlink("./503/binderfs" [pid 14135] <... openat resumed>) = 5 [pid 14133] <... futex resumed>) = 0 [pid 14132] <... write resumed>) = 196608 [pid 14129] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14127] <... futex resumed>) = 0 [pid 408] <... unlink resumed>) = 0 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... futex resumed>) = 0 [pid 14133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14129] <... futex resumed>) = 0 [pid 14127] <... futex resumed>) = 1 [pid 408] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14135] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14135] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14133] <... futex resumed>) = 0 [pid 14132] <... futex resumed>) = 1 [pid 14128] <... futex resumed>) = 1 [pid 14135] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14135] <... write resumed>) = 196608 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14133] <... futex resumed>) = 0 [pid 14135] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... mount resumed>) = 0 [pid 14133] <... futex resumed>) = 0 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14130] <... futex resumed>) = 0 [pid 14124] <... futex resumed>) = 0 [pid 14135] <... futex resumed>) = 0 [pid 14133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14135] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... open resumed>) = 6 [pid 14133] <... futex resumed>) = 0 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14135] <... futex resumed>) = 0 [pid 14133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14135] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14124] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... futex resumed>) = 0 [pid 14130] <... futex resumed>) = 1 [pid 14124] <... futex resumed>) = 1 [pid 14132] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14124] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14132] <... mount resumed>) = 0 [pid 14128] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14130] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14130] <... futex resumed>) = 0 [pid 14132] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14132] <... open resumed>) = 6 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14130] <... futex resumed>) = 0 [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14130] <... futex resumed>) = 0 [pid 14132] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14129] <... openat resumed>) = 7 [pid 14128] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14128] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14128] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14127] <... futex resumed>) = 0 [pid 14127] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14127] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14124] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 14124] exit_group(0 [pid 409] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14128] <... futex resumed>) = ? [pid 14124] <... exit_group resumed>) = ? [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14128] +++ exited with 0 +++ [pid 409] lstat("./497/bus", [pid 14129] <... futex resumed>) = 1 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14129] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14124] +++ exited with 0 +++ [pid 409] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14129] <... openat resumed>) = 8 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14124, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "./497/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14129] <... futex resumed>) = 1 [pid 14127] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 4 [pid 14129] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14127] exit_group(0 [pid 412] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] fstat(4, [pid 14135] <... write resumed>) = 1048576 [pid 14132] <... write resumed>) = 1048576 [pid 14129] <... futex resumed>) = ? [pid 14127] <... exit_group resumed>) = ? [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] getdents64(4, [pid 412] <... openat resumed>) = 3 [pid 14135] <... futex resumed>) = 1 [pid 14133] <... futex resumed>) = 0 [pid 14132] <... futex resumed>) = 1 [pid 14130] <... futex resumed>) = 0 [pid 412] fstat(3, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14135] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14129] +++ exited with 0 +++ [pid 14127] +++ exited with 0 +++ [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 408] <... umount2 resumed>) = 0 [pid 14132] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 250.795928][T14128] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 250.810557][T14129] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.825031][T14129] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 412] getdents64(3, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14133] <... futex resumed>) = 0 [pid 14130] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14127, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 409] close(4 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 409] <... close resumed>) = 0 [pid 408] lstat("./503/bus", [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] rmdir("./497/bus" [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] lstat("./500/binderfs", [pid 411] <... restart_syscall resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 408] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] getdents64(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] unlink("./500/binderfs" [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] openat(AT_FDCWD, "./503/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... unlink resumed>) = 0 [pid 411] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] close(3 [pid 408] <... openat resumed>) = 4 [pid 412] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... close resumed>) = 0 [pid 408] fstat(4, [pid 411] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] rmdir("./497" [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... openat resumed>) = 3 [pid 409] <... rmdir resumed>) = 0 [pid 408] getdents64(4, [pid 411] fstat(3, [pid 409] mkdir("./498", 0777 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 408] getdents64(4, [pid 411] getdents64(3, [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] <... openat resumed>) = 3 [pid 408] close(4 [pid 411] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] <... close resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] rmdir("./503/bus" [pid 411] lstat("./503/binderfs", [pid 409] close(3 [pid 408] <... rmdir resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... close resumed>) = 0 [pid 408] getdents64(3, [pid 411] unlink("./503/binderfs" [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... unlink resumed>) = 0 [pid 408] close(3 [pid 411] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14148 [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./503") = 0 [pid 408] mkdir("./504", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14149 [pid 14135] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14135] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14149 attached ./strace-static-x86_64: Process 14148 attached [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14149] set_robust_list(0x555555f755e0, 24 [pid 14148] set_robust_list(0x555555f755e0, 24 [pid 14135] <... openat resumed>) = 7 [pid 14132] <... openat resumed>) = 7 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... futex resumed>) = 1 [pid 14132] <... futex resumed>) = 1 [pid 14135] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14149] <... set_robust_list resumed>) = 0 [pid 14148] <... set_robust_list resumed>) = 0 [pid 14133] <... futex resumed>) = 0 [pid 14130] <... futex resumed>) = 0 [pid 14149] chdir("./504" [pid 14148] chdir("./498" [pid 14133] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14149] <... chdir resumed>) = 0 [pid 14148] <... chdir resumed>) = 0 [pid 14135] <... futex resumed>) = 0 [pid 14133] <... futex resumed>) = 1 [pid 14132] <... futex resumed>) = 0 [pid 14130] <... futex resumed>) = 1 [pid 14149] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14135] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14133] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14132] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14149] <... prctl resumed>) = 0 [pid 14148] <... prctl resumed>) = 0 [pid 14135] <... openat resumed>) = 8 [pid 14132] <... openat resumed>) = 8 [pid 14135] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14135] <... futex resumed>) = 1 [pid 14133] <... futex resumed>) = 0 [pid 14132] <... futex resumed>) = 1 [pid 14130] <... futex resumed>) = 0 [pid 14149] setpgid(0, 0 [pid 14148] setpgid(0, 0 [pid 14149] <... setpgid resumed>) = 0 [pid 14148] <... setpgid resumed>) = 0 [pid 14135] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14133] exit_group(0 [pid 14132] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14130] exit_group(0 [pid 14149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14135] <... futex resumed>) = ? [pid 14133] <... exit_group resumed>) = ? [pid 14132] <... futex resumed>) = ? [pid 14130] <... exit_group resumed>) = ? [pid 14149] <... openat resumed>) = 3 [pid 14148] <... openat resumed>) = 3 [pid 14135] +++ exited with 0 +++ [pid 14133] +++ exited with 0 +++ [pid 14132] +++ exited with 0 +++ [pid 14130] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14130, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14133, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 14149] write(3, "1000", 4) = 4 [pid 14149] close(3) = 0 [pid 410] <... restart_syscall resumed>) = 0 [pid 14149] symlink("/dev/binderfs", "./binderfs" [pid 407] <... restart_syscall resumed>) = 0 [pid 14149] <... symlink resumed>) = 0 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14149] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14149] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14148] write(3, "1000", 4 [pid 410] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14149] <... mmap resumed>) = 0x7f1c32416000 [pid 410] <... openat resumed>) = 3 [pid 407] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14149] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 410] fstat(3, [pid 407] <... openat resumed>) = 3 [pid 14149] <... mprotect resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] fstat(3, [pid 14149] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14148] <... write resumed>) = 4 [pid 410] getdents64(3, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14148] close(3 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] getdents64(3, [pid 14149] <... clone resumed>, parent_tid=[14150], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14150 [pid 14148] <... close resumed>) = 0 [pid 410] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] symlink("/dev/binderfs", "./binderfs" [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14149] <... futex resumed>) = 0 [pid 14148] <... symlink resumed>) = 0 [pid 410] lstat("./506/binderfs", [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] lstat("./496/binderfs", [pid 14148] <... futex resumed>) = 0 [pid 410] unlink("./506/binderfs" [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] <... unlink resumed>) = 0 [pid 407] unlink("./496/binderfs" [pid 14148] <... mmap resumed>) = 0x7f1c32416000 [pid 410] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... unlink resumed>) = 0 [pid 14148] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 407] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14148] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 14150 attached [pid 14150] set_robust_list(0x7f1c324369e0, 24 [pid 14148] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14150] <... set_robust_list resumed>) = 0 [pid 14150] memfd_create("syzkaller", 0 [pid 14148] <... clone resumed>, parent_tid=[14151], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14151 [pid 14150] <... memfd_create resumed>) = 3 [pid 14150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14151 attached [pid 14151] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14151] memfd_create("syzkaller", 0) = 3 [pid 14151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14150] munmap(0x7f1c2a016000, 1048576 [ 250.871572][T14132] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.886152][T14135] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 250.886407][T14132] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 250.900241][T14135] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14150] <... munmap resumed>) = 0 [pid 14150] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14151] <... write resumed>) = 1048576 [pid 14150] ioctl(4, LOOP_SET_FD, 3 [pid 14151] munmap(0x7f1c2a016000, 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./503/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./503/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 14151] <... munmap resumed>) = 0 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14151] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 411] getdents64(4, [pid 14151] <... openat resumed>) = 4 [pid 14150] <... ioctl resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, [pid 14151] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./503/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./503" [pid 410] <... umount2 resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./496/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] mkdir("./504", 0777 [pid 410] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] umount2("./496/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] lstat("./506/bus", [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "./496/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... openat resumed>) = 4 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./506/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] fstat(4, [pid 411] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] close(3) = 0 [pid 410] <... openat resumed>) = 4 [pid 14151] <... ioctl resumed>) = 0 [pid 14150] close(3 [pid 412] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14152 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 410] getdents64(4, [pid 407] <... close resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 407] rmdir("./496/bus") = 0 [pid 410] rmdir("./506/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 407] close(3) = 0 [pid 410] rmdir("./506") = 0 [pid 407] rmdir("./496") = 0 [pid 410] mkdir("./507", 0777) = 0 [pid 407] mkdir("./497", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 410] <... openat resumed>) = 3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 407] ioctl(3, LOOP_CLR_FD [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 407] close(3 [pid 410] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14154 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14153 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14150] <... close resumed>) = 0 [pid 412] lstat("./500/bus", [pid 14150] mkdir("./bus", 0777 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14150] <... mkdir resumed>) = 0 [pid 412] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./500/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 14150] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./500/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./500") = 0 [pid 412] mkdir("./501", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14155 ./strace-static-x86_64: Process 14152 attached [pid 14151] close(3) = 0 [pid 14151] mkdir("./bus", 0777) = 0 [pid 14151] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14153 attached ./strace-static-x86_64: Process 14154 attached [pid 14154] set_robust_list(0x555555f755e0, 24 [pid 14153] set_robust_list(0x555555f755e0, 24) = 0 [pid 14154] <... set_robust_list resumed>) = 0 [pid 14153] chdir("./507" [pid 14154] chdir("./497" [pid 14153] <... chdir resumed>) = 0 [pid 14154] <... chdir resumed>) = 0 [pid 14153] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14153] <... prctl resumed>) = 0 [pid 14154] <... prctl resumed>) = 0 [pid 14153] setpgid(0, 0 [pid 14154] setpgid(0, 0) = 0 [pid 14153] <... setpgid resumed>) = 0 [pid 14153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14153] <... openat resumed>) = 3 [pid 14152] set_robust_list(0x555555f755e0, 24 [pid 14154] <... openat resumed>) = 3 [pid 14153] write(3, "1000", 4) = 4 [pid 14154] write(3, "1000", 4 [pid 14153] close(3 [pid 14154] <... write resumed>) = 4 [pid 14153] <... close resumed>) = 0 [pid 14154] close(3) = 0 [pid 14153] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14152] <... set_robust_list resumed>) = 0 [pid 14152] chdir("./504" [pid 14154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14152] <... chdir resumed>) = 0 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] <... futex resumed>) = 0 [pid 14153] <... futex resumed>) = 0 [pid 14154] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14154] <... mmap resumed>) = 0x7f1c32416000 [pid 14153] <... mmap resumed>) = 0x7f1c32416000 [pid 14154] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14153] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14154] <... mprotect resumed>) = 0 [pid 14153] <... mprotect resumed>) = 0 [pid 14154] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14153] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14152] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14154] <... clone resumed>, parent_tid=[14157], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14157 [pid 14152] <... prctl resumed>) = 0 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] <... clone resumed>, parent_tid=[14158], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14158 [pid 14152] setpgid(0, 0 [pid 14154] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14152] <... setpgid resumed>) = 0 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14153] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 14158 attached [pid 14158] set_robust_list(0x7f1c324369e0, 24 [pid 14152] <... openat resumed>) = 3 [pid 14158] <... set_robust_list resumed>) = 0 [pid 14158] memfd_create("syzkaller", 0 [pid 14152] write(3, "1000", 4 [pid 14158] <... memfd_create resumed>) = 3 [pid 14158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14152] <... write resumed>) = 4 [pid 14152] close(3) = 0 [pid 14152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14152] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 14155 attached ) = 0 [pid 14152] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14161], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14161 [pid 14155] set_robust_list(0x555555f755e0, 24 [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14155] <... set_robust_list resumed>) = 0 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14155] chdir("./501") = 0 [pid 14155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14155] setpgid(0, 0) = 0 [ 250.953513][T14150] loop1: detected capacity change from 0 to 2048 [ 250.964086][T14151] loop2: detected capacity change from 0 to 2048 [pid 14155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 14161 attached ./strace-static-x86_64: Process 14157 attached ) = 3 [pid 14158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14155] write(3, "1000", 4) = 4 [pid 14155] close(3) = 0 [pid 14155] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14155] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14155] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14161] set_robust_list(0x7f1c324369e0, 24 [pid 14157] set_robust_list(0x7f1c324369e0, 24 [pid 14161] <... set_robust_list resumed>) = 0 [pid 14157] <... set_robust_list resumed>) = 0 [pid 14155] <... clone resumed>, parent_tid=[14163], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14163 [pid 14161] memfd_create("syzkaller", 0 [pid 14157] memfd_create("syzkaller", 0 [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14161] <... memfd_create resumed>) = 3 [pid 14161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14157] <... memfd_create resumed>) = 3 [pid 14155] <... futex resumed>) = 0 [pid 14161] <... mmap resumed>) = 0x7f1c2a016000 [pid 14157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14157] <... mmap resumed>) = 0x7f1c2a016000 ./strace-static-x86_64: Process 14163 attached [pid 14158] <... write resumed>) = 1048576 [pid 14157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14158] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14158] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14158] ioctl(4, LOOP_SET_FD, 3 [pid 14163] set_robust_list(0x7f1c324369e0, 24 [pid 14161] <... write resumed>) = 1048576 [pid 14157] <... write resumed>) = 1048576 [pid 14151] <... mount resumed>) = 0 [pid 14150] <... mount resumed>) = 0 [pid 14163] <... set_robust_list resumed>) = 0 [pid 14161] munmap(0x7f1c2a016000, 1048576 [pid 14151] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14150] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14163] memfd_create("syzkaller", 0 [pid 14161] <... munmap resumed>) = 0 [pid 14151] <... openat resumed>) = 3 [pid 14150] <... openat resumed>) = 3 [pid 14163] <... memfd_create resumed>) = 3 [pid 14161] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14151] chdir("./bus" [pid 14150] chdir("./bus" [pid 14163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14161] <... openat resumed>) = 4 [pid 14158] <... ioctl resumed>) = 0 [pid 14157] munmap(0x7f1c2a016000, 1048576 [pid 14151] <... chdir resumed>) = 0 [pid 14150] <... chdir resumed>) = 0 [pid 14163] <... mmap resumed>) = 0x7f1c2a016000 [pid 14161] ioctl(4, LOOP_SET_FD, 3 [pid 14151] ioctl(4, LOOP_CLR_FD [pid 14150] ioctl(4, LOOP_CLR_FD [pid 14158] close(3 [pid 14157] <... munmap resumed>) = 0 [pid 14158] <... close resumed>) = 0 [pid 14158] mkdir("./bus", 0777) = 0 [pid 14157] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14151] <... ioctl resumed>) = 0 [pid 14150] <... ioctl resumed>) = 0 [pid 14157] <... openat resumed>) = 4 [pid 14157] ioctl(4, LOOP_SET_FD, 3 [pid 14163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14161] <... ioctl resumed>) = 0 [pid 14158] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14151] close(4 [pid 14150] close(4 [pid 14163] <... write resumed>) = 1048576 [pid 14151] <... close resumed>) = 0 [pid 14150] <... close resumed>) = 0 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = 1 [pid 14150] <... futex resumed>) = 1 [pid 14149] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14151] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14150] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14150] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] <... futex resumed>) = 0 [pid 14151] chdir("./file0" [pid 14150] chdir("./file0" [pid 14149] <... futex resumed>) = 0 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14151] <... chdir resumed>) = 0 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14150] <... chdir resumed>) = 0 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = 1 [pid 14150] <... futex resumed>) = 1 [pid 14149] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14151] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14150] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14150] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14149] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14151] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14150] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] <... ioctl resumed>) = 0 [pid 14157] close(3) = 0 [pid 14157] mkdir("./bus", 0777) = 0 [pid 14157] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14150] <... open resumed>) = 4 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... open resumed>) = 4 [pid 14150] <... futex resumed>) = 1 [pid 14149] <... futex resumed>) = 0 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14150] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14150] <... openat resumed>) = 5 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = 1 [pid 14150] <... futex resumed>) = 1 [pid 14149] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14151] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14150] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14148] <... futex resumed>) = 0 [pid 14150] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14149] <... futex resumed>) = 0 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14151] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14150] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14151] <... openat resumed>) = 5 [pid 14150] <... write resumed>) = 196608 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14148] <... futex resumed>) = 0 [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14151] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14151] <... write resumed>) = 196608 [pid 14163] munmap(0x7f1c2a016000, 1048576 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = 1 [pid 14150] <... futex resumed>) = 1 [pid 14149] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14149] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14150] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14151] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14150] <... mount resumed>) = 0 [pid 14151] <... mount resumed>) = 0 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14163] <... munmap resumed>) = 0 [pid 14163] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14163] ioctl(4, LOOP_SET_FD, 3 [pid 14149] <... futex resumed>) = 0 [pid 14150] <... futex resumed>) = 1 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14150] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14151] <... futex resumed>) = 1 [pid 14148] <... futex resumed>) = 0 [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] <... open resumed>) = 6 [pid 14148] <... futex resumed>) = 0 [pid 14151] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14149] <... futex resumed>) = 0 [pid 14150] <... futex resumed>) = 1 [ 251.015421][T14150] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/504/bus supports timestamps until 2038 (0x7fffffff) [ 251.028155][T14151] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/498/bus supports timestamps until 2038 (0x7fffffff) [ 251.037927][T14158] loop3: detected capacity change from 0 to 2048 [ 251.050463][T14161] loop4: detected capacity change from 0 to 2048 [ 251.051575][T14157] loop0: detected capacity change from 0 to 2048 [pid 14151] <... open resumed>) = 6 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14149] <... futex resumed>) = 0 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14151] <... futex resumed>) = 1 [pid 14148] <... futex resumed>) = 0 [pid 14151] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14148] <... futex resumed>) = 0 [pid 14151] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14163] <... ioctl resumed>) = 0 [pid 14163] close(3) = 0 [pid 14163] mkdir("./bus", 0777) = 0 [pid 14163] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14161] close(3) = 0 [pid 14161] mkdir("./bus", 0777) = 0 [pid 14161] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14151] <... write resumed>) = 1048576 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14148] <... futex resumed>) = 0 [pid 14151] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14148] <... futex resumed>) = 0 [pid 14151] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 251.087597][T14163] loop5: detected capacity change from 0 to 2048 [ 251.111806][T14151] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14149] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14149] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14149] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14149] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14157] <... mount resumed>) = 0 [pid 14157] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14149] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14157] chdir("./bus" [pid 14149] <... clone resumed>, parent_tid=[14170], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14170 [pid 14149] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14149] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] <... chdir resumed>) = 0 [pid 14157] ioctl(4, LOOP_CLR_FD [pid 14150] <... write resumed>) = 1048576 [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14157] <... ioctl resumed>) = 0 [pid 14157] close(4) = 0 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] <... futex resumed>) = 0 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] <... futex resumed>) = 1 [pid 14157] chdir("./file0") = 0 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] <... futex resumed>) = 0 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] <... futex resumed>) = 1 [pid 14157] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] <... futex resumed>) = 0 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] <... futex resumed>) = 0 [pid 14150] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14154] <... futex resumed>) = 0 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] <... futex resumed>) = 1 [pid 14157] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] <... futex resumed>) = 0 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] <... futex resumed>) = 1 [pid 14157] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14148] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) ./strace-static-x86_64: Process 14170 attached [pid 14170] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14170] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14161] <... mount resumed>) = 0 [pid 14157] <... write resumed>) = 196608 [pid 14148] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14161] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14148] <... futex resumed>) = 0 [pid 14161] <... openat resumed>) = 3 [pid 14148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14161] chdir("./bus" [pid 14148] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14161] <... chdir resumed>) = 0 [pid 14148] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14161] ioctl(4, LOOP_CLR_FD [pid 14148] <... mprotect resumed>) = 0 [pid 14161] <... ioctl resumed>) = 0 [pid 14148] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14161] close(4) = 0 [pid 14148] <... clone resumed>, parent_tid=[14173], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14173 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14161] <... futex resumed>) = 1 [pid 14152] <... futex resumed>) = 0 [pid 14148] <... futex resumed>) = 0 [pid 14161] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14148] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14161] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14152] <... futex resumed>) = 0 [pid 14161] chdir("./file0" [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 251.126450][T14161] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/504/bus supports timestamps until 2038 (0x7fffffff) [ 251.126617][T14157] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/497/bus supports timestamps until 2038 (0x7fffffff) [ 251.161557][T14151] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 251.166344][T14170] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14157] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14173 attached [pid 14163] <... mount resumed>) = 0 [pid 14161] <... chdir resumed>) = 0 [pid 14154] <... futex resumed>) = 0 [pid 14151] <... openat resumed>) = 7 [pid 14173] set_robust_list(0x7f1c2a1159e0, 24 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14173] <... set_robust_list resumed>) = 0 [pid 14161] <... futex resumed>) = 1 [pid 14157] <... futex resumed>) = 0 [pid 14154] <... futex resumed>) = 1 [pid 14152] <... futex resumed>) = 0 [pid 14151] <... futex resumed>) = 0 [pid 14173] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14161] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14157] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14151] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14173] <... openat resumed>) = 8 [pid 14161] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14157] <... mount resumed>) = 0 [pid 14152] <... futex resumed>) = 0 [pid 14173] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14161] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14173] <... futex resumed>) = 1 [pid 14163] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14161] <... open resumed>) = 4 [pid 14158] <... mount resumed>) = 0 [pid 14157] <... futex resumed>) = 1 [pid 14154] <... futex resumed>) = 0 [pid 14149] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14148] <... futex resumed>) = 0 [pid 14173] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14170] <... openat resumed>) = 7 [pid 14163] <... openat resumed>) = 3 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14157] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14149] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14170] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14163] chdir("./bus" [pid 14161] <... futex resumed>) = 1 [pid 14157] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14154] <... futex resumed>) = 0 [pid 14152] <... futex resumed>) = 0 [pid 14150] <... futex resumed>) = 0 [pid 14149] <... futex resumed>) = 1 [pid 14148] exit_group(0 [pid 14170] <... futex resumed>) = 0 [pid 14163] <... chdir resumed>) = 0 [pid 14161] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14157] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14149] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14148] <... exit_group resumed>) = ? [pid 14173] <... futex resumed>) = ? [pid 14151] <... futex resumed>) = ? [pid 14170] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14163] ioctl(4, LOOP_CLR_FD [pid 14161] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14158] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14157] <... open resumed>) = 6 [pid 14152] <... futex resumed>) = 0 [pid 14150] <... openat resumed>) = 8 [pid 14173] +++ exited with 0 +++ [pid 14163] <... ioctl resumed>) = 0 [pid 14161] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14150] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14163] close(4 [pid 14150] <... futex resumed>) = 1 [pid 14149] <... futex resumed>) = 0 [pid 14163] <... close resumed>) = 0 [pid 14161] <... openat resumed>) = 5 [pid 14150] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14149] exit_group(0 [pid 14170] <... futex resumed>) = ? [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14150] <... futex resumed>) = ? [pid 14149] <... exit_group resumed>) = ? [pid 14170] +++ exited with 0 +++ [pid 14163] <... futex resumed>) = 1 [pid 14155] <... futex resumed>) = 0 [pid 14150] +++ exited with 0 +++ [pid 14149] +++ exited with 0 +++ [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14155] <... futex resumed>) = 0 [pid 14163] chdir("./file0" [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14163] <... chdir resumed>) = 0 [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14157] <... futex resumed>) = 1 [pid 14155] <... futex resumed>) = 0 [pid 14154] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14149, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14155] <... futex resumed>) = 0 [pid 14163] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14161] <... futex resumed>) = 1 [pid 14157] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14152] <... futex resumed>) = 0 [pid 14163] <... open resumed>) = 4 [pid 14154] <... futex resumed>) = 0 [pid 14158] <... openat resumed>) = 3 [pid 14158] chdir("./bus") = 0 [pid 14158] ioctl(4, LOOP_CLR_FD) = 0 [pid 14158] close(4) = 0 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14158] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14151] +++ exited with 0 +++ [pid 14148] +++ exited with 0 +++ [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14161] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14153] <... futex resumed>) = 0 [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14148, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14152] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14163] <... futex resumed>) = 1 [pid 14155] <... futex resumed>) = 0 [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14155] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 14161] <... write resumed>) = 196608 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14163] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] fstat(3, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14163] <... openat resumed>) = 5 [pid 409] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] getdents64(3, [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 3 [pid 14163] <... futex resumed>) = 1 [pid 14155] <... futex resumed>) = 0 [pid 409] fstat(3, [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14163] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14155] <... futex resumed>) = 0 [pid 409] getdents64(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14158] <... futex resumed>) = 0 [pid 14158] chdir("./file0") = 0 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] lstat("./504/binderfs", [pid 14158] <... futex resumed>) = 1 [pid 14158] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14153] <... futex resumed>) = 0 [pid 409] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14161] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14163] <... write resumed>) = 196608 [pid 14158] <... futex resumed>) = 0 [pid 14153] <... futex resumed>) = 1 [pid 14152] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] unlink("./504/binderfs" [pid 14158] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14157] <... write resumed>) = 1048576 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14161] <... futex resumed>) = 0 [pid 14161] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14155] <... futex resumed>) = 0 [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./498/binderfs", [pid 14161] <... mount resumed>) = 0 [pid 14155] <... futex resumed>) = 1 [pid 408] <... unlink resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14152] <... futex resumed>) = 0 [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14152] <... futex resumed>) = 0 [pid 409] unlink("./498/binderfs" [pid 408] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14161] <... futex resumed>) = 1 [pid 14161] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 409] <... unlink resumed>) = 0 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14152] <... futex resumed>) = 0 [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14161] <... futex resumed>) = 1 [pid 14161] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14157] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14163] <... futex resumed>) = 0 [pid 14163] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14158] <... open resumed>) = 4 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14158] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14155] <... futex resumed>) = 0 [pid 14154] <... futex resumed>) = 0 [pid 14153] <... futex resumed>) = 0 [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] <... futex resumed>) = 1 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] <... futex resumed>) = 1 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14153] <... futex resumed>) = 1 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14154] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] <... futex resumed>) = 0 [pid 14163] <... futex resumed>) = 0 [pid 14157] <... futex resumed>) = 0 [pid 14158] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14158] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14163] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14157] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14155] <... futex resumed>) = 0 [pid 14153] <... futex resumed>) = 0 [pid 14161] <... write resumed>) = 1048576 [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] <... futex resumed>) = 1 [pid 14153] <... futex resumed>) = 1 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] <... futex resumed>) = 0 [ 251.175524][T14163] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/501/bus supports timestamps until 2038 (0x7fffffff) [ 251.188026][T14158] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/507/bus supports timestamps until 2038 (0x7fffffff) [ 251.195545][T14170] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14158] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14163] <... futex resumed>) = 0 [pid 14163] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14158] <... write resumed>) = 196608 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] <... futex resumed>) = 1 [pid 14158] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] <... futex resumed>) = 1 [pid 14158] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] <... futex resumed>) = 1 [pid 14158] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14152] <... futex resumed>) = 0 [pid 14152] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14161] <... futex resumed>) = 1 [pid 14161] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14158] <... write resumed>) = 1048576 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 409] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./498/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./498/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./498/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./498") = 0 [pid 409] mkdir("./499", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 251.261494][T14157] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.276570][T14157] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 251.286468][T14161] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14174 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14153] <... futex resumed>) = 0 [pid 14158] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./504/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./504/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14153] <... futex resumed>) = 1 [pid 14158] <... futex resumed>) = 0 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14174 attached [pid 14163] <... write resumed>) = 1048576 [pid 14161] <... openat resumed>) = 7 [pid 14157] <... openat resumed>) = 7 [pid 14155] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14154] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] getdents64(4, [pid 14155] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] <... futex resumed>) = 0 [pid 14154] <... futex resumed>) = 0 [pid 14155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14154] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14155] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14154] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14155] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14154] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14155] <... mprotect resumed>) = 0 [pid 14154] <... mprotect resumed>) = 0 [pid 14155] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14154] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14155] <... clone resumed>, parent_tid=[14176], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14176 [pid 14154] <... clone resumed>, parent_tid=[14175], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14175 [pid 14155] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14154] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] <... futex resumed>) = 0 [pid 14154] <... futex resumed>) = 0 [pid 14155] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14154] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./504/bus") = 0 [pid 14157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14157] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./504") = 0 [pid 408] mkdir("./505", 0777 [pid 14152] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14152] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14152] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14152] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14152] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14177], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14177 [pid 14152] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14152] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... mkdir resumed>) = 0 [pid 14163] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] <... openat resumed>) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14178 [pid 14161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14161] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14174] set_robust_list(0x555555f755e0, 24) = 0 [pid 14174] chdir("./499") = 0 [pid 14174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14174] setpgid(0, 0) = 0 [pid 14174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14174] write(3, "1000", 4) = 4 [pid 14174] close(3) = 0 [pid 14174] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 14175 attached ./strace-static-x86_64: Process 14178 attached ./strace-static-x86_64: Process 14177 attached ./strace-static-x86_64: Process 14176 attached [pid 14158] <... openat resumed>) = 7 [pid 14174] <... symlink resumed>) = 0 [pid 14175] set_robust_list(0x7f1c2a1159e0, 24 [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14176] set_robust_list(0x7f1c2a1159e0, 24 [pid 14177] set_robust_list(0x7f1c2a1159e0, 24 [pid 14175] <... set_robust_list resumed>) = 0 [pid 14158] <... futex resumed>) = 1 [pid 14153] <... futex resumed>) = 0 [pid 14176] <... set_robust_list resumed>) = 0 [pid 14177] <... set_robust_list resumed>) = 0 [pid 14175] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14158] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14153] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14178] set_robust_list(0x555555f755e0, 24 [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14158] <... openat resumed>) = 8 [pid 14153] <... futex resumed>) = 0 [pid 14175] <... openat resumed>) = 8 [pid 14153] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14176] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14153] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14153] exit_group(0 [pid 14175] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14153] <... exit_group resumed>) = ? [pid 14177] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14177] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14152] <... futex resumed>) = 0 [pid 14177] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14152] exit_group(0 [pid 14177] <... futex resumed>) = ? [pid 14161] <... futex resumed>) = ? [pid 14152] <... exit_group resumed>) = ? [pid 14177] +++ exited with 0 +++ [pid 14161] +++ exited with 0 +++ [pid 14152] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14152, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 411] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./504/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./504/binderfs") = 0 [pid 411] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14178] <... set_robust_list resumed>) = 0 [pid 14178] chdir("./505") = 0 [pid 14178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14178] setpgid(0, 0) = 0 [pid 14178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14178] write(3, "1000", 4) = 4 [pid 14178] close(3) = 0 [pid 14178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14178] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14178] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14178] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14179], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14179 [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14179 attached [pid 14179] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14179] memfd_create("syzkaller", 0) = 3 [pid 14179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14175] <... futex resumed>) = 1 [pid 14174] <... futex resumed>) = 0 [pid 14158] <... futex resumed>) = ? [pid 14154] <... futex resumed>) = 0 [ 251.308249][T14161] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 251.309103][T14158] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.331091][T14158] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 251.342331][T14176] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14175] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14174] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14158] +++ exited with 0 +++ [pid 14154] exit_group(0 [pid 14153] +++ exited with 0 +++ [pid 14157] <... futex resumed>) = ? [pid 14154] <... exit_group resumed>) = ? [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14153, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14157] +++ exited with 0 +++ [pid 410] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./507/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./507/binderfs") = 0 [pid 410] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14175] <... futex resumed>) = ? [pid 14174] <... mmap resumed>) = 0x7f1c32416000 [pid 14179] <... write resumed>) = 1048576 [pid 14176] <... openat resumed>) = 7 [pid 14175] +++ exited with 0 +++ [pid 14174] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14154] +++ exited with 0 +++ [pid 14174] <... mprotect resumed>) = 0 [pid 14174] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14154, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14174] <... clone resumed>, parent_tid=[14180], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14180 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14179] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14155] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14179] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14179] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14180 attached [pid 14176] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14179] <... ioctl resumed>) = 0 [pid 14155] <... futex resumed>) = 1 [pid 407] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14163] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14163] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14179] close(3 [pid 14180] set_robust_list(0x7f1c324369e0, 24 [pid 14179] <... close resumed>) = 0 [pid 14180] <... set_robust_list resumed>) = 0 [pid 14179] mkdir("./bus", 0777 [pid 14180] memfd_create("syzkaller", 0 [pid 14179] <... mkdir resumed>) = 0 [pid 14180] <... memfd_create resumed>) = 3 [pid 14163] <... openat resumed>) = 8 [pid 14155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 407] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14180] <... mmap resumed>) = 0x7f1c2a016000 [pid 407] <... openat resumed>) = 3 [pid 14163] <... futex resumed>) = 1 [pid 14155] <... futex resumed>) = 0 [pid 14155] exit_group(0 [pid 14179] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14155] <... exit_group resumed>) = ? [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14163] +++ exited with 0 +++ [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./497/binderfs") = 0 [pid 407] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14180] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14180] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14180] ioctl(4, LOOP_SET_FD, 3 [pid 14176] <... futex resumed>) = ? [pid 14180] <... ioctl resumed>) = 0 [pid 14176] +++ exited with 0 +++ [pid 14155] +++ exited with 0 +++ [pid 14180] close(3) = 0 [pid 14180] mkdir("./bus", 0777) = 0 [pid 14180] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14155, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 251.360981][T14176] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 251.373540][T14179] loop1: detected capacity change from 0 to 2048 [ 251.392319][T14180] loop2: detected capacity change from 0 to 2048 [pid 412] getdents64(3, [pid 14179] <... mount resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 412] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./501/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./501/binderfs") = 0 [pid 412] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./497/bus", [pid 411] lstat("./504/bus", [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./497/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./497/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "./504/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... openat resumed>) = 4 [pid 411] <... openat resumed>) = 4 [pid 411] fstat(4, [pid 407] fstat(4, [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 407] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, [pid 411] getdents64(4, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 411] close(4 [pid 407] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 407] rmdir("./497/bus" [pid 411] rmdir("./504/bus" [pid 407] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] getdents64(3, [pid 411] close(3 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... close resumed>) = 0 [pid 407] close(3) = 0 [pid 411] rmdir("./504" [pid 407] rmdir("./497") = 0 [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./505", 0777 [pid 407] mkdir("./498", 0777 [pid 411] <... mkdir resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 407] ioctl(3, LOOP_CLR_FD [pid 411] <... openat resumed>) = 3 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 407] <... close resumed>) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... close resumed>) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14185 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14186 [pid 14179] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14179] chdir("./bus") = 0 [pid 410] <... umount2 resumed>) = 0 [pid 14179] ioctl(4, LOOP_CLR_FD) = 0 [pid 14179] close(4) = 0 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14178] <... futex resumed>) = 0 [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14179] <... futex resumed>) = 1 [pid 14179] chdir("./file0") = 0 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14178] <... futex resumed>) = 0 [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14179] <... futex resumed>) = 1 [pid 14179] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 ./strace-static-x86_64: Process 14186 attached ./strace-static-x86_64: Process 14185 attached [pid 14180] <... mount resumed>) = 0 [pid 410] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14180] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14180] <... openat resumed>) = 3 [pid 14179] <... futex resumed>) = 1 [pid 14180] chdir("./bus" [pid 14179] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14178] <... futex resumed>) = 0 [pid 14180] <... chdir resumed>) = 0 [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] set_robust_list(0x555555f755e0, 24 [pid 14180] ioctl(4, LOOP_CLR_FD [pid 14178] <... futex resumed>) = 1 [pid 14179] <... futex resumed>) = 0 [pid 14185] <... set_robust_list resumed>) = 0 [pid 14180] <... ioctl resumed>) = 0 [pid 14179] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] close(4 [pid 14179] <... openat resumed>) = 5 [pid 14180] <... close resumed>) = 0 [pid 410] lstat("./507/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./507/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./507/bus") = 0 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14180] <... futex resumed>) = 1 [pid 14174] <... futex resumed>) = 0 [pid 14179] <... futex resumed>) = 1 [pid 14178] <... futex resumed>) = 0 [pid 14185] chdir("./498" [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14179] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... chdir resumed>) = 0 [pid 14180] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14179] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14178] <... futex resumed>) = 0 [pid 14174] <... futex resumed>) = 0 [pid 14185] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14180] chdir("./file0" [pid 14179] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] <... chdir resumed>) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./507") = 0 [pid 410] mkdir("./508", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 14179] <... write resumed>) = 196608 [pid 410] <... close resumed>) = 0 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14174] <... futex resumed>) = 0 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14180] <... futex resumed>) = 0 [pid 14178] <... futex resumed>) = 0 [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14179] <... futex resumed>) = 1 [pid 14180] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] <... open resumed>) = 4 [pid 14179] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14187 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14179] <... mount resumed>) = 0 [pid 14174] <... futex resumed>) = 0 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... prctl resumed>) = 0 [pid 14180] <... futex resumed>) = 0 [pid 14178] <... futex resumed>) = 0 [pid 14174] <... futex resumed>) = 1 [pid 14179] <... futex resumed>) = 1 [pid 14185] setpgid(0, 0 [pid 14180] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14179] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14185] <... setpgid resumed>) = 0 [pid 14180] <... openat resumed>) = 5 [pid 14179] <... open resumed>) = 6 [pid 14178] <... futex resumed>) = 0 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] <... futex resumed>) = 1 [pid 14174] <... futex resumed>) = 0 [pid 14178] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14179] <... futex resumed>) = 0 [pid 14185] <... openat resumed>) = 3 [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14179] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14185] write(3, "1000", 4 [pid 14180] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14178] <... futex resumed>) = 0 [pid 14174] <... futex resumed>) = 0 [pid 14180] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] set_robust_list(0x555555f755e0, 24) = 0 [pid 14186] chdir("./505") = 0 [pid 14186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14186] setpgid(0, 0) = 0 [pid 14186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14186] write(3, "1000", 4) = 4 [pid 14186] close(3) = 0 [pid 14186] symlink("/dev/binderfs", "./binderfs" [pid 14180] <... write resumed>) = 196608 [pid 14186] <... symlink resumed>) = 0 [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14186] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14185] <... write resumed>) = 4 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] close(3 [pid 14180] <... futex resumed>) = 1 [pid 14174] <... futex resumed>) = 0 [pid 14185] <... close resumed>) = 0 [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 14186] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14185] symlink("/dev/binderfs", "./binderfs" [pid 14180] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14174] <... futex resumed>) = 0 [pid 412] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14186] <... mprotect resumed>) = 0 [pid 14185] <... symlink resumed>) = 0 [pid 14180] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14186] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14180] <... mount resumed>) = 0 [pid 412] lstat("./501/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14186] <... clone resumed>, parent_tid=[14188], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14188 [pid 412] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14186] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./501/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... openat resumed>) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./501/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./501") = 0 [pid 412] mkdir("./502", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14189 [pid 14185] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14180] <... futex resumed>) = 1 [pid 14174] <... futex resumed>) = 0 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14180] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] <... open resumed>) = 6 [pid 14185] <... mmap resumed>) = 0x7f1c32416000 ./strace-static-x86_64: Process 14189 attached [pid 14189] set_robust_list(0x555555f755e0, 24) = 0 [pid 14189] chdir("./502" [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] <... futex resumed>) = 0 [pid 14180] <... futex resumed>) = 1 [pid 14185] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... mprotect resumed>) = 0 [pid 14180] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14174] <... futex resumed>) = 0 [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14189] <... chdir resumed>) = 0 [pid 14189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14189] setpgid(0, 0) = 0 [pid 14189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14189] write(3, "1000", 4) = 4 [pid 14189] close(3) = 0 [pid 14189] symlink("/dev/binderfs", "./binderfs") = 0 [ 251.401715][T14179] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/505/bus supports timestamps until 2038 (0x7fffffff) [ 251.411528][T14180] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/499/bus supports timestamps until 2038 (0x7fffffff) [pid 14185] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14189] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14189] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14189] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14185] <... clone resumed>, parent_tid=[14190], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14190 [pid 14189] <... clone resumed>, parent_tid=[14191], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14191 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14189] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14191 attached [pid 14191] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14191] memfd_create("syzkaller", 0) = 3 [pid 14191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 14190 attached [pid 14190] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14190] memfd_create("syzkaller", 0) = 3 [pid 14190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14191] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14191] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14191] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14188 attached ./strace-static-x86_64: Process 14187 attached [pid 14178] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14178] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] set_robust_list(0x7f1c324369e0, 24 [pid 14178] <... futex resumed>) = 0 [pid 14178] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14188] <... set_robust_list resumed>) = 0 [pid 14187] set_robust_list(0x555555f755e0, 24 [pid 14178] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14178] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14188] memfd_create("syzkaller", 0 [pid 14187] <... set_robust_list resumed>) = 0 [pid 14178] <... mprotect resumed>) = 0 [pid 14188] <... memfd_create resumed>) = 3 [pid 14187] chdir("./508" [pid 14178] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14187] <... chdir resumed>) = 0 [pid 14187] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14178] <... clone resumed>, parent_tid=[14192], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14192 [pid 14178] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] <... prctl resumed>) = 0 [pid 14178] <... futex resumed>) = 0 [pid 14178] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14187] setpgid(0, 0 [pid 14191] <... ioctl resumed>) = 0 [pid 14191] close(3) = 0 [pid 14191] mkdir("./bus", 0777) = 0 [pid 14191] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14187] <... setpgid resumed>) = 0 [pid 14187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14187] write(3, "1000", 4) = 4 [pid 14187] close(3) = 0 [pid 14187] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14187] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14187] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14187] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14174] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14187] <... clone resumed>, parent_tid=[14193], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14193 [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14174] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14174] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14174] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14179] <... write resumed>) = 1048576 [pid 14174] <... futex resumed>) = 0 [pid 14174] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14179] <... futex resumed>) = 0 [pid 14174] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14179] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14174] <... mprotect resumed>) = 0 [pid 14174] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14192 attached [pid 14174] <... clone resumed>, parent_tid=[14195], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14195 [pid 14192] set_robust_list(0x7f1c2a1159e0, 24 [pid 14174] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14192] <... set_robust_list resumed>) = 0 [pid 14174] <... futex resumed>) = 0 [pid 14192] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14174] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] <... write resumed>) = 1048576 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14193 attached [pid 14193] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14193] memfd_create("syzkaller", 0) = 3 [pid 14193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14190] <... write resumed>) = 1048576 [pid 14190] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14190] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14195 attached [pid 14188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [ 251.497010][T14191] loop5: detected capacity change from 0 to 2048 [ 251.524216][T14192] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.536411][T14190] loop0: detected capacity change from 0 to 2048 [pid 14193] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14193] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14193] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14195] set_robust_list(0x7f1c2a1159e0, 24 [pid 14193] <... openat resumed>) = 4 [pid 14193] ioctl(4, LOOP_SET_FD, 3 [pid 14195] <... set_robust_list resumed>) = 0 [pid 14192] <... openat resumed>) = 7 [pid 14190] <... ioctl resumed>) = 0 [pid 14188] <... write resumed>) = 1048576 [pid 14195] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14188] munmap(0x7f1c2a016000, 1048576 [pid 14193] <... ioctl resumed>) = 0 [pid 14190] close(3 [pid 14188] <... munmap resumed>) = 0 [pid 14178] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14174] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14190] <... close resumed>) = 0 [pid 14188] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14178] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14174] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14190] mkdir("./bus", 0777 [pid 14188] <... openat resumed>) = 4 [pid 14179] <... futex resumed>) = 0 [pid 14178] <... futex resumed>) = 1 [pid 14174] <... futex resumed>) = 1 [pid 14190] <... mkdir resumed>) = 0 [pid 14188] ioctl(4, LOOP_SET_FD, 3 [pid 14179] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14178] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 251.540166][T14192] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 251.554364][T14193] loop3: detected capacity change from 0 to 2048 [ 251.557573][T14195] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.562670][T14191] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/502/bus supports timestamps until 2038 (0x7fffffff) [ 251.576290][T14188] loop4: detected capacity change from 0 to 2048 [pid 14174] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14190] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14180] <... futex resumed>) = 0 [pid 14179] <... openat resumed>) = 8 [pid 14179] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14180] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14179] <... futex resumed>) = 1 [pid 14178] <... futex resumed>) = 0 [pid 14179] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14192] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14192] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14191] <... mount resumed>) = 0 [pid 14191] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14191] chdir("./bus") = 0 [pid 14191] ioctl(4, LOOP_CLR_FD) = 0 [pid 14191] close(4 [pid 14178] exit_group(0 [pid 14192] <... futex resumed>) = ? [pid 14179] <... futex resumed>) = ? [pid 14178] <... exit_group resumed>) = ? [pid 14192] +++ exited with 0 +++ [pid 14179] +++ exited with 0 +++ [pid 14178] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14178, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./505/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./505/binderfs") = 0 [pid 408] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14191] <... close resumed>) = 0 [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14189] <... futex resumed>) = 0 [pid 14191] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] <... futex resumed>) = 0 [pid 14189] <... futex resumed>) = 1 [pid 14191] chdir("./file0" [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14195] <... openat resumed>) = 7 [pid 14195] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] <... chdir resumed>) = 0 [pid 14195] <... futex resumed>) = 0 [pid 14180] <... openat resumed>) = 8 [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14195] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14191] <... futex resumed>) = 1 [pid 14189] <... futex resumed>) = 0 [pid 14180] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14180] <... futex resumed>) = 1 [pid 14189] <... futex resumed>) = 0 [pid 14174] <... futex resumed>) = 0 [pid 14191] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14180] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14174] exit_group(0 [pid 14195] <... futex resumed>) = ? [pid 14180] <... futex resumed>) = ? [pid 14174] <... exit_group resumed>) = ? [pid 14195] +++ exited with 0 +++ [pid 14191] <... open resumed>) = 4 [pid 14180] +++ exited with 0 +++ [pid 14174] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14174, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 409] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./499/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./499/binderfs") = 0 [pid 409] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14188] <... ioctl resumed>) = 0 [pid 14188] close(3) = 0 [pid 14188] mkdir("./bus", 0777 [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14189] <... futex resumed>) = 0 [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14191] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14191] <... openat resumed>) = 5 [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14189] <... futex resumed>) = 0 [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14189] <... futex resumed>) = 0 [pid 14188] <... mkdir resumed>) = 0 [pid 14188] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14193] close(3) = 0 [pid 14193] mkdir("./bus", 0777) = 0 [pid 14193] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14191] <... write resumed>) = 196608 [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = 0 [ 251.587203][T14195] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14191] <... futex resumed>) = 1 [pid 14189] <... futex resumed>) = 0 [pid 408] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./505/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./505/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./505/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./505") = 0 [pid 408] mkdir("./506", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = 0 [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14199 [pid 14191] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14191] <... mount resumed>) = 0 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14189] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14189] <... futex resumed>) = 0 [pid 14191] <... open resumed>) = 6 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14189] <... futex resumed>) = 0 [pid 14191] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14199 attached [pid 14199] set_robust_list(0x555555f755e0, 24 [pid 14191] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14189] <... futex resumed>) = 0 [pid 14199] <... set_robust_list resumed>) = 0 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14191] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14199] chdir("./506") = 0 [pid 14199] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14199] setpgid(0, 0) = 0 [pid 14199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14199] write(3, "1000", 4) = 4 [pid 14199] close(3) = 0 [pid 14199] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14199] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14199] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14199] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14200], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14200 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14200 attached [pid 14200] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14200] memfd_create("syzkaller", 0) = 3 [pid 14200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14190] <... mount resumed>) = 0 [pid 14190] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./499/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./499/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14190] <... openat resumed>) = 3 [pid 409] <... openat resumed>) = 4 [pid 14190] chdir("./bus") = 0 [pid 14190] ioctl(4, LOOP_CLR_FD) = 0 [pid 14190] close(4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 14190] <... close resumed>) = 0 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14190] <... futex resumed>) = 1 [pid 14190] chdir("./file0" [pid 409] getdents64(4, [pid 14190] <... chdir resumed>) = 0 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] close(4 [pid 14190] <... futex resumed>) = 1 [pid 14190] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./499/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./499" [pid 14190] <... open resumed>) = 4 [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./500", 0777 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... mkdir resumed>) = 0 [pid 14190] <... futex resumed>) = 1 [pid 14190] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [ 251.630282][T14190] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/498/bus supports timestamps until 2038 (0x7fffffff) [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14191] <... write resumed>) = 1048576 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14205 [pid 14190] <... openat resumed>) = 5 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14190] <... futex resumed>) = 1 [pid 14190] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14190] <... futex resumed>) = 1 [pid 14190] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14190] <... futex resumed>) = 1 [pid 14190] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14190] <... futex resumed>) = 1 [pid 14190] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14200] <... write resumed>) = 1048576 [pid 14200] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14200] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14189] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14189] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14205 attached [pid 14205] set_robust_list(0x555555f755e0, 24) = 0 [pid 14205] chdir("./500") = 0 [pid 14205] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14205] setpgid(0, 0) = 0 [pid 14205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14205] write(3, "1000", 4) = 4 [pid 14205] close(3) = 0 [pid 14205] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14205] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14205] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14205] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14206], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14206 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14206 attached [pid 14206] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14206] memfd_create("syzkaller", 0) = 3 [pid 14206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14200] <... openat resumed>) = 4 [pid 14200] ioctl(4, LOOP_SET_FD, 3 [pid 14206] <... write resumed>) = 1048576 [pid 14193] <... mount resumed>) = 0 [pid 14191] <... futex resumed>) = 1 [pid 14190] <... write resumed>) = 1048576 [pid 14189] <... futex resumed>) = 0 [pid 14188] <... mount resumed>) = 0 [pid 14206] munmap(0x7f1c2a016000, 1048576 [pid 14193] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14191] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14189] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=32000000} [pid 14206] <... munmap resumed>) = 0 [pid 14200] <... ioctl resumed>) = 0 [pid 14193] <... openat resumed>) = 3 [pid 14190] <... futex resumed>) = 1 [pid 14188] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14185] <... futex resumed>) = 0 [pid 14206] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14193] chdir("./bus" [pid 14190] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 251.682399][T14188] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/505/bus supports timestamps until 2038 (0x7fffffff) [ 251.696988][T14193] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/508/bus supports timestamps until 2038 (0x7fffffff) [ 251.711507][T14200] loop1: detected capacity change from 0 to 2048 [ 251.715886][T14191] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14206] <... openat resumed>) = 4 [pid 14193] <... chdir resumed>) = 0 [pid 14185] <... futex resumed>) = 0 [pid 14206] ioctl(4, LOOP_SET_FD, 3 [pid 14193] ioctl(4, LOOP_CLR_FD [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14200] close(3 [pid 14193] <... ioctl resumed>) = 0 [pid 14189] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14188] <... openat resumed>) = 3 [pid 14200] <... close resumed>) = 0 [pid 14189] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] chdir("./bus" [pid 14200] mkdir("./bus", 0777 [pid 14189] <... futex resumed>) = 0 [pid 14188] <... chdir resumed>) = 0 [pid 14200] <... mkdir resumed>) = 0 [pid 14189] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14188] ioctl(4, LOOP_CLR_FD [pid 14200] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14189] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14188] <... ioctl resumed>) = 0 [pid 14193] close(4 [pid 14191] <... openat resumed>) = 7 [pid 14189] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14188] close(4 [pid 14193] <... close resumed>) = 0 [pid 14191] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14189] <... mprotect resumed>) = 0 [pid 14188] <... close resumed>) = 0 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14191] <... futex resumed>) = 0 [pid 14189] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14186] <... futex resumed>) = 0 [pid 14189] <... clone resumed>, parent_tid=[14207], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14207 [pid 14188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14189] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14186] <... futex resumed>) = 0 [pid 14189] <... futex resumed>) = 0 [pid 14188] chdir("./file0" [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14189] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14188] <... chdir resumed>) = 0 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14186] <... futex resumed>) = 0 [pid 14188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14186] <... futex resumed>) = 0 [pid 14188] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14193] <... futex resumed>) = 1 [pid 14191] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14187] <... futex resumed>) = 0 [pid 14193] chdir("./file0" [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... open resumed>) = 4 [pid 14187] <... futex resumed>) = 0 [pid 14193] <... chdir resumed>) = 0 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... futex resumed>) = 1 [pid 14187] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14186] <... futex resumed>) = 0 [pid 14193] <... futex resumed>) = 0 [pid 14188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14193] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14188] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14187] <... futex resumed>) = 0 [pid 14186] <... futex resumed>) = 0 [pid 14188] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14206] <... ioctl resumed>) = 0 [pid 14188] <... openat resumed>) = 5 [pid 14206] close(3) = 0 [pid 14206] mkdir("./bus", 0777) = 0 [pid 14206] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14193] <... open resumed>) = 4 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14187] <... futex resumed>) = 0 [pid 14193] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14193] <... openat resumed>) = 5 [pid 14187] <... futex resumed>) = 0 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... futex resumed>) = 1 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] <... futex resumed>) = 0 [pid 14193] <... futex resumed>) = 0 [pid 14187] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14193] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] <... futex resumed>) = 0 [pid 14193] <... write resumed>) = 196608 [pid 14188] <... write resumed>) = 196608 [pid 14187] <... futex resumed>) = 0 [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14193] <... futex resumed>) = 0 [pid 14188] <... futex resumed>) = 0 [pid 14187] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] <... futex resumed>) = 0 [pid 14187] <... futex resumed>) = 0 [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14193] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14188] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14193] <... mount resumed>) = 0 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... mount resumed>) = 0 [pid 14187] <... futex resumed>) = 0 [pid 14193] <... futex resumed>) = 1 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14193] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14188] <... futex resumed>) = 1 [pid 14187] <... futex resumed>) = 0 [pid 14186] <... futex resumed>) = 0 [pid 14193] <... open resumed>) = 6 [pid 14188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14187] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14186] <... futex resumed>) = 0 [pid 14193] <... futex resumed>) = 0 [pid 14188] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14193] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14188] <... open resumed>) = 6 [pid 14187] <... futex resumed>) = 0 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14207 attached [pid 14207] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14207] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14207] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14189] <... futex resumed>) = 0 [pid 14189] exit_group(0) = ? [pid 14191] <... futex resumed>) = ? [pid 14191] +++ exited with 0 +++ [pid 14207] <... futex resumed>) = ? [pid 14207] +++ exited with 0 +++ [pid 14189] +++ exited with 0 +++ [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14186] <... futex resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14189, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 14188] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14186] <... futex resumed>) = 0 [pid 412] <... restart_syscall resumed>) = 0 [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./502/binderfs") = 0 [pid 412] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14190] <... openat resumed>) = 7 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14190] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14185] <... futex resumed>) = 0 [pid 14185] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14185] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14190] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14190] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14190] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14190] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14185] <... futex resumed>) = 0 [pid 14185] exit_group(0) = ? [pid 14190] <... futex resumed>) = ? [pid 14190] +++ exited with 0 +++ [pid 14185] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14185, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./498/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./498/binderfs") = 0 [ 251.722196][T14190] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.731985][T14191] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 251.749638][T14206] loop2: detected capacity change from 0 to 2048 [ 251.769256][T14190] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 407] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14193] <... write resumed>) = 1048576 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14193] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14188] <... write resumed>) = 1048576 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14200] <... mount resumed>) = 0 [pid 14187] <... futex resumed>) = 0 [pid 14186] <... futex resumed>) = 0 [pid 14187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14187] <... futex resumed>) = 1 [pid 14186] <... futex resumed>) = 1 [pid 14187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14188] <... futex resumed>) = 0 [pid 14188] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14206] <... mount resumed>) = 0 [pid 14200] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14193] <... futex resumed>) = 0 [ 251.812522][T14200] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/506/bus supports timestamps until 2038 (0x7fffffff) [ 251.819710][T14206] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/500/bus supports timestamps until 2038 (0x7fffffff) [ 251.825798][T14188] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.837307][T14193] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14193] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 412] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14187] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14186] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14187] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./498/bus", [pid 14187] <... futex resumed>) = 0 [pid 14186] <... futex resumed>) = 0 [pid 14187] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] lstat("./502/bus", [pid 14186] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14186] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14187] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14186] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14187] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14186] <... mprotect resumed>) = 0 [pid 407] umount2("./498/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14187] <... mprotect resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14186] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14187] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./502/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] openat(AT_FDCWD, "./498/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] <... openat resumed>) = 4 [pid 407] fstat(4, [pid 14187] <... clone resumed>, parent_tid=[14213], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14213 [pid 14186] <... clone resumed>, parent_tid=[14214], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14214 [pid 412] fstat(4, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14187] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(4, [pid 14187] <... futex resumed>) = 0 [pid 14186] <... futex resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 14213 attached [pid 14213] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14213] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14200] <... openat resumed>) = 3 [pid 14200] chdir("./bus") = 0 [pid 14200] ioctl(4, LOOP_CLR_FD) = 0 [pid 14200] close(4) = 0 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14199] <... futex resumed>) = 0 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(4, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14199] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14187] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14186] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(4, [pid 407] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4 [pid 407] close(4 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 412] rmdir("./502/bus" [pid 407] rmdir("./498/bus" [pid 14200] chdir("./file0" [pid 412] <... rmdir resumed>) = 0 [pid 14200] <... chdir resumed>) = 0 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14199] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 407] <... rmdir resumed>) = 0 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14199] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 412] close(3 [pid 14200] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14206] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14206] chdir("./bus") = 0 [pid 14206] ioctl(4, LOOP_CLR_FD) = 0 [pid 14206] close(4 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14206] <... close resumed>) = 0 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14205] <... futex resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 412] <... close resumed>) = 0 [pid 407] close(3 [pid 14206] chdir("./file0" [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... close resumed>) = 0 [pid 412] rmdir("./502" [pid 407] rmdir("./498" [pid 14206] <... chdir resumed>) = 0 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14206] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14205] <... futex resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] mkdir("./503", 0777 [pid 14205] <... futex resumed>) = 1 [pid 14206] <... futex resumed>) = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14206] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 407] mkdir("./499", 0777 [pid 412] <... mkdir resumed>) = 0 [pid 14206] <... open resumed>) = 4 [pid 407] <... mkdir resumed>) = 0 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14206] <... futex resumed>) = 1 [pid 14205] <... futex resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 412] <... openat resumed>) = 3 [pid 14206] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14206] <... openat resumed>) = 5 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] ioctl(3, LOOP_CLR_FD [pid 407] ioctl(3, LOOP_CLR_FD [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14206] <... futex resumed>) = 1 [pid 14205] <... futex resumed>) = 0 [pid 412] close(3 [pid 407] close(3 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14206] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14205] <... futex resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 14206] <... write resumed>) = 196608 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14215 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14216 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14205] <... futex resumed>) = 0 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14215 attached [pid 14215] set_robust_list(0x555555f755e0, 24 [pid 14206] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14205] <... futex resumed>) = 0 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14206] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14205] <... futex resumed>) = 0 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] <... set_robust_list resumed>) = 0 [pid 14206] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14215] chdir("./499"./strace-static-x86_64: Process 14216 attached ./strace-static-x86_64: Process 14214 attached ) = 0 [pid 14213] <... openat resumed>) = 8 [pid 14200] <... open resumed>) = 4 [pid 14193] <... openat resumed>) = 7 [pid 14188] <... openat resumed>) = 7 [pid 14215] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14214] set_robust_list(0x7f1c2a1159e0, 24 [pid 14213] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14215] <... prctl resumed>) = 0 [pid 14214] <... set_robust_list resumed>) = 0 [pid 14213] <... futex resumed>) = 1 [pid 14200] <... futex resumed>) = 1 [pid 14199] <... futex resumed>) = 0 [pid 14193] <... futex resumed>) = 0 [pid 14187] <... futex resumed>) = 0 [pid 14216] set_robust_list(0x555555f755e0, 24 [pid 14215] setpgid(0, 0 [pid 14214] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14213] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14200] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14193] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14188] <... futex resumed>) = 0 [pid 14187] exit_group(0 [pid 14216] <... set_robust_list resumed>) = 0 [pid 14215] <... setpgid resumed>) = 0 [pid 14214] <... openat resumed>) = 8 [pid 14213] <... futex resumed>) = ? [pid 14200] <... openat resumed>) = 5 [pid 14199] <... futex resumed>) = 0 [pid 14193] <... futex resumed>) = ? [pid 14188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14187] <... exit_group resumed>) = ? [pid 14216] chdir("./503" [pid 14215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14214] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14213] +++ exited with 0 +++ [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14193] +++ exited with 0 +++ [pid 14216] <... chdir resumed>) = 0 [pid 14215] <... openat resumed>) = 3 [pid 14214] <... futex resumed>) = 1 [pid 14200] <... futex resumed>) = 0 [pid 14216] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14215] write(3, "1000", 4 [pid 14214] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14200] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14199] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14187] +++ exited with 0 +++ [pid 14186] <... futex resumed>) = 0 [pid 14216] <... prctl resumed>) = 0 [pid 14215] <... write resumed>) = 4 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14186] exit_group(0 [pid 14216] setpgid(0, 0 [pid 14215] close(3 [pid 14216] <... setpgid resumed>) = 0 [pid 14215] <... close resumed>) = 0 [pid 14214] <... futex resumed>) = ? [pid 14199] <... futex resumed>) = 1 [pid 14188] <... futex resumed>) = ? [pid 14186] <... exit_group resumed>) = ? [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14187, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14215] symlink("/dev/binderfs", "./binderfs" [pid 14216] <... openat resumed>) = 3 [pid 14215] <... symlink resumed>) = 0 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14188] +++ exited with 0 +++ [pid 14216] write(3, "1000", 4 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14214] +++ exited with 0 +++ [pid 14200] <... futex resumed>) = 0 [pid 14186] +++ exited with 0 +++ [pid 14216] <... write resumed>) = 4 [pid 14215] <... futex resumed>) = 0 [pid 14200] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14186, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14216] close(3 [pid 14215] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14216] <... close resumed>) = 0 [pid 14215] <... mmap resumed>) = 0x7f1c32416000 [pid 14216] symlink("/dev/binderfs", "./binderfs" [pid 14215] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14216] <... symlink resumed>) = 0 [pid 14215] <... mprotect resumed>) = 0 [pid 411] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14215] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14216] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14215] <... clone resumed>, parent_tid=[14217], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14217 [pid 411] <... openat resumed>) = 3 [pid 14216] <... mmap resumed>) = 0x7f1c32416000 [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 14216] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14215] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 410] fstat(3, [pid 14216] <... mprotect resumed>) = 0 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14216] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] getdents64(3, [pid 410] getdents64(3, [pid 14216] <... clone resumed>, parent_tid=[14218], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14218 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14216] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] lstat("./505/binderfs", [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] lstat("./508/binderfs", [pid 411] unlink("./505/binderfs" [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] <... unlink resumed>) = 0 [pid 410] unlink("./508/binderfs") = 0 [pid 411] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14217 attached [pid 14217] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14217] memfd_create("syzkaller", 0) = 3 [pid 14217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14200] <... write resumed>) = 196608 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14199] <... futex resumed>) = 0 [pid 14200] <... futex resumed>) = 1 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14200] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14217] <... write resumed>) = 1048576 [pid 14217] munmap(0x7f1c2a016000, 1048576 [pid 14200] <... mount resumed>) = 0 [pid 14217] <... munmap resumed>) = 0 [pid 14217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14217] ioctl(4, LOOP_SET_FD, 3 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14199] <... futex resumed>) = 0 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 251.853445][T14188] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 251.892774][T14193] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14200] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 ./strace-static-x86_64: Process 14218 attached [pid 14217] <... ioctl resumed>) = 0 [pid 14206] <... write resumed>) = 1048576 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14199] <... futex resumed>) = 0 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14200] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14218] set_robust_list(0x7f1c324369e0, 24 [pid 14217] close(3 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... set_robust_list resumed>) = 0 [pid 14217] <... close resumed>) = 0 [pid 14206] <... futex resumed>) = 1 [pid 14205] <... futex resumed>) = 0 [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14206] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14200] <... write resumed>) = 1048576 [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14199] <... futex resumed>) = 0 [pid 14199] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14199] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14200] <... futex resumed>) = 1 [pid 14200] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14218] memfd_create("syzkaller", 0 [pid 14217] mkdir("./bus", 0777 [pid 14218] <... memfd_create resumed>) = 3 [pid 14217] <... mkdir resumed>) = 0 [pid 14218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14217] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [ 251.935000][T14217] loop0: detected capacity change from 0 to 2048 [ 251.953224][T14206] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 251.955538][T14200] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 14206] <... openat resumed>) = 7 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14206] <... futex resumed>) = 1 [pid 14205] <... futex resumed>) = 0 [pid 14206] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14205] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14206] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14205] <... futex resumed>) = 0 [pid 411] lstat("./505/bus", [pid 14206] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14205] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] lstat("./508/bus", [pid 14206] <... openat resumed>) = 8 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14206] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14205] <... futex resumed>) = 0 [pid 411] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14206] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14205] exit_group(0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14206] <... futex resumed>) = ? [pid 14205] <... exit_group resumed>) = ? [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14206] +++ exited with 0 +++ [pid 14205] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14205, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14218] <... write resumed>) = 1048576 [pid 14218] munmap(0x7f1c2a016000, 1048576) = 0 [pid 411] openat(AT_FDCWD, "./505/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./508/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 4 [pid 410] <... openat resumed>) = 4 [pid 409] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] fstat(4, [pid 410] fstat(4, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] getdents64(4, [pid 410] getdents64(4, [pid 409] <... openat resumed>) = 3 [pid 409] fstat(3, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, [pid 14218] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./500/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./500/binderfs" [pid 14218] <... openat resumed>) = 4 [pid 14218] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(4, [pid 410] getdents64(4, [pid 14218] <... ioctl resumed>) = 0 [pid 14218] close(3) = 0 [pid 14218] mkdir("./bus", 0777) = 0 [pid 14218] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14199] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14199] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14199] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14199] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4 [pid 14199] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 411] close(4 [pid 410] <... close resumed>) = 0 [pid 14199] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... close resumed>) = 0 [pid 410] rmdir("./508/bus" [pid 14199] <... clone resumed>, parent_tid=[14219], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14219 [pid 411] rmdir("./505/bus" [pid 14199] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 14199] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 410] getdents64(3, [pid 14199] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... close resumed>) = 0 [pid 410] close(3 [pid 411] rmdir("./505" [pid 410] <... close resumed>) = 0 [pid 14200] <... openat resumed>) = 7 [pid 411] <... rmdir resumed>) = 0 [pid 410] rmdir("./508" [pid 411] mkdir("./506", 0777./strace-static-x86_64: Process 14219 attached [pid 14200] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... mkdir resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] mkdir("./509", 0777 [pid 14219] set_robust_list(0x7f1c2a1159e0, 24 [pid 14200] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 410] <... mkdir resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... openat resumed>) = 3 [pid 411] close(3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 14219] <... set_robust_list resumed>) = 0 [pid 14200] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... close resumed>) = 0 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] close(3) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14224 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14225 ./strace-static-x86_64: Process 14225 attached [pid 14225] set_robust_list(0x555555f755e0, 24) = 0 [pid 14225] chdir("./509") = 0 [pid 14225] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14225] setpgid(0, 0) = 0 [pid 14225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14225] write(3, "1000", 4) = 4 [pid 14225] close(3) = 0 [pid 14225] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14225] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14225] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14225] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14226], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14226 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14224 attached [pid 14224] set_robust_list(0x555555f755e0, 24) = 0 [pid 14224] chdir("./506") = 0 [pid 14224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14224] setpgid(0, 0) = 0 [pid 14224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14224] write(3, "1000", 4) = 4 [pid 14224] close(3) = 0 [pid 14224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14224] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14224] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14224] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14227], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14227 [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14226 attached [pid 14226] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14226] memfd_create("syzkaller", 0) = 3 [pid 14226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14219] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14219] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] <... mount resumed>) = 0 [pid 14219] <... futex resumed>) = 1 [pid 14199] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14227 attached [pid 14217] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14227] set_robust_list(0x7f1c324369e0, 24 [pid 14219] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14217] <... openat resumed>) = 3 [pid 14199] exit_group(0 [pid 14200] <... futex resumed>) = ? [pid 14199] <... exit_group resumed>) = ? [pid 14227] <... set_robust_list resumed>) = 0 [pid 14219] <... futex resumed>) = ? [pid 14217] chdir("./bus" [pid 14200] +++ exited with 0 +++ [ 251.980914][T14206] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 251.998993][T14218] loop5: detected capacity change from 0 to 2048 [ 252.002293][T14200] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 252.023354][T14217] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/499/bus supports timestamps until 2038 (0x7fffffff) [pid 14219] +++ exited with 0 +++ [pid 14199] +++ exited with 0 +++ [pid 409] <... umount2 resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14199, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 409] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./500/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./500/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./500/bus" [pid 408] <... restart_syscall resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 408] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] getdents64(3, [pid 408] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... openat resumed>) = 3 [pid 409] close(3 [pid 408] fstat(3, [pid 409] <... close resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] rmdir("./500" [pid 408] getdents64(3, [pid 409] <... rmdir resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] mkdir("./501", 0777 [pid 408] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... mkdir resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./506/binderfs", [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... openat resumed>) = 3 [pid 408] unlink("./506/binderfs" [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] <... unlink resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14228 ./strace-static-x86_64: Process 14228 attached [pid 14227] memfd_create("syzkaller", 0 [pid 14218] <... mount resumed>) = 0 [pid 14217] <... chdir resumed>) = 0 [pid 14226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14217] ioctl(4, LOOP_CLR_FD [pid 14227] <... memfd_create resumed>) = 3 [pid 14217] <... ioctl resumed>) = 0 [pid 14218] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14217] close(4 [pid 14227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14218] <... openat resumed>) = 3 [pid 14217] <... close resumed>) = 0 [pid 14227] <... mmap resumed>) = 0x7f1c2a016000 [pid 14218] chdir("./bus" [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14217] <... futex resumed>) = 1 [pid 14215] <... futex resumed>) = 0 [pid 14218] <... chdir resumed>) = 0 [pid 14217] chdir("./file0" [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14218] ioctl(4, LOOP_CLR_FD [pid 14217] <... chdir resumed>) = 0 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... ioctl resumed>) = 0 [pid 14217] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14218] close(4 [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... close resumed>) = 0 [pid 14217] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 1 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14218] <... futex resumed>) = 1 [pid 14217] <... open resumed>) = 4 [pid 14216] <... futex resumed>) = 0 [pid 14218] chdir("./file0" [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] <... futex resumed>) = 1 [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... chdir resumed>) = 0 [pid 14217] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] <... futex resumed>) = 0 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14216] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14218] <... futex resumed>) = 0 [pid 14217] <... openat resumed>) = 5 [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14216] <... futex resumed>) = 0 [pid 14228] set_robust_list(0x555555f755e0, 24 [pid 14218] <... open resumed>) = 4 [pid 14217] <... futex resumed>) = 1 [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] <... futex resumed>) = 0 [pid 14228] <... set_robust_list resumed>) = 0 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14216] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14228] chdir("./501" [pid 14218] <... futex resumed>) = 0 [pid 14217] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14215] <... futex resumed>) = 0 [pid 14218] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14217] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14216] <... futex resumed>) = 0 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14228] <... chdir resumed>) = 0 [pid 14227] <... write resumed>) = 1048576 [pid 14226] <... write resumed>) = 1048576 [pid 14218] <... openat resumed>) = 5 [pid 14217] <... write resumed>) = 196608 [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14227] munmap(0x7f1c2a016000, 1048576 [pid 14226] munmap(0x7f1c2a016000, 1048576 [pid 14228] <... prctl resumed>) = 0 [pid 14227] <... munmap resumed>) = 0 [pid 14226] <... munmap resumed>) = 0 [pid 14228] setpgid(0, 0 [pid 14227] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14226] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14228] <... setpgid resumed>) = 0 [pid 14227] <... openat resumed>) = 4 [pid 14226] <... openat resumed>) = 4 [pid 14228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 252.038065][T14218] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/503/bus supports timestamps until 2038 (0x7fffffff) [pid 14227] ioctl(4, LOOP_SET_FD, 3 [pid 14226] ioctl(4, LOOP_SET_FD, 3 [pid 14228] <... openat resumed>) = 3 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = 1 [pid 14217] <... futex resumed>) = 1 [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14217] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14218] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14217] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14218] <... write resumed>) = 196608 [pid 14217] <... mount resumed>) = 0 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = 1 [pid 14217] <... futex resumed>) = 1 [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14217] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14218] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14217] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14218] <... mount resumed>) = 0 [pid 14217] <... open resumed>) = 6 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = 1 [pid 14217] <... futex resumed>) = 1 [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14217] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 14218] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14217] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14228] write(3, "1000", 4 [pid 14227] <... ioctl resumed>) = 0 [pid 14226] <... ioctl resumed>) = 0 [pid 14218] <... open resumed>) = 6 [pid 408] <... umount2 resumed>) = 0 [pid 14228] <... write resumed>) = 4 [pid 14226] close(3 [pid 14228] close(3) = 0 [pid 14226] <... close resumed>) = 0 [pid 14228] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14226] mkdir("./bus", 0777 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14227] close(3 [pid 14226] <... mkdir resumed>) = 0 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14228] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14227] <... close resumed>) = 0 [pid 14226] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14228] <... mmap resumed>) = 0x7f1c32416000 [pid 14227] mkdir("./bus", 0777 [pid 14218] <... futex resumed>) = 1 [pid 14216] <... futex resumed>) = 0 [pid 14228] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14227] <... mkdir resumed>) = 0 [pid 14218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14217] <... write resumed>) = 1048576 [pid 408] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14228] <... mprotect resumed>) = 0 [pid 14227] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14218] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14216] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14228] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14218] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14217] <... futex resumed>) = 1 [pid 14216] <... futex resumed>) = 0 [pid 14215] <... futex resumed>) = 0 [pid 408] lstat("./506/bus", [pid 14217] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14216] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14228] <... clone resumed>, parent_tid=[14229], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14229 [pid 14217] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14217] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14215] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14228] <... futex resumed>) = 0 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] openat(AT_FDCWD, "./506/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 408] <... openat resumed>) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./506/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./506") = 0 [pid 408] mkdir("./507", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14232 ./strace-static-x86_64: Process 14229 attached [pid 14229] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14229] memfd_create("syzkaller", 0) = 3 [ 252.080153][T14227] loop4: detected capacity change from 0 to 2048 [ 252.086535][T14226] loop3: detected capacity change from 0 to 2048 [ 252.111136][T14217] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14229] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14229] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14229] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14229] close(3) = 0 [pid 14229] mkdir("./bus", 0777) = 0 [pid 14229] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14232 attached [pid 14216] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14216] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14216] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14216] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14236], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14236 [pid 14216] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14216] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14232] set_robust_list(0x555555f755e0, 24) = 0 [pid 14232] chdir("./507") = 0 [pid 14232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14232] setpgid(0, 0) = 0 [pid 14232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14227] <... mount resumed>) = 0 [pid 14217] <... openat resumed>) = 7 [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14217] <... futex resumed>) = 1 [pid 14215] <... futex resumed>) = 0 [pid 14215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14227] chdir("./bus" [pid 14217] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14227] <... chdir resumed>) = 0 [pid 14217] <... openat resumed>) = 8 [pid 14227] ioctl(4, LOOP_CLR_FD [pid 14217] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] <... ioctl resumed>) = 0 [pid 14217] <... futex resumed>) = 1 [pid 14215] <... futex resumed>) = 0 [pid 14215] exit_group(0) = ? [pid 14227] close(4 [pid 14232] <... openat resumed>) = 3 [pid 14232] write(3, "1000", 4) = 4 [pid 14232] close(3) = 0 [pid 14232] symlink("/dev/binderfs", "./binderfs" [pid 14227] <... close resumed>) = 0 [pid 14217] +++ exited with 0 +++ [pid 14215] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14215, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14224] <... futex resumed>) = 0 [pid 14227] chdir("./file0" [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14224] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14227] <... chdir resumed>) = 0 [pid 407] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14236 attached [pid 14232] <... symlink resumed>) = 0 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14227] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14236] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14236] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14232] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14232] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14232] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14238], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14238 [ 252.134169][T14227] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/506/bus supports timestamps until 2038 (0x7fffffff) [ 252.144573][T14229] loop2: detected capacity change from 0 to 2048 [ 252.155266][T14217] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 252.172563][T14229] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/501/bus supports timestamps until 2038 (0x7fffffff) [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14238 attached [pid 14229] <... mount resumed>) = 0 [pid 14224] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14229] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14229] chdir("./bus") = 0 [pid 14229] ioctl(4, LOOP_CLR_FD) = 0 [pid 14229] close(4) = 0 [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14216] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 407] lstat("./499/binderfs", [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [pid 14229] chdir("./file0" [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14229] <... chdir resumed>) = 0 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14238] set_robust_list(0x7f1c324369e0, 24 [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] <... set_robust_list resumed>) = 0 [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [pid 14238] memfd_create("syzkaller", 0 [pid 14229] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14238] <... memfd_create resumed>) = 3 [pid 14238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14216] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] <... futex resumed>) = 0 [pid 14224] <... futex resumed>) = 1 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14236] <... openat resumed>) = 7 [pid 14232] <... futex resumed>) = 0 [pid 14229] <... open resumed>) = 4 [pid 14227] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14226] <... mount resumed>) = 0 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14218] <... write resumed>) = 1048576 [pid 14216] <... futex resumed>) = 0 [pid 407] unlink("./499/binderfs" [pid 14236] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14236] <... futex resumed>) = 0 [pid 14229] <... futex resumed>) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14227] <... open resumed>) = 4 [pid 14218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] <... unlink resumed>) = 0 [pid 14226] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14236] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14218] <... futex resumed>) = 0 [pid 14216] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 407] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [pid 14227] <... futex resumed>) = 1 [pid 14226] <... openat resumed>) = 3 [pid 14224] <... futex resumed>) = 0 [pid 14218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14216] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 14229] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14227] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14229] <... openat resumed>) = 5 [pid 14216] <... mprotect resumed>) = 0 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14224] <... futex resumed>) = 0 [pid 14229] <... futex resumed>) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14227] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14216] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14226] chdir("./bus" [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [pid 14227] <... openat resumed>) = 5 [pid 14229] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... chdir resumed>) = 0 [pid 14229] <... write resumed>) = 196608 [pid 14216] <... clone resumed>, parent_tid=[14239], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 14239 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14226] ioctl(4, LOOP_CLR_FD [pid 14229] <... futex resumed>) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14227] <... futex resumed>) = 1 [pid 14224] <... futex resumed>) = 0 [pid 14216] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14226] <... ioctl resumed>) = 0 [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14226] close(4 [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14216] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14239 attached [pid 14238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [pid 14227] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14226] <... close resumed>) = 0 [pid 14224] <... futex resumed>) = 0 [pid 14216] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14229] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14229] <... mount resumed>) = 0 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [pid 14229] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14229] <... open resumed>) = 6 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14228] <... futex resumed>) = 0 [pid 14229] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14228] <... futex resumed>) = 0 [ 252.176124][T14236] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.185992][T14226] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/509/bus supports timestamps until 2038 (0x7fffffff) [ 252.212036][T14236] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14229] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14239] set_robust_list(0x7f1c2a0f49e0, 24 [pid 14238] <... write resumed>) = 1048576 [pid 14227] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14239] <... set_robust_list resumed>) = 0 [pid 14238] munmap(0x7f1c2a016000, 1048576 [pid 14227] <... write resumed>) = 196608 [pid 14226] <... futex resumed>) = 1 [pid 14225] <... futex resumed>) = 0 [pid 14239] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14238] <... munmap resumed>) = 0 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14226] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14239] <... openat resumed>) = 8 [pid 14238] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14227] <... futex resumed>) = 1 [pid 14226] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14225] <... futex resumed>) = 0 [pid 14224] <... futex resumed>) = 0 [pid 14239] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] <... openat resumed>) = 4 [pid 14227] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14226] chdir("./file0" [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14239] <... futex resumed>) = 1 [pid 14238] ioctl(4, LOOP_SET_FD, 3 [pid 14227] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14226] <... chdir resumed>) = 0 [pid 14224] <... futex resumed>) = 0 [pid 14216] <... futex resumed>) = 0 [pid 14239] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14227] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14216] exit_group(0 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] <... mount resumed>) = 0 [pid 14236] <... futex resumed>) = ? [pid 14218] <... futex resumed>) = ? [pid 14216] <... exit_group resumed>) = ? [pid 14226] <... futex resumed>) = 1 [pid 14225] <... futex resumed>) = 0 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14224] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14239] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14236] +++ exited with 0 +++ [pid 14218] +++ exited with 0 +++ [pid 14226] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] <... futex resumed>) = 0 [pid 14226] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14225] <... futex resumed>) = 0 [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14226] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14227] <... open resumed>) = 6 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14227] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14226] <... open resumed>) = 4 [pid 14224] <... futex resumed>) = 0 [pid 14238] <... ioctl resumed>) = 0 [pid 14238] close(3) = 0 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] mkdir("./bus", 0777) = 0 [pid 14238] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14239] +++ exited with 0 +++ [pid 14216] +++ exited with 0 +++ [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... futex resumed>) = 1 [pid 14226] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14229] <... write resumed>) = 1048576 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14228] <... futex resumed>) = 0 [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14229] <... futex resumed>) = 1 [pid 14229] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14227] <... futex resumed>) = 0 [pid 14225] <... futex resumed>) = 0 [pid 14227] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14216, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14226] <... futex resumed>) = 0 [pid 14225] <... futex resumed>) = 1 [pid 14226] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... openat resumed>) = 5 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14225] <... futex resumed>) = 0 [pid 14226] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14226] <... write resumed>) = 196608 [pid 14225] <... futex resumed>) = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14225] <... futex resumed>) = 0 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... futex resumed>) = 1 [pid 14226] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14225] <... futex resumed>) = 0 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... futex resumed>) = 1 [pid 14226] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14225] <... futex resumed>) = 0 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... futex resumed>) = 1 [pid 14226] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14227] <... write resumed>) = 1048576 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14224] <... futex resumed>) = 0 [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14227] <... futex resumed>) = 1 [ 252.242447][T14238] loop1: detected capacity change from 0 to 2048 [ 252.256679][T14229] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.279640][T14229] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14227] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14229] <... openat resumed>) = 7 [pid 14226] <... write resumed>) = 1048576 [pid 412] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... openat resumed>) = 3 [pid 407] lstat("./499/bus", [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] fstat(3, [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14226] <... futex resumed>) = 1 [pid 14225] <... futex resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./499/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14226] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14225] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] openat(AT_FDCWD, "./499/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14228] <... futex resumed>) = 0 [pid 14228] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14228] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14229] <... futex resumed>) = 1 [pid 14229] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14229] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14228] <... futex resumed>) = 0 [pid 14228] exit_group(0) = ? [pid 14229] <... futex resumed>) = ? [pid 14229] +++ exited with 0 +++ [pid 14228] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14228, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./501/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./501/binderfs") = 0 [pid 409] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... openat resumed>) = 4 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./503/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./503/binderfs") = 0 [pid 412] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./499/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./499") = 0 [pid 407] mkdir("./500", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14241 [pid 14227] <... openat resumed>) = 7 [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14224] <... futex resumed>) = 0 [pid 14227] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14224] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14227] <... openat resumed>) = 8 [pid 14224] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14241 attached [pid 14227] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [ 252.289405][T14227] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.303829][T14226] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.309797][T14227] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 252.324021][T14226] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14224] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14241] set_robust_list(0x555555f755e0, 24 [pid 14227] <... futex resumed>) = 0 [pid 14226] <... openat resumed>) = 7 [pid 14224] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14224] exit_group(0) = ? [pid 14238] <... mount resumed>) = 0 [pid 14227] +++ exited with 0 +++ [pid 14224] +++ exited with 0 +++ [pid 14241] <... set_robust_list resumed>) = 0 [pid 14241] chdir("./500" [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14224, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14241] <... chdir resumed>) = 0 [pid 14241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14241] setpgid(0, 0 [pid 411] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14241] <... setpgid resumed>) = 0 [pid 14241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14241] <... openat resumed>) = 3 [pid 411] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14241] write(3, "1000", 4 [pid 411] <... openat resumed>) = 3 [pid 14241] <... write resumed>) = 4 [pid 14241] close(3) = 0 [pid 14241] symlink("/dev/binderfs", "./binderfs") = 0 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14241] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14241] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14241] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14241] <... clone resumed>, parent_tid=[14243], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14243 [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14225] <... futex resumed>) = 0 [pid 14225] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14225] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14226] <... futex resumed>) = 1 [pid 14226] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14226] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14225] <... futex resumed>) = 0 [pid 14225] exit_group(0) = ? [pid 14226] <... futex resumed>) = ? [pid 14226] +++ exited with 0 +++ [pid 14225] +++ exited with 0 +++ [pid 411] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14225, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- ./strace-static-x86_64: Process 14243 attached [pid 14243] set_robust_list(0x7f1c324369e0, 24 [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14243] <... set_robust_list resumed>) = 0 [pid 411] lstat("./506/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./506/binderfs") = 0 [pid 410] <... restart_syscall resumed>) = 0 [pid 14243] memfd_create("syzkaller", 0) = 3 [pid 14243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14238] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./509/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./509/binderfs") = 0 [pid 410] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14238] <... openat resumed>) = 3 [pid 14238] chdir("./bus") = 0 [pid 14238] ioctl(4, LOOP_CLR_FD) = 0 [pid 14238] close(4) = 0 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14232] <... futex resumed>) = 0 [pid 14238] chdir("./file0" [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./509/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./509/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, [pid 14238] <... chdir resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14232] <... futex resumed>) = 0 [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14238] <... futex resumed>) = 1 [pid 14238] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./509/bus" [pid 14243] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... rmdir resumed>) = 0 [pid 14238] <... open resumed>) = 4 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./509" [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... rmdir resumed>) = 0 [pid 410] mkdir("./510", 0777 [pid 14238] <... futex resumed>) = 1 [pid 14232] <... futex resumed>) = 0 [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14243] <... write resumed>) = 1048576 [pid 14243] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14243] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14243] ioctl(4, LOOP_SET_FD, 3 [pid 14238] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./501/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./501/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, [pid 14238] <... openat resumed>) = 5 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(4, [pid 14238] <... futex resumed>) = 1 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14238] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] close(4) = 0 [pid 409] rmdir("./501/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./501") = 0 [pid 409] mkdir("./502", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 14232] <... futex resumed>) = 0 [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14244 [pid 14243] <... ioctl resumed>) = 0 [pid 14243] close(3) = 0 [pid 14243] mkdir("./bus", 0777 [pid 412] <... umount2 resumed>) = 0 [pid 14232] <... futex resumed>) = 1 [pid 14243] <... mkdir resumed>) = 0 [pid 14243] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14238] <... futex resumed>) = 0 [pid 14238] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14238] <... write resumed>) = 196608 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14238] <... futex resumed>) = 1 [pid 14232] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14238] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] lstat("./503/bus", [pid 14232] <... futex resumed>) = 0 [pid 14238] <... mount resumed>) = 0 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14232] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14238] <... futex resumed>) = 0 [pid 412] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14232] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14238] <... open resumed>) = 6 [pid 412] openat(AT_FDCWD, "./503/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 4 [pid 14238] <... futex resumed>) = 1 [pid 14232] <... futex resumed>) = 0 [pid 412] fstat(4, [pid 14238] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14238] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14232] <... futex resumed>) = 0 [pid 14238] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(4, [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./506/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./506/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./503/bus" [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] <... rmdir resumed>) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 412] getdents64(3, [pid 411] <... close resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./503" [pid 411] rmdir("./506/bus" [pid 412] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 412] mkdir("./504", 0777 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 411] close(3) = 0 [pid 411] rmdir("./506") = 0 [pid 411] mkdir("./507", 0777 [pid 412] <... openat resumed>) = 3 [pid 410] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 411] <... mkdir resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14245 ./strace-static-x86_64: Process 14245 attached [pid 14245] set_robust_list(0x555555f755e0, 24) = 0 [pid 14245] chdir("./507") = 0 [pid 14245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14245] setpgid(0, 0) = 0 [pid 14245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14245] write(3, "1000", 4) = 4 [pid 14245] close(3 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14245] <... close resumed>) = 0 [pid 14245] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] close(3 [pid 14245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14245] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14246 [pid 410] <... close resumed>) = 0 [pid 14245] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14247], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14247 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14245] <... futex resumed>) = 0 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14247 attached [ 252.336819][T14238] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/507/bus supports timestamps until 2038 (0x7fffffff) [ 252.382781][T14243] loop0: detected capacity change from 0 to 2048 [pid 14247] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14247] memfd_create("syzkaller", 0) = 3 [pid 14247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14248 [pid 14247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14246 attached ./strace-static-x86_64: Process 14248 attached [pid 14248] set_robust_list(0x555555f755e0, 24 [pid 14246] set_robust_list(0x555555f755e0, 24 [pid 14248] <... set_robust_list resumed>) = 0 [pid 14246] <... set_robust_list resumed>) = 0 [pid 14248] chdir("./510" [pid 14246] chdir("./504" [pid 14248] <... chdir resumed>) = 0 [pid 14248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14246] <... chdir resumed>) = 0 [pid 14248] <... prctl resumed>) = 0 [pid 14246] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14248] setpgid(0, 0 [pid 14246] <... prctl resumed>) = 0 [pid 14248] <... setpgid resumed>) = 0 [pid 14248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14246] setpgid(0, 0) = 0 [pid 14246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14248] <... openat resumed>) = 3 [pid 14248] write(3, "1000", 4 [pid 14246] <... openat resumed>) = 3 [pid 14246] write(3, "1000", 4) = 4 [pid 14248] <... write resumed>) = 4 [pid 14248] close(3 [pid 14246] close(3) = 0 [pid 14248] <... close resumed>) = 0 [pid 14246] symlink("/dev/binderfs", "./binderfs" [pid 14248] symlink("/dev/binderfs", "./binderfs" [pid 14246] <... symlink resumed>) = 0 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14248] <... symlink resumed>) = 0 [pid 14246] <... futex resumed>) = 0 [pid 14246] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14246] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14246] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14248] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14248] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14248] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14246] <... clone resumed>, parent_tid=[14249], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14249 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14248] <... clone resumed>, parent_tid=[14251], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14251 [pid 14246] <... futex resumed>) = 0 [pid 14247] <... write resumed>) = 1048576 [pid 14247] munmap(0x7f1c2a016000, 1048576 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... munmap resumed>) = 0 [pid 14247] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14248] <... futex resumed>) = 0 [pid 14247] ioctl(4, LOOP_SET_FD, 3 [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14251 attached ./strace-static-x86_64: Process 14249 attached ./strace-static-x86_64: Process 14244 attached [pid 14232] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14251] set_robust_list(0x7f1c324369e0, 24 [pid 14249] set_robust_list(0x7f1c324369e0, 24 [pid 14244] set_robust_list(0x555555f755e0, 24 [pid 14232] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14251] <... set_robust_list resumed>) = 0 [pid 14249] <... set_robust_list resumed>) = 0 [pid 14244] <... set_robust_list resumed>) = 0 [pid 14247] <... ioctl resumed>) = 0 [pid 14232] <... futex resumed>) = 0 [pid 14247] close(3) = 0 [pid 14247] mkdir("./bus", 0777) = 0 [pid 14232] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14232] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14247] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14232] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14251] memfd_create("syzkaller", 0) = 3 [pid 14251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14251] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14251] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14251] ioctl(4, LOOP_SET_FD, 3 [pid 14238] <... write resumed>) = 1048576 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14232] <... clone resumed>, parent_tid=[14253], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14253 [pid 14238] <... futex resumed>) = 0 [pid 14232] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14232] <... futex resumed>) = 0 [pid 14232] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14251] <... ioctl resumed>) = 0 [pid 14251] close(3) = 0 [pid 14251] mkdir("./bus", 0777) = 0 [pid 14251] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14249] memfd_create("syzkaller", 0) = 3 [pid 14249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14244] chdir("./502") = 0 [pid 14244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14244] setpgid(0, 0) = 0 [pid 14244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14244] write(3, "1000", 4) = 4 [pid 14244] close(3./strace-static-x86_64: Process 14253 attached [pid 14243] <... mount resumed>) = 0 [pid 14243] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14253] set_robust_list(0x7f1c2a1159e0, 24 [pid 14244] <... close resumed>) = 0 [pid 14244] symlink("/dev/binderfs", "./binderfs" [pid 14253] <... set_robust_list resumed>) = 0 [pid 14243] <... openat resumed>) = 3 [pid 14243] chdir("./bus" [pid 14253] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14244] <... symlink resumed>) = 0 [pid 14243] <... chdir resumed>) = 0 [pid 14243] ioctl(4, LOOP_CLR_FD) = 0 [pid 14243] close(4) = 0 [ 252.448936][T14247] loop4: detected capacity change from 0 to 2048 [ 252.460391][T14243] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/500/bus supports timestamps until 2038 (0x7fffffff) [ 252.471355][T14251] loop3: detected capacity change from 0 to 2048 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14244] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14244] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14244] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14254], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14254 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14254 attached [pid 14254] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14254] memfd_create("syzkaller", 0) = 3 [pid 14254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14243] chdir("./file0" [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14243] <... chdir resumed>) = 0 [pid 14241] <... futex resumed>) = 0 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=46000000} [pid 14243] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14253] <... openat resumed>) = 7 [pid 14249] <... write resumed>) = 1048576 [pid 14243] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14253] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] munmap(0x7f1c2a016000, 1048576 [pid 14243] <... openat resumed>) = 5 [pid 14253] <... futex resumed>) = 1 [pid 14249] <... munmap resumed>) = 0 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14253] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14249] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14243] <... futex resumed>) = 1 [pid 14249] <... openat resumed>) = 4 [pid 14243] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14249] ioctl(4, LOOP_SET_FD, 3 [pid 14254] <... write resumed>) = 1048576 [pid 14247] <... mount resumed>) = 0 [pid 14241] <... futex resumed>) = 0 [pid 14232] <... futex resumed>) = 0 [pid 14247] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14232] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... openat resumed>) = 3 [pid 14243] <... futex resumed>) = 0 [pid 14241] <... futex resumed>) = 1 [pid 14238] <... futex resumed>) = 0 [pid 14232] <... futex resumed>) = 1 [pid 14247] chdir("./bus" [pid 14243] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14238] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14232] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] <... chdir resumed>) = 0 [pid 14243] <... write resumed>) = 196608 [pid 14238] <... openat resumed>) = 8 [pid 14247] ioctl(4, LOOP_CLR_FD [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] munmap(0x7f1c2a016000, 1048576 [pid 14249] <... ioctl resumed>) = 0 [pid 14254] <... munmap resumed>) = 0 [pid 14249] close(3 [pid 14254] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14249] <... close resumed>) = 0 [pid 14254] <... openat resumed>) = 4 [pid 14249] mkdir("./bus", 0777 [ 252.492688][T14253] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.509334][T14253] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 252.521076][T14247] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/507/bus supports timestamps until 2038 (0x7fffffff) [ 252.524773][T14249] loop5: detected capacity change from 0 to 2048 [pid 14254] ioctl(4, LOOP_SET_FD, 3 [pid 14249] <... mkdir resumed>) = 0 [pid 14254] <... ioctl resumed>) = 0 [pid 14251] <... mount resumed>) = 0 [pid 14249] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14247] <... ioctl resumed>) = 0 [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14238] <... futex resumed>) = 1 [pid 14232] <... futex resumed>) = 0 [pid 14254] close(3 [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14254] <... close resumed>) = 0 [pid 14254] mkdir("./bus", 0777) = 0 [pid 14254] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14251] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14243] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14241] <... futex resumed>) = 0 [pid 14232] exit_group(0 [pid 14251] <... openat resumed>) = 3 [pid 14247] close(4 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14253] <... futex resumed>) = ? [pid 14251] chdir("./bus" [pid 14243] <... mount resumed>) = 0 [pid 14238] <... futex resumed>) = ? [pid 14232] <... exit_group resumed>) = ? [pid 14251] <... chdir resumed>) = 0 [pid 14251] ioctl(4, LOOP_CLR_FD) = 0 [pid 14251] close(4) = 0 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14248] <... futex resumed>) = 0 [pid 14253] +++ exited with 0 +++ [pid 14251] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14238] +++ exited with 0 +++ [pid 14232] +++ exited with 0 +++ [pid 14247] <... close resumed>) = 0 [pid 14248] <... futex resumed>) = 1 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] <... futex resumed>) = 1 [pid 14245] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14232, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14247] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 14247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14245] <... futex resumed>) = 0 [pid 408] <... restart_syscall resumed>) = 0 [pid 14251] <... futex resumed>) = 0 [pid 14247] chdir("./file0" [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14251] chdir("./file0" [pid 14247] <... chdir resumed>) = 0 [pid 14243] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14251] <... chdir resumed>) = 0 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14243] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14241] <... futex resumed>) = 0 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... futex resumed>) = 1 [pid 14245] <... futex resumed>) = 0 [pid 14243] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14251] <... futex resumed>) = 1 [pid 14248] <... futex resumed>) = 0 [pid 14247] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14243] <... open resumed>) = 6 [pid 408] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14251] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14245] <... futex resumed>) = 0 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14248] <... futex resumed>) = 0 [pid 14247] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... open resumed>) = 4 [pid 14243] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14241] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 14251] <... open resumed>) = 4 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./507/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./507/binderfs") = 0 [pid 408] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... futex resumed>) = 1 [pid 14245] <... futex resumed>) = 0 [pid 14251] <... futex resumed>) = 1 [pid 14248] <... futex resumed>) = 0 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14251] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] <... futex resumed>) = 0 [pid 14248] <... futex resumed>) = 1 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14245] <... futex resumed>) = 0 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 252.542200][T14251] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/510/bus supports timestamps until 2038 (0x7fffffff) [ 252.542810][T14254] loop2: detected capacity change from 0 to 2048 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] <... futex resumed>) = 0 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] <... futex resumed>) = 1 [pid 14247] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] <... futex resumed>) = 0 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] <... futex resumed>) = 1 [pid 14247] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14251] <... futex resumed>) = 0 [pid 14245] <... futex resumed>) = 0 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14247] <... futex resumed>) = 1 [pid 14251] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14247] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14251] <... openat resumed>) = 5 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14248] <... futex resumed>) = 0 [pid 14251] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14251] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14251] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14243] <... write resumed>) = 1048576 [pid 14251] <... write resumed>) = 196608 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14248] <... futex resumed>) = 0 [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14251] <... futex resumed>) = 1 [pid 14251] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14248] <... futex resumed>) = 0 [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14251] <... futex resumed>) = 1 [pid 14251] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14248] <... futex resumed>) = 0 [pid 14251] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] <... mount resumed>) = 0 [pid 14248] <... futex resumed>) = 0 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14254] <... openat resumed>) = 3 [pid 14243] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] chdir("./bus" [pid 14243] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14241] <... futex resumed>) = 0 [pid 14254] <... chdir resumed>) = 0 [pid 14243] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] ioctl(4, LOOP_CLR_FD) = 0 [pid 14254] close(4) = 0 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14244] <... futex resumed>) = 0 [pid 14254] chdir("./file0" [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] <... chdir resumed>) = 0 [pid 14244] <... futex resumed>) = 0 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] <... futex resumed>) = 0 [pid 14244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14254] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] <... open resumed>) = 4 [pid 14244] <... futex resumed>) = 0 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] <... futex resumed>) = 0 [pid 14244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14254] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] <... openat resumed>) = 5 [pid 14244] <... futex resumed>) = 0 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] <... futex resumed>) = 0 [pid 14244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14254] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] <... write resumed>) = 196608 [pid 14244] <... futex resumed>) = 0 [ 252.591786][T14254] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/502/bus supports timestamps until 2038 (0x7fffffff) [ 252.612294][T14249] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/504/bus supports timestamps until 2038 (0x7fffffff) [ 252.627739][T14243] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] <... futex resumed>) = 0 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] <... futex resumed>) = 1 [pid 14254] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... umount2 resumed>) = 0 [pid 14254] <... futex resumed>) = 1 [pid 14245] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] <... futex resumed>) = 0 [pid 408] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14254] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14245] <... futex resumed>) = 0 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14254] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14251] <... write resumed>) = 1048576 [pid 14245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14244] <... futex resumed>) = 0 [pid 408] lstat("./507/bus", [pid 14254] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] <... mount resumed>) = 0 [pid 14245] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... openat resumed>) = 7 [pid 14251] <... futex resumed>) = 1 [pid 14249] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14248] <... futex resumed>) = 0 [pid 14245] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14251] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14249] <... openat resumed>) = 3 [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] <... mprotect resumed>) = 0 [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 408] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14251] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14249] chdir("./bus" [pid 14248] <... futex resumed>) = 0 [pid 14245] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14243] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14241] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14251] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14249] <... chdir resumed>) = 0 [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14241] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "./507/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 14263 attached [pid 14254] <... open resumed>) = 6 [pid 14249] ioctl(4, LOOP_CLR_FD [pid 14247] <... write resumed>) = 1048576 [pid 14245] <... clone resumed>, parent_tid=[14263], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14263 [pid 14243] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14241] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... openat resumed>) = 4 [pid 14263] set_robust_list(0x7f1c2a1159e0, 24 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] <... ioctl resumed>) = 0 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14243] <... openat resumed>) = 8 [pid 408] fstat(4, [pid 14245] <... futex resumed>) = 0 [pid 14243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14245] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14243] <... futex resumed>) = 1 [pid 14241] <... futex resumed>) = 0 [pid 14254] <... futex resumed>) = 1 [pid 14244] <... futex resumed>) = 0 [pid 14243] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14241] exit_group(0 [pid 408] getdents64(4, [pid 14254] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14243] <... futex resumed>) = ? [pid 14241] <... exit_group resumed>) = ? [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14244] <... futex resumed>) = 0 [pid 14243] +++ exited with 0 +++ [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14263] <... set_robust_list resumed>) = 0 [pid 14254] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14249] close(4 [pid 14247] <... futex resumed>) = 0 [pid 14241] +++ exited with 0 +++ [pid 408] getdents64(4, [pid 14263] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14254] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14241, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14251] <... openat resumed>) = 7 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14251] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14249] <... close resumed>) = 0 [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14249] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 252.645607][T14243] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 252.658341][T14251] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.673049][T14251] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14247] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14248] <... futex resumed>) = 0 [pid 14246] <... futex resumed>) = 0 [pid 408] close(4 [pid 14248] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... close resumed>) = 0 [pid 14251] <... futex resumed>) = 0 [pid 14249] <... futex resumed>) = 0 [pid 14248] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 1 [pid 408] rmdir("./507/bus" [pid 14251] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14249] chdir("./file0" [pid 14248] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14251] <... openat resumed>) = 8 [pid 408] <... rmdir resumed>) = 0 [pid 407] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14249] <... chdir resumed>) = 0 [pid 408] getdents64(3, [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14249] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14249] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] close(3 [pid 407] <... openat resumed>) = 3 [pid 14249] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14246] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] fstat(3, [pid 14249] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 408] rmdir("./507" [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, [pid 408] <... rmdir resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] mkdir("./508", 0777 [pid 407] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... mkdir resumed>) = 0 [pid 407] lstat("./500/binderfs", [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14251] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14251] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14248] <... futex resumed>) = 0 [pid 407] unlink("./500/binderfs" [pid 408] <... openat resumed>) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3 [pid 14248] exit_group(0 [pid 408] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... unlink resumed>) = 0 [pid 14251] <... futex resumed>) = ? [pid 14248] <... exit_group resumed>) = ? [pid 407] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14251] +++ exited with 0 +++ [pid 14249] <... open resumed>) = 4 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14264 [pid 14248] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14248, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 14254] <... write resumed>) = 1048576 [pid 14249] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 0 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14246] <... futex resumed>) = 0 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] <... futex resumed>) = 1 [pid 14244] <... futex resumed>) = 0 [pid 410] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14249] <... openat resumed>) = 5 [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14254] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14244] <... futex resumed>) = 0 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14249] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] <... openat resumed>) = 3 [pid 14249] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] fstat(3, ./strace-static-x86_64: Process 14264 attached [pid 14264] set_robust_list(0x555555f755e0, 24) = 0 [pid 14264] chdir("./508") = 0 [pid 14264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14264] setpgid(0, 0) = 0 [pid 14264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14249] <... write resumed>) = 196608 [pid 14245] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14247] <... futex resumed>) = 0 [pid 14245] <... futex resumed>) = 1 [pid 410] getdents64(3, [pid 14247] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14249] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 0 [pid 410] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14264] write(3, "1000", 4) = 4 [pid 14264] close(3) = 0 [pid 14264] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14264] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14264] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14264] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14265], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14265 [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14265 attached [pid 14265] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14265] memfd_create("syzkaller", 0) = 3 [pid 14265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14246] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] lstat("./510/binderfs", [pid 14265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./510/binderfs") = 0 [pid 14249] <... mount resumed>) = 0 [pid 410] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14246] <... futex resumed>) = 0 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 0 [pid 14265] <... write resumed>) = 1048576 [pid 14265] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14265] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 252.683215][T14263] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.708021][T14254] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.725314][T14263] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14265] ioctl(4, LOOP_SET_FD, 3 [pid 14249] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14265] <... ioctl resumed>) = 0 [pid 14265] close(3) = 0 [pid 14265] mkdir("./bus", 0777) = 0 [pid 14265] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14249] <... open resumed>) = 6 [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14246] <... futex resumed>) = 0 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14249] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14246] <... futex resumed>) = 0 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14263] <... openat resumed>) = 7 [pid 14247] <... openat resumed>) = 8 [pid 14247] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14245] <... futex resumed>) = 0 [pid 14247] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14263] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14263] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14254] <... openat resumed>) = 7 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14245] exit_group(0 [pid 14263] <... futex resumed>) = ? [pid 14247] <... futex resumed>) = ? [pid 14245] <... exit_group resumed>) = ? [pid 14263] +++ exited with 0 +++ [pid 14254] <... futex resumed>) = 1 [pid 14244] <... futex resumed>) = 0 [pid 14254] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14247] +++ exited with 0 +++ [pid 14245] +++ exited with 0 +++ [pid 14244] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14244] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14254] <... futex resumed>) = 0 [pid 14254] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14254] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14244] <... futex resumed>) = 0 [pid 14244] exit_group(0) = ? [pid 14254] <... futex resumed>) = ? [pid 14254] +++ exited with 0 +++ [pid 14244] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14244, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./502/binderfs") = 0 [pid 409] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14245, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 407] <... umount2 resumed>) = 0 [pid 411] <... restart_syscall resumed>) = 0 [pid 407] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./500/bus", [pid 411] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14249] <... write resumed>) = 1048576 [pid 411] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] umount2("./500/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14246] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] fstat(3, [pid 14249] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14246] <... futex resumed>) = 0 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] openat(AT_FDCWD, "./500/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./507/binderfs", [pid 407] <... openat resumed>) = 4 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./507/binderfs" [pid 407] fstat(4, [pid 411] <... unlink resumed>) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./500/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./500") = 0 [pid 407] mkdir("./501", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14266 [ 252.743332][T14265] loop1: detected capacity change from 0 to 2048 [ 252.744083][T14254] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 252.780738][T14249] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 ./strace-static-x86_64: Process 14266 attached [pid 14266] set_robust_list(0x555555f755e0, 24) = 0 [pid 14266] chdir("./501") = 0 [pid 14266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14266] setpgid(0, 0) = 0 [pid 14266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14266] write(3, "1000", 4) = 4 [pid 14266] close(3) = 0 [pid 14266] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14266] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14266] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14268], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14268 [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./510/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./510/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./510/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3./strace-static-x86_64: Process 14268 attached [pid 14266] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 14268] set_robust_list(0x7f1c324369e0, 24 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14268] <... set_robust_list resumed>) = 0 [pid 14268] memfd_create("syzkaller", 0) = 3 [pid 14268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14249] <... openat resumed>) = 7 [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14249] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14268] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14268] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14268] ioctl(4, LOOP_SET_FD, 3 [pid 14246] <... futex resumed>) = 0 [pid 410] rmdir("./510" [pid 409] <... umount2 resumed>) = 0 [pid 14246] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14246] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14249] <... futex resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14249] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] mkdir("./511", 0777 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14249] <... openat resumed>) = 8 [pid 14249] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... mkdir resumed>) = 0 [pid 409] lstat("./502/bus", [pid 14249] <... futex resumed>) = 1 [pid 14246] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14246] exit_group(0) = ? [pid 410] <... openat resumed>) = 3 [pid 409] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14249] +++ exited with 0 +++ [pid 14246] +++ exited with 0 +++ [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14246, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] openat(AT_FDCWD, "./502/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] close(3 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... openat resumed>) = 4 [pid 412] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... close resumed>) = 0 [pid 409] fstat(4, [pid 412] <... openat resumed>) = 3 [pid 412] fstat(3, [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] getdents64(4, [pid 412] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14271 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] lstat("./504/binderfs", [pid 409] getdents64(4, [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] unlink("./504/binderfs") = 0 [pid 409] close(4 [pid 412] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 14268] <... ioctl resumed>) = 0 [pid 14268] close(3) = 0 [pid 14268] mkdir("./bus", 0777) = 0 [pid 14268] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14265] <... mount resumed>) = 0 [pid 14265] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14265] chdir("./bus") = 0 [pid 14265] ioctl(4, LOOP_CLR_FD) = 0 [pid 14265] close(4) = 0 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14264] <... futex resumed>) = 0 [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14265] <... futex resumed>) = 1 [pid 14265] chdir("./file0"./strace-static-x86_64: Process 14271 attached [pid 14271] set_robust_list(0x555555f755e0, 24) = 0 [pid 14265] <... chdir resumed>) = 0 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14264] <... futex resumed>) = 0 [pid 14265] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14265] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14264] <... futex resumed>) = 0 [pid 14265] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14271] chdir("./511") = 0 [pid 14271] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14265] <... open resumed>) = 4 [pid 14271] setpgid(0, 0 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14264] <... futex resumed>) = 0 [pid 14265] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14265] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14264] <... futex resumed>) = 0 [pid 14265] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14271] <... setpgid resumed>) = 0 [pid 14265] <... openat resumed>) = 5 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14264] <... futex resumed>) = 0 [pid 14265] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] rmdir("./502/bus" [pid 14265] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14264] <... futex resumed>) = 0 [pid 14265] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14271] write(3, "1000", 4) = 4 [pid 14271] close(3) = 0 [pid 14271] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14271] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14271] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14271] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14273], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14273 [pid 14265] <... write resumed>) = 196608 [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14273 attached [pid 14273] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14273] memfd_create("syzkaller", 0) = 3 [pid 14273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14264] <... futex resumed>) = 0 [pid 14265] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14265] <... mount resumed>) = 0 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... rmdir resumed>) = 0 [pid 14265] <... futex resumed>) = 1 [pid 14264] <... futex resumed>) = 0 [pid 409] getdents64(3, [pid 14265] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14265] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14264] <... futex resumed>) = 0 [pid 14265] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14265] <... open resumed>) = 6 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] close(3 [pid 14264] <... futex resumed>) = 0 [pid 14265] <... futex resumed>) = 1 [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14265] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14264] <... futex resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] rmdir("./502") = 0 [pid 409] mkdir("./503", 0777) = 0 [pid 14273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14274 [pid 14273] <... write resumed>) = 1048576 [pid 14273] munmap(0x7f1c2a016000, 1048576) = 0 [ 252.795623][T14249] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 252.809050][T14265] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/508/bus supports timestamps until 2038 (0x7fffffff) [ 252.817885][T14268] loop0: detected capacity change from 0 to 2048 [pid 14273] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 14274 attached ) = 4 [pid 14265] <... write resumed>) = 1048576 [pid 14273] ioctl(4, LOOP_SET_FD, 3 [pid 14274] set_robust_list(0x555555f755e0, 24 [pid 14268] <... mount resumed>) = 0 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 14265] <... futex resumed>) = 1 [pid 14264] <... futex resumed>) = 0 [pid 411] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14265] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14264] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14274] <... set_robust_list resumed>) = 0 [pid 14268] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./507/bus", [pid 14273] <... ioctl resumed>) = 0 [pid 14273] close(3) = 0 [pid 14273] mkdir("./bus", 0777) = 0 [pid 14273] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14274] chdir("./503") = 0 [pid 14274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14274] setpgid(0, 0) = 0 [pid 14274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14274] write(3, "1000", 4) = 4 [pid 14274] close(3) = 0 [pid 14274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 14274] <... futex resumed>) = 0 [pid 14274] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14274] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14274] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14276], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14276 [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14268] <... openat resumed>) = 3 [pid 14268] chdir("./bus") = 0 [pid 14268] ioctl(4, LOOP_CLR_FD) = 0 [pid 14268] close(4) = 0 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 14276 attached [pid 412] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14276] set_robust_list(0x7f1c324369e0, 24 [pid 412] lstat("./504/bus", [pid 411] openat(AT_FDCWD, "./507/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14276] <... set_robust_list resumed>) = 0 [pid 14266] <... futex resumed>) = 0 [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14268] <... futex resumed>) = 1 [pid 14268] chdir("./file0") = 0 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14266] <... futex resumed>) = 0 [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14268] <... futex resumed>) = 1 [pid 14268] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./504/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./504/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./504") = 0 [pid 412] mkdir("./505", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14277 [pid 411] <... openat resumed>) = 4 [pid 14276] memfd_create("syzkaller", 0) = 3 [pid 14276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./507/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./507" [pid 14276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./508", 0777) = 0 [pid 14268] <... open resumed>) = 4 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14266] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14268] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14278 [pid 14268] <... openat resumed>) = 5 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14266] <... futex resumed>) = 0 [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14268] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14266] <... futex resumed>) = 0 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14276] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 14278 attached [pid 14278] set_robust_list(0x555555f755e0, 24 [pid 14276] munmap(0x7f1c2a016000, 1048576 [pid 14278] <... set_robust_list resumed>) = 0 [pid 14268] <... write resumed>) = 196608 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14278] chdir("./508" [pid 14276] <... munmap resumed>) = 0 [pid 14278] <... chdir resumed>) = 0 [pid 14278] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14276] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14278] <... prctl resumed>) = 0 [pid 14276] <... openat resumed>) = 4 [pid 14278] setpgid(0, 0 [pid 14268] <... futex resumed>) = 1 [pid 14266] <... futex resumed>) = 0 [pid 14268] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14268] <... mount resumed>) = 0 [pid 14266] <... futex resumed>) = 0 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14268] <... futex resumed>) = 0 [pid 14266] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14268] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14268] <... open resumed>) = 6 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14278] <... setpgid resumed>) = 0 [pid 14276] ioctl(4, LOOP_SET_FD, 3 [pid 14266] <... futex resumed>) = 0 [pid 14268] <... futex resumed>) = 1 [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14268] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 252.867659][T14268] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/501/bus supports timestamps until 2038 (0x7fffffff) [ 252.873552][T14273] loop3: detected capacity change from 0 to 2048 [ 252.886429][T14265] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 252.906712][T14265] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14278] write(3, "1000", 4) = 4 [pid 14278] close(3) = 0 [pid 14278] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 ./strace-static-x86_64: Process 14277 attached [pid 14278] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14277] set_robust_list(0x555555f755e0, 24) = 0 [pid 14278] <... mprotect resumed>) = 0 [pid 14277] chdir("./505" [pid 14278] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14277] <... chdir resumed>) = 0 [pid 14277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14277] setpgid(0, 0) = 0 [pid 14278] <... clone resumed>, parent_tid=[14281], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14281 [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14278] <... futex resumed>) = 0 [pid 14277] <... openat resumed>) = 3 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14277] write(3, "1000", 4) = 4 [pid 14276] <... ioctl resumed>) = 0 [pid 14276] close(3) = 0 [pid 14276] mkdir("./bus", 0777) = 0 [pid 14276] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14265] <... openat resumed>) = 7 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14265] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14281 attached [pid 14281] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14281] memfd_create("syzkaller", 0 [pid 14264] <... futex resumed>) = 0 [pid 14264] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14264] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14281] <... memfd_create resumed>) = 3 [pid 14281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14281] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14281] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14281] ioctl(4, LOOP_SET_FD, 3 [pid 14277] close(3 [pid 14265] <... futex resumed>) = 0 [pid 14265] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14277] <... close resumed>) = 0 [pid 14277] symlink("/dev/binderfs", "./binderfs" [pid 14265] <... openat resumed>) = 8 [pid 14265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14264] <... futex resumed>) = 0 [pid 14265] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14264] exit_group(0 [pid 14277] <... symlink resumed>) = 0 [pid 14265] <... futex resumed>) = ? [pid 14264] <... exit_group resumed>) = ? [pid 14281] <... ioctl resumed>) = 0 [pid 14281] close(3) = 0 [pid 14281] mkdir("./bus", 0777 [pid 14265] +++ exited with 0 +++ [pid 14264] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14264, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14281] <... mkdir resumed>) = 0 [pid 14281] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14273] <... mount resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./508/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./508/binderfs") = 0 [pid 408] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14273] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14273] chdir("./bus") = 0 [pid 14273] ioctl(4, LOOP_CLR_FD) = 0 [pid 14273] close(4) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14277] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14277] <... mmap resumed>) = 0x7f1c32416000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14277] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 408] lstat("./508/bus", [pid 14277] <... mprotect resumed>) = 0 [pid 14266] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14277] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14266] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14266] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14277] <... clone resumed>, parent_tid=[14284], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14284 [pid 408] openat(AT_FDCWD, "./508/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14266] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 4 [pid 14277] <... futex resumed>) = 0 [pid 14266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] fstat(4, [pid 14266] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14266] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14266] <... mprotect resumed>) = 0 [pid 408] getdents64(4, [pid 14266] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14285], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14285 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14266] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(4, [pid 14266] <... futex resumed>) = 0 [pid 14266] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./508/bus" [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14271] <... futex resumed>) = 0 [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... rmdir resumed>) = 0 [pid 14271] <... futex resumed>) = 0 [pid 408] getdents64(3, ./strace-static-x86_64: Process 14285 attached ./strace-static-x86_64: Process 14284 attached [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14285] set_robust_list(0x7f1c2a1159e0, 24 [pid 14284] set_robust_list(0x7f1c324369e0, 24 [pid 14285] <... set_robust_list resumed>) = 0 [pid 14284] <... set_robust_list resumed>) = 0 [ 252.938263][T14276] loop2: detected capacity change from 0 to 2048 [ 252.956923][T14273] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/511/bus supports timestamps until 2038 (0x7fffffff) [ 252.966878][T14281] loop4: detected capacity change from 0 to 2048 [pid 14285] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14284] memfd_create("syzkaller", 0 [pid 14276] <... mount resumed>) = 0 [pid 14273] <... futex resumed>) = 1 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14273] chdir("./file0" [pid 408] close(3 [pid 14273] <... chdir resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] rmdir("./508" [pid 14273] <... futex resumed>) = 1 [pid 14271] <... futex resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] mkdir("./509", 0777 [pid 14273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14271] <... futex resumed>) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 14273] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14273] <... open resumed>) = 4 [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14271] <... futex resumed>) = 0 [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14271] <... futex resumed>) = 0 [pid 14273] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14273] <... openat resumed>) = 5 [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14271] <... futex resumed>) = 0 [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14271] <... futex resumed>) = 0 [pid 14273] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14273] <... write resumed>) = 196608 [pid 14276] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... openat resumed>) = 3 [pid 14273] <... futex resumed>) = 1 [pid 14271] <... futex resumed>) = 0 [pid 14276] chdir("./bus" [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... chdir resumed>) = 0 [pid 14273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14271] <... futex resumed>) = 0 [pid 14276] ioctl(4, LOOP_CLR_FD [pid 14273] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14276] <... ioctl resumed>) = 0 [pid 14273] <... mount resumed>) = 0 [pid 14276] close(4 [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... close resumed>) = 0 [pid 14273] <... futex resumed>) = 1 [pid 14271] <... futex resumed>) = 0 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... futex resumed>) = 1 [pid 14274] <... futex resumed>) = 0 [pid 14273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14271] <... futex resumed>) = 0 [pid 14276] chdir("./file0" [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14273] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14276] <... chdir resumed>) = 0 [pid 14274] <... futex resumed>) = 0 [pid 14273] <... open resumed>) = 6 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... futex resumed>) = 0 [pid 14274] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14273] <... futex resumed>) = 1 [pid 14271] <... futex resumed>) = 0 [pid 14276] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... open resumed>) = 4 [pid 14274] <... futex resumed>) = 0 [pid 14273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14271] <... futex resumed>) = 0 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14273] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14284] <... memfd_create resumed>) = 3 [pid 14276] <... futex resumed>) = 0 [pid 14274] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14268] <... write resumed>) = 1048576 [pid 14276] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... openat resumed>) = 5 [pid 14274] <... futex resumed>) = 0 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14276] <... futex resumed>) = 0 [pid 14274] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14276] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... write resumed>) = 196608 [pid 14274] <... futex resumed>) = 0 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14285] <... openat resumed>) = 7 [pid 14284] <... mmap resumed>) = 0x7f1c2a016000 [pid 14276] <... futex resumed>) = 1 [pid 14274] <... futex resumed>) = 0 [pid 14268] <... futex resumed>) = 0 [pid 14276] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... mount resumed>) = 0 [pid 14274] <... futex resumed>) = 0 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14276] <... futex resumed>) = 0 [pid 14274] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14276] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... open resumed>) = 6 [pid 14274] <... futex resumed>) = 0 [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14276] <... futex resumed>) = 0 [pid 14274] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14276] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14266] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... openat resumed>) = 3 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] ioctl(3, LOOP_CLR_FD [pid 14285] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14268] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14266] <... futex resumed>) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14268] <... openat resumed>) = 8 [pid 14266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] close(3 [pid 14285] <... futex resumed>) = 0 [pid 14268] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14285] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14268] <... futex resumed>) = 1 [pid 14266] <... futex resumed>) = 0 [pid 14266] exit_group(0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14288 [pid 14285] <... futex resumed>) = ? [pid 14266] <... exit_group resumed>) = ? [pid 14285] +++ exited with 0 +++ [pid 14268] +++ exited with 0 +++ [pid 14266] +++ exited with 0 +++ ./strace-static-x86_64: Process 14288 attached [pid 14284] <... write resumed>) = 1048576 [pid 14281] <... mount resumed>) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14266, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14288] set_robust_list(0x555555f755e0, 24 [pid 14284] munmap(0x7f1c2a016000, 1048576 [pid 14281] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14288] <... set_robust_list resumed>) = 0 [pid 14284] <... munmap resumed>) = 0 [pid 407] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14288] chdir("./509" [pid 14284] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14281] <... openat resumed>) = 3 [pid 14276] <... write resumed>) = 1048576 [pid 14288] <... chdir resumed>) = 0 [pid 14284] <... openat resumed>) = 4 [pid 14281] chdir("./bus" [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14288] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14284] ioctl(4, LOOP_SET_FD, 3 [pid 14281] <... chdir resumed>) = 0 [pid 14276] <... futex resumed>) = 1 [pid 14274] <... futex resumed>) = 0 [pid 407] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14288] <... prctl resumed>) = 0 [pid 14281] ioctl(4, LOOP_CLR_FD [ 252.992500][T14276] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/503/bus supports timestamps until 2038 (0x7fffffff) [ 252.994508][T14285] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.018431][T14285] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 253.028634][T14281] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/508/bus supports timestamps until 2038 (0x7fffffff) [pid 14288] setpgid(0, 0 [pid 14281] <... ioctl resumed>) = 0 [pid 14276] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14274] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 14288] <... setpgid resumed>) = 0 [pid 14284] <... ioctl resumed>) = 0 [pid 14281] close(4 [pid 14273] <... write resumed>) = 1048576 [pid 14288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14281] <... close resumed>) = 0 [pid 14288] <... openat resumed>) = 3 [pid 14284] close(3 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] write(3, "1000", 4 [pid 14284] <... close resumed>) = 0 [pid 14281] <... futex resumed>) = 1 [pid 14278] <... futex resumed>) = 0 [pid 14288] <... write resumed>) = 4 [pid 14284] mkdir("./bus", 0777 [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] close(3 [pid 14284] <... mkdir resumed>) = 0 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 14288] <... close resumed>) = 0 [pid 14284] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14281] chdir("./file0" [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14288] symlink("/dev/binderfs", "./binderfs" [pid 14281] <... chdir resumed>) = 0 [pid 14274] <... futex resumed>) = 0 [pid 14271] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 407] fstat(3, [pid 14288] <... symlink resumed>) = 0 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14271] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14281] <... futex resumed>) = 1 [pid 14278] <... futex resumed>) = 0 [pid 14271] <... futex resumed>) = 0 [pid 14288] <... futex resumed>) = 0 [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(3, [pid 14288] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 14271] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14288] <... mmap resumed>) = 0x7f1c32416000 [pid 14281] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14288] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14281] <... open resumed>) = 4 [pid 14271] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14288] <... mprotect resumed>) = 0 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14271] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 407] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14288] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14281] <... futex resumed>) = 1 [pid 14278] <... futex resumed>) = 0 [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14271] <... mprotect resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14273] <... futex resumed>) = 0 [pid 14288] <... clone resumed>, parent_tid=[14289], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14289 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14271] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] lstat("./501/binderfs", [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14281] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14288] <... futex resumed>) = 0 [pid 14281] <... openat resumed>) = 5 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14271] <... clone resumed>, parent_tid=[14290], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14290 [pid 14281] <... futex resumed>) = 1 [pid 14278] <... futex resumed>) = 0 [pid 407] unlink("./501/binderfs" [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14271] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 407] <... unlink resumed>) = 0 [pid 14281] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14271] <... futex resumed>) = 0 [pid 14281] <... write resumed>) = 196608 [pid 14271] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14278] <... futex resumed>) = 0 [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 14281] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14281] <... mount resumed>) = 0 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14278] <... futex resumed>) = 0 [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 14281] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14281] <... open resumed>) = 6 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14278] <... futex resumed>) = 0 [pid 14281] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14281] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14278] <... futex resumed>) = 0 [pid 14281] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14289 attached [pid 14289] set_robust_list(0x7f1c324369e0, 24./strace-static-x86_64: Process 14290 attached [pid 14281] <... write resumed>) = 1048576 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14278] <... futex resumed>) = 0 [ 253.061771][T14284] loop5: detected capacity change from 0 to 2048 [ 253.070512][T14276] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14281] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14290] set_robust_list(0x7f1c2a1159e0, 24 [pid 14289] <... set_robust_list resumed>) = 0 [pid 14290] <... set_robust_list resumed>) = 0 [pid 14289] memfd_create("syzkaller", 0 [pid 14290] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14289] <... memfd_create resumed>) = 3 [pid 14289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14281] <... openat resumed>) = 7 [pid 14274] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14289] <... mmap resumed>) = 0x7f1c2a016000 [pid 14274] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14271] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14274] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14271] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14274] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14271] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14274] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14274] <... mprotect resumed>) = 0 [pid 14273] <... futex resumed>) = 0 [pid 14271] <... futex resumed>) = 1 [pid 14274] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14273] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14274] <... clone resumed>, parent_tid=[14291], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14291 [pid 14274] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14274] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14276] <... openat resumed>) = 7 ./strace-static-x86_64: Process 14291 attached [pid 14278] <... futex resumed>) = 0 [pid 14278] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14278] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14281] <... futex resumed>) = 1 [pid 14281] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14281] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14278] <... futex resumed>) = 0 [pid 14278] exit_group(0) = ? [pid 14281] <... futex resumed>) = ? [pid 14281] +++ exited with 0 +++ [pid 14278] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14278, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [ 253.109203][T14276] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 253.111901][T14281] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.132751][T14281] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 253.135602][T14290] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./508/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./508/binderfs") = 0 [pid 411] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14291] set_robust_list(0x7f1c2a1159e0, 24 [pid 14290] <... openat resumed>) = 7 [pid 14276] <... futex resumed>) = 0 [pid 14273] <... openat resumed>) = 8 [pid 14273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14271] <... futex resumed>) = 0 [pid 14291] <... set_robust_list resumed>) = 0 [pid 14290] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14289] <... write resumed>) = 1048576 [pid 14276] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14273] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14291] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14290] <... futex resumed>) = 0 [pid 14289] munmap(0x7f1c2a016000, 1048576 [pid 14291] <... openat resumed>) = 8 [pid 14291] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14290] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14289] <... munmap resumed>) = 0 [pid 14291] <... futex resumed>) = 1 [pid 14274] <... futex resumed>) = 0 [pid 14291] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14289] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14274] exit_group(0 [pid 14289] <... openat resumed>) = 4 [pid 14289] ioctl(4, LOOP_SET_FD, 3 [pid 14291] <... futex resumed>) = ? [pid 14276] <... futex resumed>) = ? [pid 14274] <... exit_group resumed>) = ? [pid 14291] +++ exited with 0 +++ [pid 14276] +++ exited with 0 +++ [pid 14274] +++ exited with 0 +++ [pid 14271] exit_group(0 [pid 407] <... umount2 resumed>) = 0 [pid 14289] <... ioctl resumed>) = 0 [pid 14289] close(3) = 0 [pid 14289] mkdir("./bus", 0777) = 0 [pid 14289] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14271] <... exit_group resumed>) = ? [pid 14290] <... futex resumed>) = ? [pid 14290] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14274, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./503/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./503/binderfs") = 0 [pid 409] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./501/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./501/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./501/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./501/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./501") = 0 [pid 407] mkdir("./502", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14294 [pid 14273] <... futex resumed>) = ? [pid 14273] +++ exited with 0 +++ [pid 14271] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14271, si_uid=0, si_status=0, si_utime=0, si_stime=11} --- [pid 410] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./511/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./511/binderfs") = 0 [pid 410] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14284] <... mount resumed>) = 0 [pid 14284] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14284] chdir("./bus") = 0 [pid 14284] ioctl(4, LOOP_CLR_FD) = 0 [pid 14284] close(4) = 0 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14284] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14294 attached [pid 14294] set_robust_list(0x555555f755e0, 24) = 0 [pid 14294] chdir("./502") = 0 [pid 14294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14294] setpgid(0, 0) = 0 [pid 14294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14277] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14284] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14284] chdir("./file0" [pid 14294] <... openat resumed>) = 3 [pid 14284] <... chdir resumed>) = 0 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14294] write(3, "1000", 4) = 4 [pid 14294] close(3 [pid 14284] <... futex resumed>) = 1 [pid 14277] <... futex resumed>) = 0 [pid 14284] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14294] <... close resumed>) = 0 [pid 14284] <... open resumed>) = 4 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14277] <... futex resumed>) = 0 [pid 14284] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14277] <... futex resumed>) = 0 [pid 14284] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14294] symlink("/dev/binderfs", "./binderfs" [pid 14284] <... openat resumed>) = 5 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14277] <... futex resumed>) = 0 [pid 14284] <... futex resumed>) = 1 [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14277] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14294] <... symlink resumed>) = 0 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14294] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14294] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14294] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14296], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14296 [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14284] <... write resumed>) = 196608 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14296 attached [pid 14296] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14284] <... futex resumed>) = 1 [pid 14277] <... futex resumed>) = 0 [pid 14284] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14277] <... futex resumed>) = 0 [pid 14284] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14284] <... mount resumed>) = 0 [pid 14296] memfd_create("syzkaller", 0) = 3 [pid 14296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14277] <... futex resumed>) = 0 [pid 14284] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] <... open resumed>) = 6 [pid 14277] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14277] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14284] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14284] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14296] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14296] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 253.155741][T14290] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 253.172101][T14289] loop1: detected capacity change from 0 to 2048 [ 253.178480][T14284] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/505/bus supports timestamps until 2038 (0x7fffffff) [pid 14296] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14296] close(3) = 0 [pid 14296] mkdir("./bus", 0777) = 0 [pid 14296] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14289] <... mount resumed>) = 0 [pid 14284] <... write resumed>) = 1048576 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 411] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./508/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./508/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, [pid 410] <... umount2 resumed>) = 0 [pid 409] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./508/bus") = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./508") = 0 [pid 411] mkdir("./509", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14299 [pid 14289] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14289] chdir("./bus") = 0 [pid 14289] ioctl(4, LOOP_CLR_FD) = 0 [pid 14289] close(4) = 0 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] <... futex resumed>) = 0 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14289] <... futex resumed>) = 1 [pid 14289] chdir("./file0") = 0 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] <... futex resumed>) = 0 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14289] <... futex resumed>) = 1 [pid 14289] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] lstat("./511/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./511/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./511/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./511" [pid 409] lstat("./503/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./503/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] mkdir("./512", 0777 [pid 409] getdents64(4, [pid 410] <... mkdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] <... close resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 409] rmdir("./503/bus" [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... rmdir resumed>) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14301 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./503" [pid 14277] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14277] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14299 attached [pid 14299] set_robust_list(0x555555f755e0, 24) = 0 [pid 14299] chdir("./509") = 0 [pid 14299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14299] setpgid(0, 0) = 0 [pid 14299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./504", 0777 [pid 14299] <... openat resumed>) = 3 [pid 14299] write(3, "1000", 4) = 4 [pid 14299] close(3 [pid 409] <... mkdir resumed>) = 0 [pid 14299] <... close resumed>) = 0 [pid 14299] symlink("/dev/binderfs", "./binderfs" [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 14277] <... futex resumed>) = 0 [pid 14277] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=48000000} [pid 409] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14284] <... futex resumed>) = 1 [pid 14299] <... symlink resumed>) = 0 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14299] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [ 253.227596][T14296] loop0: detected capacity change from 0 to 2048 [ 253.232228][T14289] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/509/bus supports timestamps until 2038 (0x7fffffff) [pid 14299] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14284] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14302 [pid 14299] <... clone resumed>, parent_tid=[14303], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14303 [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14302 attached [pid 14302] set_robust_list(0x555555f755e0, 24) = 0 [pid 14302] chdir("./504") = 0 [pid 14302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14302] setpgid(0, 0) = 0 [pid 14302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14302] write(3, "1000", 4) = 4 [pid 14302] close(3) = 0 [pid 14302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14302] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14302] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14304], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14304 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14304 attached [pid 14304] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14304] memfd_create("syzkaller", 0) = 3 [pid 14304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14304] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14304] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14304] ioctl(4, LOOP_SET_FD, 3 [pid 14289] <... open resumed>) = 4 [pid 14304] <... ioctl resumed>) = 0 [pid 14304] close(3) = 0 [pid 14304] mkdir("./bus", 0777) = 0 [pid 14304] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14301 attached [pid 14301] set_robust_list(0x555555f755e0, 24) = 0 [pid 14301] chdir("./512") = 0 [pid 14301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14301] setpgid(0, 0) = 0 [pid 14301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14301] write(3, "1000", 4) = 4 [pid 14301] close(3) = 0 [pid 14301] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14301] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14301] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14305], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14305 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14305 attached [pid 14305] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14305] memfd_create("syzkaller", 0) = 3 [pid 14305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14288] <... futex resumed>) = 0 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14289] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14288] <... futex resumed>) = 0 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14289] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14305] <... write resumed>) = 1048576 [pid 14305] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14289] <... write resumed>) = 196608 [pid 14305] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14305] ioctl(4, LOOP_SET_FD, 3 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14303 attached ) = 1 [pid 14277] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14288] <... futex resumed>) = 0 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14277] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14277] <... futex resumed>) = 0 [pid 14277] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14289] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14277] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14305] <... ioctl resumed>) = 0 [pid 14303] set_robust_list(0x7f1c324369e0, 24 [pid 14296] <... mount resumed>) = 0 [pid 14289] <... mount resumed>) = 0 [pid 14277] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14305] close(3 [pid 14303] <... set_robust_list resumed>) = 0 [pid 14296] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [ 253.274543][T14284] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.289798][T14304] loop2: detected capacity change from 0 to 2048 [ 253.295174][T14296] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/502/bus supports timestamps until 2038 (0x7fffffff) [ 253.314860][T14305] loop3: detected capacity change from 0 to 2048 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14277] <... mprotect resumed>) = 0 [pid 14305] <... close resumed>) = 0 [pid 14303] memfd_create("syzkaller", 0 [pid 14296] <... openat resumed>) = 3 [pid 14289] <... futex resumed>) = 1 [pid 14277] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14305] mkdir("./bus", 0777 [pid 14303] <... memfd_create resumed>) = 3 [pid 14296] chdir("./bus" [pid 14289] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14305] <... mkdir resumed>) = 0 [pid 14303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14296] <... chdir resumed>) = 0 [pid 14277] <... clone resumed>, parent_tid=[14308], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14308 [pid 14305] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14303] <... mmap resumed>) = 0x7f1c2a016000 [pid 14296] ioctl(4, LOOP_CLR_FD [pid 14277] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] <... ioctl resumed>) = 0 [pid 14288] <... futex resumed>) = 0 [pid 14277] <... futex resumed>) = 0 [pid 14296] close(4 [pid 14277] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14296] <... close resumed>) = 0 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14303] munmap(0x7f1c2a016000, 1048576 [pid 14294] <... futex resumed>) = 0 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14289] <... futex resumed>) = 0 [pid 14288] <... futex resumed>) = 1 [pid 14296] <... futex resumed>) = 0 [pid 14294] <... futex resumed>) = 1 [pid 14289] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14296] chdir("./file0" [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14289] <... open resumed>) = 6 [pid 14296] <... chdir resumed>) = 0 [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14289] <... futex resumed>) = 1 [pid 14288] <... futex resumed>) = 0 [pid 14296] <... futex resumed>) = 1 [pid 14294] <... futex resumed>) = 0 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14289] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14289] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14288] <... futex resumed>) = 0 [pid 14296] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14294] <... futex resumed>) = 0 [pid 14289] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14303] <... munmap resumed>) = 0 [pid 14303] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14303] ioctl(4, LOOP_SET_FD, 3 [pid 14296] <... open resumed>) = 4 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14294] <... futex resumed>) = 0 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14294] <... futex resumed>) = 0 [pid 14296] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14296] <... openat resumed>) = 5 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14294] <... futex resumed>) = 0 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14294] <... futex resumed>) = 0 [pid 14296] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14303] <... ioctl resumed>) = 0 [pid 14303] close(3 [pid 14296] <... write resumed>) = 196608 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14294] <... futex resumed>) = 0 [pid 14296] <... futex resumed>) = 1 [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14294] <... futex resumed>) = 0 [pid 14303] <... close resumed>) = 0 [pid 14303] mkdir("./bus", 0777) = 0 [pid 14303] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14308 attached [pid 14308] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14308] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14304] <... mount resumed>) = 0 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14284] <... openat resumed>) = 7 [pid 14308] <... openat resumed>) = 8 [pid 14284] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14308] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] <... futex resumed>) = 0 [pid 14308] <... futex resumed>) = 1 [pid 14296] <... mount resumed>) = 0 [pid 14284] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14277] <... futex resumed>) = 0 [pid 14308] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14277] exit_group(0 [pid 14296] <... futex resumed>) = 1 [pid 14294] <... futex resumed>) = 0 [pid 14308] <... futex resumed>) = ? [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14284] <... futex resumed>) = ? [pid 14277] <... exit_group resumed>) = ? [pid 14308] +++ exited with 0 +++ [pid 14304] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14304] chdir("./bus" [pid 14284] +++ exited with 0 +++ [pid 14277] +++ exited with 0 +++ [pid 14296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14294] <... futex resumed>) = 0 [pid 14296] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14277, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 412] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14296] <... open resumed>) = 6 [pid 412] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./505/binderfs", [pid 14296] <... futex resumed>) = 1 [pid 14294] <... futex resumed>) = 0 [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14296] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14294] <... futex resumed>) = 0 [pid 412] unlink("./505/binderfs" [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14304] <... chdir resumed>) = 0 [pid 14304] ioctl(4, LOOP_CLR_FD) = 0 [pid 14304] close(4) = 0 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14304] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14304] <... futex resumed>) = 0 [pid 14289] <... write resumed>) = 1048576 [pid 14304] chdir("./file0" [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14304] <... chdir resumed>) = 0 [pid 14289] <... futex resumed>) = 1 [pid 14288] <... futex resumed>) = 0 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14289] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14288] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14304] <... futex resumed>) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14288] <... futex resumed>) = 0 [pid 14304] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14302] <... futex resumed>) = 0 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14304] <... open resumed>) = 4 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14304] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14302] <... futex resumed>) = 0 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14304] <... openat resumed>) = 5 [ 253.326035][T14284] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 253.335290][T14304] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/504/bus supports timestamps until 2038 (0x7fffffff) [ 253.351692][T14303] loop4: detected capacity change from 0 to 2048 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14304] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14296] <... write resumed>) = 1048576 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14302] <... futex resumed>) = 0 [pid 14294] <... futex resumed>) = 0 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14302] <... futex resumed>) = 1 [pid 14294] <... futex resumed>) = 1 [pid 14296] <... futex resumed>) = 0 [pid 14296] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 253.384120][T14289] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.398665][T14303] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/509/bus supports timestamps until 2038 (0x7fffffff) [ 253.399612][T14296] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14304] <... futex resumed>) = 0 [pid 14288] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... umount2 resumed>) = 0 [pid 14304] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14288] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14304] <... write resumed>) = 196608 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14304] <... futex resumed>) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14288] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14304] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14302] <... futex resumed>) = 0 [pid 14289] <... openat resumed>) = 7 [pid 14288] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 412] lstat("./505/bus", [pid 14304] <... mount resumed>) = 0 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14289] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] <... mprotect resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14289] <... futex resumed>) = 0 [pid 14288] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14289] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14304] <... futex resumed>) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14288] <... clone resumed>, parent_tid=[14313], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14313 [pid 412] openat(AT_FDCWD, "./505/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14304] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] <... openat resumed>) = 7 [pid 14288] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14305] <... mount resumed>) = 0 [pid 14304] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14302] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 4 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14305] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14304] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14296] <... futex resumed>) = 1 [pid 14288] <... futex resumed>) = 0 [pid 14294] <... futex resumed>) = 0 [pid 412] fstat(4, [pid 14304] <... open resumed>) = 6 [pid 14303] <... mount resumed>) = 0 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14305] <... openat resumed>) = 3 [pid 14305] chdir("./bus" [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14294] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 14305] <... chdir resumed>) = 0 [pid 14304] <... futex resumed>) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14296] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14305] ioctl(4, LOOP_CLR_FD [pid 14304] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14296] <... openat resumed>) = 8 ./strace-static-x86_64: Process 14313 attached [pid 14313] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14313] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14313] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14288] <... futex resumed>) = 0 [pid 14288] exit_group(0 [pid 14289] <... futex resumed>) = ? [pid 14288] <... exit_group resumed>) = ? [pid 14289] +++ exited with 0 +++ [pid 14313] <... futex resumed>) = ? [pid 14302] <... futex resumed>) = 0 [pid 14296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(4, [pid 14305] <... ioctl resumed>) = 0 [pid 14296] <... futex resumed>) = 1 [pid 14294] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14305] close(4 [pid 14296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14294] exit_group(0 [pid 412] close(4 [pid 14294] <... exit_group resumed>) = ? [pid 412] <... close resumed>) = 0 [pid 14305] <... close resumed>) = 0 [pid 14296] <... futex resumed>) = ? [pid 412] rmdir("./505/bus" [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14313] +++ exited with 0 +++ [pid 14305] <... futex resumed>) = 1 [pid 14303] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14301] <... futex resumed>) = 0 [pid 14296] +++ exited with 0 +++ [pid 14294] +++ exited with 0 +++ [pid 14288] +++ exited with 0 +++ [pid 412] <... rmdir resumed>) = 0 [pid 14305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, [pid 14301] <... futex resumed>) = 0 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14288, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 412] close(3 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14294, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14305] chdir("./file0" [pid 408] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... close resumed>) = 0 [pid 407] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14305] <... chdir resumed>) = 0 [pid 412] rmdir("./505" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 408] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14305] <... futex resumed>) = 1 [pid 407] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14301] <... futex resumed>) = 0 [pid 14305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14303] <... openat resumed>) = 3 [pid 412] mkdir("./506", 0777 [pid 408] <... openat resumed>) = 3 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 14305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14303] chdir("./bus" [pid 412] <... mkdir resumed>) = 0 [pid 14305] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14303] <... chdir resumed>) = 0 [pid 14301] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 408] fstat(3, [pid 407] fstat(3, [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14303] ioctl(4, LOOP_CLR_FD [pid 412] <... openat resumed>) = 3 [pid 408] getdents64(3, [pid 407] getdents64(3, [pid 14303] <... ioctl resumed>) = 0 [pid 412] ioctl(3, LOOP_CLR_FD [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14303] close(4 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] close(3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14305] <... open resumed>) = 4 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] <... close resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 408] lstat("./509/binderfs", [pid 407] lstat("./502/binderfs", [pid 14305] <... futex resumed>) = 1 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14301] <... futex resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14303] <... futex resumed>) = 1 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14299] <... futex resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14303] chdir("./file0" [pid 14301] <... futex resumed>) = 0 [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] unlink("./509/binderfs" [pid 407] unlink("./502/binderfs" [pid 14305] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14303] <... chdir resumed>) = 0 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14299] <... futex resumed>) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14314 [pid 408] <... unlink resumed>) = 0 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... unlink resumed>) = 0 [pid 14305] <... openat resumed>) = 5 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14299] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) ./strace-static-x86_64: Process 14314 attached [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14304] <... write resumed>) = 1048576 [pid 14303] <... futex resumed>) = 0 [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14314] set_robust_list(0x555555f755e0, 24 [pid 14305] <... futex resumed>) = 1 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14301] <... futex resumed>) = 0 [pid 14299] <... futex resumed>) = 0 [pid 14305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14303] <... open resumed>) = 4 [pid 14301] <... futex resumed>) = 0 [pid 14305] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14314] <... set_robust_list resumed>) = 0 [pid 14304] <... futex resumed>) = 1 [pid 14302] <... futex resumed>) = 0 [ 253.410805][T14305] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/512/bus supports timestamps until 2038 (0x7fffffff) [ 253.424577][T14296] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 253.440187][T14289] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14314] chdir("./506" [pid 14305] <... write resumed>) = 196608 [pid 14304] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14303] <... futex resumed>) = 1 [pid 14299] <... futex resumed>) = 0 [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14305] <... futex resumed>) = 1 [pid 14303] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14301] <... futex resumed>) = 0 [pid 14299] <... futex resumed>) = 0 [pid 14305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14303] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14314] <... chdir resumed>) = 0 [pid 14305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14302] <... futex resumed>) = 0 [pid 14314] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14314] <... prctl resumed>) = 0 [pid 14314] setpgid(0, 0) = 0 [pid 14314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14314] write(3, "1000", 4) = 4 [pid 14314] close(3) = 0 [pid 14314] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14314] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14314] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14305] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14303] <... openat resumed>) = 5 [pid 14301] <... futex resumed>) = 0 [pid 14305] <... mount resumed>) = 0 [pid 14304] <... openat resumed>) = 7 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] <... futex resumed>) = 1 [pid 14301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14299] <... futex resumed>) = 0 [pid 14305] <... futex resumed>) = 0 [pid 14304] <... futex resumed>) = 1 [pid 14303] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14305] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14304] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14303] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14301] <... futex resumed>) = 0 [pid 14299] <... futex resumed>) = 0 [pid 14305] <... open resumed>) = 6 [pid 14303] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14314] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14302] <... futex resumed>) = 0 [pid 14302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14314] <... clone resumed>, parent_tid=[14315], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14315 [pid 14304] <... futex resumed>) = 0 [pid 14302] <... futex resumed>) = 1 ./strace-static-x86_64: Process 14315 attached [pid 14305] <... futex resumed>) = 0 [pid 14303] <... write resumed>) = 196608 [pid 14302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14315] set_robust_list(0x7f1c324369e0, 24 [pid 14305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14315] <... set_robust_list resumed>) = 0 [pid 14305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14303] <... futex resumed>) = 1 [pid 14301] <... futex resumed>) = 0 [pid 14299] <... futex resumed>) = 0 [pid 14315] memfd_create("syzkaller", 0 [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14305] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14304] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14303] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14314] <... futex resumed>) = 0 [pid 14304] <... openat resumed>) = 8 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14304] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14302] <... futex resumed>) = 0 [pid 14304] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14302] exit_group(0 [pid 14304] <... futex resumed>) = ? [pid 14302] <... exit_group resumed>) = ? [pid 14304] +++ exited with 0 +++ [pid 14303] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14302] +++ exited with 0 +++ [pid 14299] <... futex resumed>) = 0 [pid 14303] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14302, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 14303] <... mount resumed>) = 0 [pid 14315] <... memfd_create resumed>) = 3 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14303] <... futex resumed>) = 1 [pid 14299] <... futex resumed>) = 0 [pid 409] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14303] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14303] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14299] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14303] <... open resumed>) = 6 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 3 [pid 14303] <... futex resumed>) = 0 [pid 14299] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14303] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] fstat(3, [pid 14303] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14299] <... futex resumed>) = 0 [pid 14315] <... mmap resumed>) = 0x7f1c2a016000 [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 409] lstat("./504/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./504/binderfs") = 0 [ 253.486268][T14304] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.500886][T14304] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 409] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14315] <... write resumed>) = 1048576 [pid 14315] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14315] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14315] ioctl(4, LOOP_SET_FD, 3 [pid 408] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14315] <... ioctl resumed>) = 0 [pid 14315] close(3) = 0 [pid 14315] mkdir("./bus", 0777) = 0 [pid 14315] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14305] <... write resumed>) = 1048576 [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14301] <... futex resumed>) = 0 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14305] <... futex resumed>) = 1 [pid 14305] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] lstat("./502/bus", [pid 408] lstat("./509/bus", [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./502/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./502/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... openat resumed>) = 4 [pid 408] openat(AT_FDCWD, "./509/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] fstat(4, [pid 408] <... openat resumed>) = 4 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] fstat(4, [pid 407] getdents64(4, [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, [pid 14303] <... write resumed>) = 1048576 [pid 408] getdents64(4, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] close(4 [pid 407] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 407] rmdir("./502/bus" [pid 14303] <... futex resumed>) = 1 [pid 14299] <... futex resumed>) = 0 [pid 14299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14299] <... futex resumed>) = 0 [pid 408] rmdir("./509/bus" [pid 407] getdents64(3, [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14303] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14305] <... openat resumed>) = 7 [pid 408] <... rmdir resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] getdents64(3, [pid 407] close(3 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] <... close resumed>) = 0 [pid 408] close(3 [pid 407] rmdir("./502" [pid 408] <... close resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [ 253.540664][T14315] loop5: detected capacity change from 0 to 2048 [ 253.562953][T14305] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.579179][T14305] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] rmdir("./509" [pid 407] mkdir("./503", 0777 [pid 14301] <... futex resumed>) = 0 [pid 14301] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14301] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14305] <... futex resumed>) = 1 [pid 14305] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14301] <... futex resumed>) = 0 [pid 14301] exit_group(0) = ? [pid 14305] <... futex resumed>) = ? [pid 14305] +++ exited with 0 +++ [pid 14301] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14301, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./512/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./512/binderfs") = 0 [pid 410] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14315] <... mount resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 408] mkdir("./510", 0777 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 408] <... mkdir resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 407] ioctl(3, LOOP_CLR_FD [pid 408] <... openat resumed>) = 3 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] ioctl(3, LOOP_CLR_FD [pid 407] close(3 [pid 14315] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... close resumed>) = 0 [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14318 [pid 14315] <... openat resumed>) = 3 [pid 14315] chdir("./bus") = 0 [pid 14315] ioctl(4, LOOP_CLR_FD) = 0 [pid 14315] close(4) = 0 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14314] <... futex resumed>) = 0 [pid 14315] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 14318 attached [pid 14318] set_robust_list(0x555555f755e0, 24) = 0 [pid 14318] chdir("./510") = 0 [pid 14318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14318] setpgid(0, 0) = 0 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14319 [pid 14318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14318] write(3, "1000", 4) = 4 [pid 14318] close(3) = 0 [pid 14318] symlink("/dev/binderfs", "./binderfs" [pid 14299] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14299] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14299] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14299] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14320], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14320 [pid 14299] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14299] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14318] <... symlink resumed>) = 0 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14318] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14318] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14318] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14321], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14321 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14319 attached [pid 14319] set_robust_list(0x555555f755e0, 24) = 0 [pid 14319] chdir("./503") = 0 [pid 14319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14319] setpgid(0, 0) = 0 [pid 14319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14319] write(3, "1000", 4) = 4 [pid 14319] close(3) = 0 [pid 14319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14319] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14319] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14319] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14322], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14322 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14322 attached [pid 14322] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14322] memfd_create("syzkaller", 0) = 3 [pid 14322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 14320 attached ./strace-static-x86_64: Process 14321 attached [pid 14315] <... futex resumed>) = 0 [pid 14303] <... openat resumed>) = 7 [pid 14303] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14320] set_robust_list(0x7f1c2a1159e0, 24 [pid 14315] chdir("./file0" [pid 14303] <... futex resumed>) = 0 [pid 14315] <... chdir resumed>) = 0 [pid 14303] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] set_robust_list(0x7f1c324369e0, 24 [pid 14320] <... set_robust_list resumed>) = 0 [pid 14314] <... futex resumed>) = 0 [pid 14315] <... futex resumed>) = 1 [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... set_robust_list resumed>) = 0 [pid 14320] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14315] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14314] <... futex resumed>) = 0 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14320] <... openat resumed>) = 8 [pid 14315] <... open resumed>) = 4 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./504/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./504/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./504/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./504") = 0 [pid 409] mkdir("./505", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14323 [pid 14322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14314] <... futex resumed>) = 0 [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14315] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14315] <... openat resumed>) = 5 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14314] <... futex resumed>) = 0 [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14315] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14322] <... write resumed>) = 1048576 [pid 14322] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14322] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 253.579270][T14303] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.590612][T14315] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/506/bus supports timestamps until 2038 (0x7fffffff) [ 253.605650][T14303] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14322] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14323 attached [pid 14321] memfd_create("syzkaller", 0 [pid 14320] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14315] <... write resumed>) = 196608 [pid 14320] <... futex resumed>) = 1 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14299] <... futex resumed>) = 0 [pid 14320] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14315] <... futex resumed>) = 1 [pid 14314] <... futex resumed>) = 0 [pid 14299] exit_group(0 [pid 14320] <... futex resumed>) = ? [pid 14315] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14303] <... futex resumed>) = ? [pid 14299] <... exit_group resumed>) = ? [pid 14323] set_robust_list(0x555555f755e0, 24 [pid 14322] <... ioctl resumed>) = 0 [pid 14321] <... memfd_create resumed>) = 3 [pid 14320] +++ exited with 0 +++ [pid 14315] <... mount resumed>) = 0 [pid 14314] <... futex resumed>) = 0 [pid 14303] +++ exited with 0 +++ [pid 14299] +++ exited with 0 +++ [pid 14321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14299, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14315] <... futex resumed>) = 1 [pid 14314] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14315] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14315] <... open resumed>) = 6 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 14315] <... futex resumed>) = 1 [pid 14314] <... futex resumed>) = 0 [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14314] <... futex resumed>) = 0 [pid 14315] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14322] close(3) = 0 [pid 14322] mkdir("./bus", 0777) = 0 [pid 14323] <... set_robust_list resumed>) = 0 [pid 14323] chdir("./505") = 0 [pid 14323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14323] setpgid(0, 0) = 0 [pid 14323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14322] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14323] write(3, "1000", 4 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14323] <... write resumed>) = 4 [pid 14321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14315] <... write resumed>) = 1048576 [pid 411] lstat("./509/binderfs", [pid 410] <... umount2 resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] unlink("./509/binderfs" [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... unlink resumed>) = 0 [pid 410] lstat("./512/bus", [pid 411] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./512/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14314] <... futex resumed>) = 0 [pid 14315] <... futex resumed>) = 1 [pid 14315] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(4, [pid 14314] <... futex resumed>) = 0 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14315] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] close(4 [pid 14315] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./512/bus" [pid 14323] close(3 [pid 14321] <... write resumed>) = 1048576 [pid 410] <... rmdir resumed>) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3 [pid 14323] <... close resumed>) = 0 [pid 14323] symlink("/dev/binderfs", "./binderfs" [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./512" [pid 14323] <... symlink resumed>) = 0 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14323] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14323] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 410] mkdir("./513", 0777 [pid 14323] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14323] <... clone resumed>, parent_tid=[14325], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14325 [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 14323] <... futex resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14325 attached [pid 14321] munmap(0x7f1c2a016000, 1048576 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14326 [pid 14321] <... munmap resumed>) = 0 [pid 14321] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 253.653407][T14322] loop0: detected capacity change from 0 to 2048 [ 253.684250][T14315] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14321] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14326 attached [pid 14325] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14325] memfd_create("syzkaller", 0) = 3 [pid 14325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14315] <... openat resumed>) = 7 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14315] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14325] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14325] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14325] ioctl(4, LOOP_SET_FD, 3 [pid 14326] set_robust_list(0x555555f755e0, 24 [pid 14322] <... mount resumed>) = 0 [pid 14321] <... ioctl resumed>) = 0 [pid 14314] <... futex resumed>) = 0 [pid 14326] <... set_robust_list resumed>) = 0 [pid 14314] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] chdir("./513" [pid 14314] <... futex resumed>) = 1 [pid 14326] <... chdir resumed>) = 0 [pid 14314] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14326] setpgid(0, 0) = 0 [pid 14326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14326] write(3, "1000", 4) = 4 [pid 14326] close(3) = 0 [pid 14326] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14326] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14326] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14328], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14328 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14328 attached [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14325] <... ioctl resumed>) = 0 [pid 14322] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14321] close(3 [pid 14315] <... futex resumed>) = 0 [pid 14315] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14315] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14315] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14314] <... futex resumed>) = 0 [pid 14314] exit_group(0 [pid 14322] <... openat resumed>) = 3 [pid 14315] <... futex resumed>) = ? [pid 14314] <... exit_group resumed>) = ? [pid 14315] +++ exited with 0 +++ [pid 14322] chdir("./bus") = 0 [pid 14322] ioctl(4, LOOP_CLR_FD) = 0 [pid 14322] close(4) = 0 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14319] <... futex resumed>) = 0 [pid 14322] chdir("./file0" [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14322] <... chdir resumed>) = 0 [pid 14319] <... futex resumed>) = 0 [pid 14314] +++ exited with 0 +++ [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14322] <... futex resumed>) = 0 [pid 14319] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14322] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14325] close(3) = 0 [pid 14321] <... close resumed>) = 0 [pid 14325] mkdir("./bus", 0777 [pid 14321] mkdir("./bus", 0777 [pid 14325] <... mkdir resumed>) = 0 [pid 14321] <... mkdir resumed>) = 0 [pid 14321] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14325] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14328] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14328] memfd_create("syzkaller", 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14314, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./509/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./509/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./509/bus" [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 411] <... rmdir resumed>) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./509") = 0 [pid 411] mkdir("./510", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14329 ./strace-static-x86_64: Process 14329 attached [pid 14329] set_robust_list(0x555555f755e0, 24 [pid 412] <... restart_syscall resumed>) = 0 [pid 14329] <... set_robust_list resumed>) = 0 [pid 14329] chdir("./510") = 0 [pid 14329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14329] setpgid(0, 0) = 0 [pid 14329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14329] write(3, "1000", 4) = 4 [pid 14329] close(3) = 0 [pid 14329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14329] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14329] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14330], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14330 [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14330 attached [pid 14330] set_robust_list(0x7f1c324369e0, 24 [pid 412] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14330] <... set_robust_list resumed>) = 0 [pid 412] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14330] memfd_create("syzkaller", 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./506/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./506/binderfs") = 0 [pid 412] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14330] <... memfd_create resumed>) = 3 [pid 14330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14322] <... open resumed>) = 4 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14319] <... futex resumed>) = 0 [pid 14322] <... futex resumed>) = 1 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14322] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14319] <... futex resumed>) = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14322] <... openat resumed>) = 5 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14319] <... futex resumed>) = 0 [pid 14322] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14322] <... write resumed>) = 196608 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14319] <... futex resumed>) = 0 [pid 14328] <... memfd_create resumed>) = 3 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14322] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14319] <... futex resumed>) = 0 [pid 14328] <... mmap resumed>) = 0x7f1c2a016000 [pid 14322] <... mount resumed>) = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14319] <... futex resumed>) = 0 [pid 14322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14322] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14319] <... futex resumed>) = 0 [pid 14322] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14322] <... open resumed>) = 6 [pid 14328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14322] <... futex resumed>) = 1 [pid 14319] <... futex resumed>) = 0 [pid 14322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14322] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14319] <... futex resumed>) = 0 [pid 14322] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14330] <... write resumed>) = 1048576 [pid 14328] <... write resumed>) = 1048576 [pid 14330] munmap(0x7f1c2a016000, 1048576 [pid 14328] munmap(0x7f1c2a016000, 1048576 [pid 14330] <... munmap resumed>) = 0 [pid 14328] <... munmap resumed>) = 0 [pid 14330] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14328] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14330] <... openat resumed>) = 4 [pid 14328] <... openat resumed>) = 4 [ 253.700519][T14315] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 253.703900][T14321] loop1: detected capacity change from 0 to 2048 [ 253.716017][T14322] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/503/bus supports timestamps until 2038 (0x7fffffff) [ 253.726403][T14325] loop2: detected capacity change from 0 to 2048 [pid 14330] ioctl(4, LOOP_SET_FD, 3 [pid 14328] ioctl(4, LOOP_SET_FD, 3 [pid 14330] <... ioctl resumed>) = 0 [pid 14330] close(3) = 0 [pid 14330] mkdir("./bus", 0777) = 0 [pid 14330] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14328] <... ioctl resumed>) = 0 [pid 14328] close(3) = 0 [pid 14328] mkdir("./bus", 0777) = 0 [pid 14328] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14325] <... mount resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14325] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14322] <... write resumed>) = 1048576 [pid 14321] <... mount resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./506/bus", [pid 14325] <... openat resumed>) = 3 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14325] chdir("./bus" [pid 14322] <... futex resumed>) = 1 [pid 14321] <... openat resumed>) = 3 [pid 14325] <... chdir resumed>) = 0 [pid 14322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14321] chdir("./bus" [pid 14325] ioctl(4, LOOP_CLR_FD [pid 14321] <... chdir resumed>) = 0 [pid 14325] <... ioctl resumed>) = 0 [pid 14321] ioctl(4, LOOP_CLR_FD [pid 14325] close(4 [pid 14321] <... ioctl resumed>) = 0 [pid 14325] <... close resumed>) = 0 [pid 14321] close(4 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... close resumed>) = 0 [pid 14325] <... futex resumed>) = 1 [pid 14323] <... futex resumed>) = 0 [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14325] chdir("./file0" [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 14325] <... chdir resumed>) = 0 [pid 14323] <... futex resumed>) = 0 [pid 14321] chdir("./file0" [pid 14319] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14321] <... chdir resumed>) = 0 [pid 14318] <... futex resumed>) = 0 [pid 14325] <... futex resumed>) = 0 [pid 14323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14325] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... futex resumed>) = 0 [pid 14318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14323] <... futex resumed>) = 0 [pid 14321] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14318] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./506/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./506/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./506") = 0 [pid 412] mkdir("./507", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14339 ./strace-static-x86_64: Process 14339 attached [pid 14339] set_robust_list(0x555555f755e0, 24) = 0 [pid 14339] chdir("./507") = 0 [pid 14339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14339] setpgid(0, 0) = 0 [pid 14339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14339] write(3, "1000", 4) = 4 [pid 14339] close(3) = 0 [pid 14339] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14339] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14339] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14340], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14340 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14340 attached [pid 14340] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14340] memfd_create("syzkaller", 0 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14322] <... futex resumed>) = 0 [ 253.780000][T14330] loop4: detected capacity change from 0 to 2048 [ 253.786731][T14328] loop3: detected capacity change from 0 to 2048 [ 253.797050][T14325] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/505/bus supports timestamps until 2038 (0x7fffffff) [ 253.799441][T14321] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/510/bus supports timestamps until 2038 (0x7fffffff) [pid 14340] <... memfd_create resumed>) = 3 [pid 14322] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14325] <... open resumed>) = 4 [pid 14321] <... open resumed>) = 4 [pid 14340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14330] <... mount resumed>) = 0 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14328] <... mount resumed>) = 0 [pid 14328] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14328] chdir("./bus") = 0 [pid 14328] ioctl(4, LOOP_CLR_FD) = 0 [pid 14328] close(4) = 0 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] <... futex resumed>) = 0 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 1 [pid 14328] chdir("./file0") = 0 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] <... futex resumed>) = 0 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14326] <... futex resumed>) = 0 [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14323] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14318] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 1 [pid 14328] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14340] <... write resumed>) = 1048576 [pid 14340] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14340] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 253.836757][T14330] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/510/bus supports timestamps until 2038 (0x7fffffff) [ 253.848951][T14322] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.850576][T14328] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/513/bus supports timestamps until 2038 (0x7fffffff) [ 253.865605][T14322] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14340] ioctl(4, LOOP_SET_FD, 3 [pid 14330] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14325] <... futex resumed>) = 1 [pid 14323] <... futex resumed>) = 0 [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 14330] <... openat resumed>) = 3 [pid 14325] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=36000000} [pid 14322] <... openat resumed>) = 7 [pid 14321] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=37000000} [pid 14330] chdir("./bus" [pid 14325] <... openat resumed>) = 5 [pid 14330] <... chdir resumed>) = 0 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... openat resumed>) = 5 [pid 14340] <... ioctl resumed>) = 0 [pid 14340] close(3) = 0 [pid 14340] mkdir("./bus", 0777) = 0 [pid 14340] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14330] ioctl(4, LOOP_CLR_FD) = 0 [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] close(4 [pid 14325] <... futex resumed>) = 1 [pid 14323] <... futex resumed>) = 0 [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 14330] <... close resumed>) = 0 [pid 14322] <... futex resumed>) = 1 [pid 14322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14325] <... futex resumed>) = 0 [pid 14323] <... futex resumed>) = 1 [pid 14325] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14325] <... write resumed>) = 196608 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] <... futex resumed>) = 0 [pid 14325] <... futex resumed>) = 1 [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14325] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14323] <... futex resumed>) = 0 [pid 14325] <... mount resumed>) = 0 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14323] <... futex resumed>) = 0 [pid 14325] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14325] <... open resumed>) = 6 [pid 14323] <... futex resumed>) = 0 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14325] <... futex resumed>) = 0 [pid 14323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14325] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14323] <... futex resumed>) = 0 [pid 14321] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14319] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14321] <... write resumed>) = 196608 [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] <... futex resumed>) = 0 [pid 14329] <... futex resumed>) = 0 [pid 14330] chdir("./file0" [pid 14328] <... open resumed>) = 4 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14319] <... futex resumed>) = 1 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14330] <... chdir resumed>) = 0 [pid 14319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14326] <... futex resumed>) = 0 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14322] <... futex resumed>) = 0 [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 14326] <... futex resumed>) = 0 [pid 14322] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 14330] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14329] <... futex resumed>) = 0 [pid 14322] <... openat resumed>) = 8 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14321] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14318] <... futex resumed>) = 0 [pid 14330] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 1 [pid 14330] <... open resumed>) = 4 [pid 14322] <... futex resumed>) = 1 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14319] <... futex resumed>) = 0 [pid 14330] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 14322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14321] <... mount resumed>) = 0 [pid 14319] exit_group(0 [pid 14330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14329] <... futex resumed>) = 0 [pid 14322] <... futex resumed>) = ? [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14319] <... exit_group resumed>) = ? [pid 14330] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14322] +++ exited with 0 +++ [pid 14328] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14319] +++ exited with 0 +++ [pid 14326] <... futex resumed>) = 0 [pid 14330] <... openat resumed>) = 5 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14319, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14326] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14321] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14318] <... futex resumed>) = 0 [pid 14330] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14330] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] <... open resumed>) = 6 [pid 14328] <... futex resumed>) = 1 [pid 14328] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14330] <... write resumed>) = 196608 [pid 14329] <... futex resumed>) = 0 [pid 14328] <... write resumed>) = 196608 [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14330] <... futex resumed>) = 0 [pid 14329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14321] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14330] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] <... futex resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 14329] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] fstat(3, [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] <... futex resumed>) = 0 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14330] <... mount resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] lstat("./503/binderfs", [pid 14330] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14329] <... futex resumed>) = 0 [pid 14330] <... open resumed>) = 6 [pid 407] unlink("./503/binderfs" [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 1 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14328] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 407] <... unlink resumed>) = 0 [pid 14330] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 407] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14330] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14328] <... mount resumed>) = 0 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14326] <... futex resumed>) = 0 [pid 14328] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14328] <... open resumed>) = 6 [pid 14326] <... futex resumed>) = 0 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 0 [pid 14326] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14328] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 253.880311][T14340] loop5: detected capacity change from 0 to 2048 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... write resumed>) = 1048576 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] <... futex resumed>) = 0 [pid 14326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 1 [pid 14328] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14325] <... write resumed>) = 1048576 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14323] <... futex resumed>) = 0 [pid 14325] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14318] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 253.932538][T14328] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.948186][T14325] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 253.959819][T14340] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/507/bus supports timestamps until 2038 (0x7fffffff) [ 253.962493][T14325] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14329] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14326] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14318] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = 0 [pid 14329] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] <... futex resumed>) = 0 [pid 14329] <... futex resumed>) = 0 [pid 14326] <... futex resumed>) = 0 [pid 14318] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14318] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14329] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14326] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14318] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14329] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14326] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14329] <... mprotect resumed>) = 0 [pid 14326] <... mprotect resumed>) = 0 [pid 14321] <... write resumed>) = 1048576 [pid 14318] <... mprotect resumed>) = 0 [pid 407] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14329] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14326] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14329] <... clone resumed>, parent_tid=[14344], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14344 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14329] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14326] <... clone resumed>, parent_tid=[14345], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14345 [pid 14321] <... futex resumed>) = 0 [pid 407] lstat("./503/bus", [pid 14329] <... futex resumed>) = 0 [pid 14326] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14321] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14318] <... clone resumed>, parent_tid=[14346], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14346 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14329] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14326] <... futex resumed>) = 0 [pid 14318] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./503/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14326] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14318] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14318] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "./503/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./503/bus") = 0 [pid 14325] <... openat resumed>) = 7 [pid 407] getdents64(3, [pid 14328] <... openat resumed>) = 7 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14328] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14325] <... futex resumed>) = 1 [pid 14323] <... futex resumed>) = 0 [pid 407] close(3 [pid 14325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... close resumed>) = 0 [pid 14325] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14323] <... futex resumed>) = 0 [pid 407] rmdir("./503" [pid 14325] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14328] <... futex resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 14328] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14325] <... openat resumed>) = 8 [pid 407] mkdir("./504", 0777 [pid 14325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14323] <... futex resumed>) = 0 [pid 14325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14323] exit_group(0 [pid 14325] <... futex resumed>) = ? [pid 14323] <... exit_group resumed>) = ? [pid 407] <... mkdir resumed>) = 0 [pid 14325] +++ exited with 0 +++ [pid 14340] <... mount resumed>) = 0 [pid 14340] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14340] chdir("./bus") = 0 [pid 14340] ioctl(4, LOOP_CLR_FD [pid 14323] +++ exited with 0 +++ [pid 14340] <... ioctl resumed>) = 0 [pid 14340] close(4) = 0 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] chdir("./file0") = 0 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14323, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- ./strace-static-x86_64: Process 14344 attached [pid 14344] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14344] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14340] <... open resumed>) = 4 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 409] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./505/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./505/binderfs") = 0 [pid 409] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... openat resumed>) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14347 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14347 attached ./strace-static-x86_64: Process 14346 attached ./strace-static-x86_64: Process 14345 attached [pid 14330] <... write resumed>) = 1048576 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14340] <... write resumed>) = 196608 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14347] set_robust_list(0x555555f755e0, 24 [pid 14346] set_robust_list(0x7f1c2a1159e0, 24 [pid 14345] set_robust_list(0x7f1c2a1159e0, 24 [pid 14344] <... openat resumed>) = 7 [pid 14330] <... futex resumed>) = 0 [pid 14347] <... set_robust_list resumed>) = 0 [pid 14346] <... set_robust_list resumed>) = 0 [pid 14345] <... set_robust_list resumed>) = 0 [pid 14344] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14347] chdir("./504" [ 253.973717][T14328] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 254.001614][T14344] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.016979][T14344] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14346] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14345] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14344] <... futex resumed>) = 1 [pid 14329] <... futex resumed>) = 0 [pid 14347] <... chdir resumed>) = 0 [pid 14340] <... write resumed>) = 1048576 [pid 14329] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14330] <... futex resumed>) = 0 [pid 14329] <... futex resumed>) = 1 [pid 14330] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14329] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14330] <... openat resumed>) = 8 [pid 14330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14329] <... futex resumed>) = 0 [pid 14330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14329] exit_group(0 [pid 14330] <... futex resumed>) = ? [pid 14329] <... exit_group resumed>) = ? [pid 14330] +++ exited with 0 +++ [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14339] <... futex resumed>) = 0 [pid 14339] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14340] <... futex resumed>) = 1 [pid 14340] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14347] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14345] <... openat resumed>) = 8 [pid 14347] <... prctl resumed>) = 0 [pid 14345] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14344] +++ exited with 0 +++ [pid 14329] +++ exited with 0 +++ [pid 14326] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14318] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14347] setpgid(0, 0 [pid 14345] <... futex resumed>) = 0 [pid 14326] exit_group(0 [pid 14318] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14329, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14347] <... setpgid resumed>) = 0 [pid 14328] <... futex resumed>) = ? [pid 14326] <... exit_group resumed>) = ? [pid 14321] <... futex resumed>) = 0 [pid 14318] <... futex resumed>) = 1 [pid 14347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14345] +++ exited with 0 +++ [pid 14328] +++ exited with 0 +++ [pid 14326] +++ exited with 0 +++ [pid 14321] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14318] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14347] <... openat resumed>) = 3 [pid 14346] <... openat resumed>) = 7 [pid 14321] <... openat resumed>) = 8 [pid 411] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14347] write(3, "1000", 4 [pid 14321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14326, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14347] <... write resumed>) = 4 [pid 14321] <... futex resumed>) = 1 [pid 14318] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 14347] close(3 [pid 14321] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... openat resumed>) = 3 [pid 410] <... restart_syscall resumed>) = 0 [pid 14347] <... close resumed>) = 0 [pid 411] fstat(3, [pid 14347] symlink("/dev/binderfs", "./binderfs" [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14347] <... symlink resumed>) = 0 [pid 411] getdents64(3, [pid 410] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14347] <... futex resumed>) = 0 [pid 411] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 3 [pid 14347] <... mmap resumed>) = 0x7f1c32416000 [pid 411] lstat("./510/binderfs", [pid 410] fstat(3, [pid 14347] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14347] <... mprotect resumed>) = 0 [pid 411] unlink("./510/binderfs" [pid 410] getdents64(3, [pid 14347] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... unlink resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14347] <... clone resumed>, parent_tid=[14348], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14348 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./513/binderfs", [pid 14347] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 ./strace-static-x86_64: Process 14348 attached [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14346] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] unlink("./513/binderfs" [pid 14348] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14348] memfd_create("syzkaller", 0) = 3 [pid 14348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] <... unlink resumed>) = 0 [pid 14346] <... futex resumed>) = 0 [pid 14346] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... umount2 resumed>) = 0 [pid 410] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14318] exit_group(0 [pid 14321] <... futex resumed>) = ? [pid 14318] <... exit_group resumed>) = ? [pid 14321] +++ exited with 0 +++ [pid 14348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14339] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14339] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14339] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14339] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14349], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14349 [pid 14339] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14339] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./505/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14348] <... write resumed>) = 1048576 [pid 14348] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14348] ioctl(4, LOOP_SET_FD, 3 [ 254.035917][T14346] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.050613][T14340] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.054906][T14346] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 254.066956][T14340] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 409] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 14349 attached [pid 14346] <... futex resumed>) = ? [pid 14340] <... openat resumed>) = 7 [pid 409] openat(AT_FDCWD, "./505/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./505/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./505") = 0 [pid 409] mkdir("./506", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 14349] set_robust_list(0x7f1c2a1159e0, 24 [pid 14348] <... ioctl resumed>) = 0 [pid 14346] +++ exited with 0 +++ [pid 14340] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14318] +++ exited with 0 +++ [pid 409] <... close resumed>) = 0 [pid 14340] <... futex resumed>) = 0 [pid 14340] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14348] close(3) = 0 [pid 14349] <... set_robust_list resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14318, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14348] mkdir("./bus", 0777 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14350 [pid 14349] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, [pid 14349] <... openat resumed>) = 8 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./510/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./510/binderfs" [pid 14349] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14349] <... futex resumed>) = 1 [pid 14339] <... futex resumed>) = 0 [pid 14349] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14339] exit_group(0) = ? [pid 14340] <... futex resumed>) = ? [pid 14340] +++ exited with 0 +++ [pid 14349] <... futex resumed>) = ? [pid 14348] <... mkdir resumed>) = 0 [pid 14348] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./510/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./510/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./510/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./510") = 0 [pid 408] mkdir("./511", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14349] +++ exited with 0 +++ [pid 14339] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14339, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 14350 attached ) = 0 [pid 14350] set_robust_list(0x555555f755e0, 24 [pid 412] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 14350] <... set_robust_list resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./507/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./507/binderfs" [pid 14350] chdir("./506" [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14350] <... chdir resumed>) = 0 [pid 14350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14350] setpgid(0, 0) = 0 [pid 14350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14350] write(3, "1000", 4) = 4 [pid 14350] close(3) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./507/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./507/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./507/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./507") = 0 [pid 412] mkdir("./508", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14350] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14350] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14350] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14350] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14351], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14351 [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14351 attached [pid 14351] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14351] memfd_create("syzkaller", 0) = 3 [pid 14351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14352 [pid 14351] <... write resumed>) = 1048576 [pid 14351] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14351] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 254.097779][T14348] loop0: detected capacity change from 0 to 2048 [pid 14351] ioctl(4, LOOP_SET_FD, 3 [pid 411] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] lstat("./510/bus", [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] lstat("./513/bus", [pid 412] ioctl(3, LOOP_CLR_FD [pid 411] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14354 ./strace-static-x86_64: Process 14352 attached [pid 411] openat(AT_FDCWD, "./510/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14352] set_robust_list(0x555555f755e0, 24 [pid 411] <... openat resumed>) = 4 [pid 410] openat(AT_FDCWD, "./513/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14352] <... set_robust_list resumed>) = 0 [pid 14352] chdir("./511" [pid 411] fstat(4, [pid 410] <... openat resumed>) = 4 [pid 14352] <... chdir resumed>) = 0 [pid 14352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] fstat(4, [pid 411] getdents64(4, [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, [pid 411] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] getdents64(4, [pid 14352] setpgid(0, 0) = 0 [pid 14352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] close(4 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... close resumed>) = 0 [pid 410] close(4 [pid 411] rmdir("./510/bus" [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./513/bus" [pid 411] <... rmdir resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 411] getdents64(3, [pid 14352] <... openat resumed>) = 3 [pid 410] getdents64(3, [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3 [pid 410] close(3) = 0 [pid 411] <... close resumed>) = 0 [pid 410] rmdir("./513" [pid 14352] write(3, "1000", 4) = 4 [pid 14352] close(3) = 0 [pid 14352] symlink("/dev/binderfs", "./binderfs" [pid 411] rmdir("./510" [pid 410] <... rmdir resumed>) = 0 [pid 14352] <... symlink resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 410] mkdir("./514", 0777 [pid 411] mkdir("./511", 0777 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 14352] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 411] <... openat resumed>) = 3 [pid 14352] <... mmap resumed>) = 0x7f1c32416000 [pid 14352] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 410] <... openat resumed>) = 3 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] ioctl(3, LOOP_CLR_FD [pid 411] close(3) = 0 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] close(3) = 0 [pid 14352] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14356 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14357 [pid 14352] <... clone resumed>, parent_tid=[14358], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14358 [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14357 attached [pid 14357] set_robust_list(0x555555f755e0, 24) = 0 [pid 14357] chdir("./514") = 0 [pid 14357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14357] setpgid(0, 0) = 0 [pid 14357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14357] write(3, "1000", 4) = 4 [pid 14357] close(3) = 0 [pid 14357] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 14358 attached [pid 14358] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14358] memfd_create("syzkaller", 0) = 3 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14357] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14358] <... mmap resumed>) = 0x7f1c2a016000 [pid 14357] <... mmap resumed>) = 0x7f1c32416000 [pid 14357] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14357] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14351] <... ioctl resumed>) = 0 [pid 14357] <... clone resumed>, parent_tid=[14359], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14359 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14351] close(3) = 0 [pid 14351] mkdir("./bus", 0777) = 0 [pid 14351] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14358] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14358] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14358] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14359 attached ./strace-static-x86_64: Process 14356 attached ./strace-static-x86_64: Process 14354 attached ) = 0 [pid 14358] close(3) = 0 [pid 14358] mkdir("./bus", 0777) = 0 [pid 14358] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14348] <... mount resumed>) = 0 [pid 14348] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14348] chdir("./bus") = 0 [pid 14348] ioctl(4, LOOP_CLR_FD) = 0 [pid 14348] close(4) = 0 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [pid 14348] chdir("./file0" [pid 14354] set_robust_list(0x555555f755e0, 24 [pid 14359] set_robust_list(0x7f1c324369e0, 24 [pid 14356] set_robust_list(0x555555f755e0, 24 [pid 14354] <... set_robust_list resumed>) = 0 [pid 14359] <... set_robust_list resumed>) = 0 [pid 14356] <... set_robust_list resumed>) = 0 [pid 14354] chdir("./508") = 0 [pid 14356] chdir("./511" [pid 14359] memfd_create("syzkaller", 0 [pid 14356] <... chdir resumed>) = 0 [pid 14354] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14359] <... memfd_create resumed>) = 3 [pid 14356] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14354] <... prctl resumed>) = 0 [pid 14359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14356] <... prctl resumed>) = 0 [pid 14354] setpgid(0, 0) = 0 [pid 14356] setpgid(0, 0 [pid 14354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14356] <... setpgid resumed>) = 0 [pid 14354] <... openat resumed>) = 3 [pid 14354] write(3, "1000", 4) = 4 [pid 14354] close(3 [pid 14356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14354] <... close resumed>) = 0 [pid 14354] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14356] <... openat resumed>) = 3 [pid 14356] write(3, "1000", 4 [pid 14354] <... futex resumed>) = 0 [pid 14359] <... mmap resumed>) = 0x7f1c2a016000 [pid 14354] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14356] <... write resumed>) = 4 [pid 14356] close(3 [pid 14354] <... mmap resumed>) = 0x7f1c32416000 [pid 14348] <... chdir resumed>) = 0 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [pid 14348] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [pid 14348] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [pid 14348] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14354] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14354] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14356] <... close resumed>) = 0 [pid 14356] symlink("/dev/binderfs", "./binderfs" [pid 14354] <... clone resumed>, parent_tid=[14362], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14362 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14356] <... symlink resumed>) = 0 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14348] <... write resumed>) = 196608 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [ 254.143783][T14351] loop2: detected capacity change from 0 to 2048 [ 254.167310][T14348] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/504/bus supports timestamps until 2038 (0x7fffffff) [ 254.185457][T14358] loop1: detected capacity change from 0 to 2048 [pid 14348] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL./strace-static-x86_64: Process 14362 attached [pid 14362] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14362] memfd_create("syzkaller", 0) = 3 [pid 14362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14362] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14362] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14362] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14362] ioctl(4, LOOP_SET_FD, 3 [pid 14356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14356] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14356] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14363], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14363 [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14348] <... mount resumed>) = 0 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [pid 14348] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14348] <... futex resumed>) = 1 [pid 14348] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14363 attached [pid 14363] set_robust_list(0x7f1c324369e0, 24 [pid 14362] <... ioctl resumed>) = 0 [pid 14363] <... set_robust_list resumed>) = 0 [pid 14363] memfd_create("syzkaller", 0 [pid 14362] close(3 [pid 14363] <... memfd_create resumed>) = 3 [pid 14362] <... close resumed>) = 0 [pid 14363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14362] mkdir("./bus", 0777 [pid 14363] <... mmap resumed>) = 0x7f1c2a016000 [pid 14362] <... mkdir resumed>) = 0 [pid 14363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14362] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14363] <... write resumed>) = 1048576 [pid 14363] munmap(0x7f1c2a016000, 1048576 [pid 14359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14351] <... mount resumed>) = 0 [pid 14363] <... munmap resumed>) = 0 [pid 14363] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14359] <... write resumed>) = 1048576 [ 254.218459][T14351] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/506/bus supports timestamps until 2038 (0x7fffffff) [ 254.228581][T14362] loop5: detected capacity change from 0 to 2048 [pid 14351] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14363] <... openat resumed>) = 4 [pid 14359] munmap(0x7f1c2a016000, 1048576 [pid 14351] <... openat resumed>) = 3 [pid 14363] ioctl(4, LOOP_SET_FD, 3 [pid 14359] <... munmap resumed>) = 0 [pid 14351] chdir("./bus" [pid 14363] <... ioctl resumed>) = 0 [pid 14359] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14358] <... mount resumed>) = 0 [pid 14351] <... chdir resumed>) = 0 [pid 14363] close(3 [pid 14359] <... openat resumed>) = 4 [pid 14351] ioctl(4, LOOP_CLR_FD [pid 14363] <... close resumed>) = 0 [pid 14359] ioctl(4, LOOP_SET_FD, 3 [pid 14351] <... ioctl resumed>) = 0 [pid 14363] mkdir("./bus", 0777 [pid 14362] <... mount resumed>) = 0 [pid 14359] <... ioctl resumed>) = 0 [pid 14351] close(4 [pid 14348] <... write resumed>) = 1048576 [pid 14347] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14363] <... mkdir resumed>) = 0 [pid 14359] close(3 [pid 14351] <... close resumed>) = 0 [pid 14363] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14359] <... close resumed>) = 0 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] mkdir("./bus", 0777 [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14359] <... mkdir resumed>) = 0 [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14351] chdir("./file0" [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14351] <... chdir resumed>) = 0 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14348] <... futex resumed>) = 0 [pid 14347] <... futex resumed>) = 0 [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14348] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14362] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14362] <... openat resumed>) = 3 [pid 14351] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14347] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14362] chdir("./bus") = 0 [pid 14362] ioctl(4, LOOP_CLR_FD) = 0 [pid 14362] close(4) = 0 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14358] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14358] chdir("./bus") = 0 [pid 14358] ioctl(4, LOOP_CLR_FD) = 0 [pid 14358] close(4) = 0 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14358] chdir("./file0" [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] <... chdir resumed>) = 0 [pid 14352] <... futex resumed>) = 0 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14358] <... futex resumed>) = 0 [pid 14352] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14358] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14354] <... futex resumed>) = 0 [pid 14351] <... open resumed>) = 4 [pid 14347] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... mprotect resumed>) = 0 [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14347] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14351] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14347] <... clone resumed>, parent_tid=[14370], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14370 [pid 14351] <... openat resumed>) = 5 [pid 14347] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 1 [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14347] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14351] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14370 attached [pid 14370] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 254.258145][T14358] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/511/bus supports timestamps until 2038 (0x7fffffff) [ 254.261793][T14363] loop4: detected capacity change from 0 to 2048 [ 254.272599][T14362] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/508/bus supports timestamps until 2038 (0x7fffffff) [ 254.279395][T14359] loop3: detected capacity change from 0 to 2048 [pid 14370] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14362] <... futex resumed>) = 0 [pid 14351] <... write resumed>) = 196608 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] chdir("./file0" [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14351] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14362] <... chdir resumed>) = 0 [pid 14358] <... open resumed>) = 4 [pid 14351] <... mount resumed>) = 0 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] <... futex resumed>) = 1 [pid 14354] <... futex resumed>) = 0 [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14354] <... futex resumed>) = 0 [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14351] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14351] <... open resumed>) = 6 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14362] <... open resumed>) = 4 [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14350] <... futex resumed>) = 0 [pid 14351] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14370] <... openat resumed>) = 7 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14370] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] <... futex resumed>) = 1 [pid 14358] <... futex resumed>) = 1 [pid 14354] <... futex resumed>) = 0 [pid 14352] <... futex resumed>) = 0 [pid 14370] <... futex resumed>) = 1 [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... futex resumed>) = 0 [pid 14370] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14362] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14354] <... futex resumed>) = 0 [pid 14352] <... futex resumed>) = 0 [pid 14347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14358] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14362] <... openat resumed>) = 5 [pid 14358] <... openat resumed>) = 5 [pid 14348] <... futex resumed>) = 0 [pid 14347] <... futex resumed>) = 1 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14348] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14362] <... futex resumed>) = 1 [pid 14358] <... futex resumed>) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14352] <... futex resumed>) = 0 [pid 14358] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14358] <... write resumed>) = 196608 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14352] <... futex resumed>) = 0 [pid 14358] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14358] <... mount resumed>) = 0 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14352] <... futex resumed>) = 0 [pid 14358] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14358] <... open resumed>) = 6 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14352] <... futex resumed>) = 0 [pid 14358] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... mount resumed>) = 0 [pid 14354] <... futex resumed>) = 0 [pid 14348] <... openat resumed>) = 8 [pid 14347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14359] chdir("./bus") = 0 [pid 14359] ioctl(4, LOOP_CLR_FD) = 0 [pid 14359] close(4) = 0 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14357] <... futex resumed>) = 0 [pid 14359] chdir("./file0" [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] <... chdir resumed>) = 0 [pid 14357] <... futex resumed>) = 0 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] <... futex resumed>) = 0 [pid 14357] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14359] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... open resumed>) = 4 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14357] <... futex resumed>) = 0 [pid 14359] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] <... openat resumed>) = 5 [pid 14357] <... futex resumed>) = 0 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... futex resumed>) = 0 [pid 14357] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14359] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 254.307013][T14370] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.321645][T14370] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 254.341392][T14359] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/514/bus supports timestamps until 2038 (0x7fffffff) [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] <... write resumed>) = 196608 [pid 14357] <... futex resumed>) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14357] <... futex resumed>) = 0 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... futex resumed>) = 1 [pid 14359] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14357] <... futex resumed>) = 0 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... futex resumed>) = 1 [pid 14359] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14357] <... futex resumed>) = 0 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... futex resumed>) = 1 [pid 14359] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14362] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 1 [pid 14362] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14348] <... futex resumed>) = 1 [pid 14347] <... futex resumed>) = 0 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14351] <... write resumed>) = 1048576 [pid 14348] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14347] exit_group(0 [pid 14370] <... futex resumed>) = ? [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14347] <... exit_group resumed>) = ? [pid 14370] +++ exited with 0 +++ [pid 14351] <... futex resumed>) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14348] <... futex resumed>) = ? [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] <... mount resumed>) = 0 [pid 14363] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14362] <... write resumed>) = 196608 [pid 14358] <... write resumed>) = 1048576 [pid 14351] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14350] <... futex resumed>) = 0 [pid 14348] +++ exited with 0 +++ [pid 14347] +++ exited with 0 +++ [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] chdir("./bus") = 0 [pid 14363] ioctl(4, LOOP_CLR_FD) = 0 [pid 14363] close(4) = 0 [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14363] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14347, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./504/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./504/binderfs") = 0 [pid 407] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14362] <... futex resumed>) = 1 [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14358] <... futex resumed>) = 1 [pid 14352] <... futex resumed>) = 0 [ 254.365820][T14363] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/511/bus supports timestamps until 2038 (0x7fffffff) [ 254.387787][T14351] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.400188][T14358] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14358] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] <... write resumed>) = 1048576 [pid 14357] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14356] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 0 [pid 14352] <... futex resumed>) = 0 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] <... futex resumed>) = 0 [pid 14362] <... futex resumed>) = 0 [pid 14359] <... futex resumed>) = 0 [pid 14356] <... futex resumed>) = 1 [pid 14354] <... futex resumed>) = 1 [pid 14363] chdir("./file0" [pid 14362] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14359] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14363] <... chdir resumed>) = 0 [pid 14362] <... mount resumed>) = 0 [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] <... futex resumed>) = 1 [pid 14362] <... futex resumed>) = 1 [pid 14356] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 0 [pid 14363] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14362] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14356] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 0 [pid 14363] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14362] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14363] <... open resumed>) = 4 [pid 14362] <... open resumed>) = 6 [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] <... futex resumed>) = 1 [pid 14362] <... futex resumed>) = 1 [pid 14356] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 0 [pid 14363] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14363] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14362] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14356] <... futex resumed>) = 0 [pid 14354] <... futex resumed>) = 0 [pid 14363] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14362] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14363] <... openat resumed>) = 5 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14357] <... futex resumed>) = 1 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14358] <... openat resumed>) = 7 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14358] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14352] <... futex resumed>) = 0 [pid 14358] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14358] <... openat resumed>) = 8 [pid 14358] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14352] <... futex resumed>) = 0 [pid 14358] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14352] exit_group(0 [pid 14358] <... futex resumed>) = ? [pid 14352] <... exit_group resumed>) = ? [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14359] <... futex resumed>) = 0 [pid 14358] +++ exited with 0 +++ [pid 14352] +++ exited with 0 +++ [pid 14363] <... futex resumed>) = 1 [pid 14359] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14356] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14352, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14363] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14351] <... openat resumed>) = 7 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14350] <... futex resumed>) = 0 [pid 14351] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14350] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14351] <... openat resumed>) = 8 [pid 14350] <... futex resumed>) = 0 [pid 14351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14350] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14351] <... futex resumed>) = 0 [pid 14350] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14350] exit_group(0 [pid 14351] <... futex resumed>) = ? [pid 14350] <... exit_group resumed>) = ? [pid 14351] +++ exited with 0 +++ [pid 14350] +++ exited with 0 +++ [pid 14362] <... write resumed>) = 1048576 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14350, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14354] <... futex resumed>) = 0 [pid 409] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14363] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14363] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14354] <... futex resumed>) = 1 [pid 409] <... openat resumed>) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./506/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./506/binderfs") = 0 [pid 409] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14362] <... futex resumed>) = 0 [ 254.403638][T14351] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 254.423658][T14358] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 254.442666][T14359] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.458288][T14359] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14362] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14363] <... write resumed>) = 196608 [pid 14359] <... openat resumed>) = 7 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14363] <... futex resumed>) = 1 [pid 14356] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14363] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 14363] <... mount resumed>) = 0 [pid 14356] <... futex resumed>) = 0 [pid 408] fstat(3, [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14363] <... futex resumed>) = 0 [pid 14356] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] getdents64(3, [pid 14363] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14363] <... open resumed>) = 6 [pid 14356] <... futex resumed>) = 0 [pid 408] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14363] <... futex resumed>) = 0 [pid 14356] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] lstat("./511/binderfs", [pid 14363] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14356] <... futex resumed>) = 0 [pid 408] unlink("./511/binderfs" [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14357] <... futex resumed>) = 0 [pid 14357] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14357] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14359] <... futex resumed>) = 1 [pid 14359] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 407] <... umount2 resumed>) = 0 [pid 14359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14359] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14362] <... openat resumed>) = 7 [pid 14357] <... futex resumed>) = 0 [pid 407] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14357] exit_group(0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14359] <... futex resumed>) = ? [pid 14357] <... exit_group resumed>) = ? [pid 407] lstat("./504/bus", [pid 14359] +++ exited with 0 +++ [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14357] +++ exited with 0 +++ [pid 14354] <... futex resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14357, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14354] <... futex resumed>) = 0 [pid 14354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 407] umount2("./504/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./504/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... openat resumed>) = 4 [pid 410] lstat("./514/binderfs", [pid 407] fstat(4, [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] unlink("./514/binderfs" [pid 407] getdents64(4, [pid 410] <... unlink resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./504/bus" [pid 14362] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... rmdir resumed>) = 0 [pid 407] getdents64(3, [pid 14363] <... write resumed>) = 1048576 [pid 14362] <... openat resumed>) = 8 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./504") = 0 [pid 407] mkdir("./505", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 14373 attached , child_tidptr=0x555555f755d0) = 14373 [pid 14362] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14362] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14363] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] set_robust_list(0x555555f755e0, 24) = 0 [pid 14373] chdir("./505" [pid 14354] <... futex resumed>) = 0 [pid 14356] <... futex resumed>) = 0 [pid 14373] <... chdir resumed>) = 0 [pid 14373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14373] setpgid(0, 0) = 0 [pid 14373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14354] exit_group(0 [pid 14356] <... futex resumed>) = 1 [pid 14354] <... exit_group resumed>) = ? [pid 14373] write(3, "1000", 4) = 4 [pid 14373] close(3) = 0 [pid 14373] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14363] <... futex resumed>) = 0 [pid 14362] <... futex resumed>) = ? [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14373] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14373] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14373] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14374], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14374 [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14374 attached [pid 14363] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14362] +++ exited with 0 +++ [pid 14354] +++ exited with 0 +++ [pid 409] <... umount2 resumed>) = 0 [pid 14373] <... futex resumed>) = 0 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14354, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./506/bus", [pid 412] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./508/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./508/binderfs") = 0 [pid 412] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 254.461425][T14362] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.482458][T14362] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14374] set_robust_list(0x7f1c324369e0, 24 [pid 410] <... umount2 resumed>) = 0 [pid 409] openat(AT_FDCWD, "./506/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./506/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./506") = 0 [pid 410] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] mkdir("./507", 0777 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... mkdir resumed>) = 0 [pid 410] lstat("./514/bus", [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... openat resumed>) = 3 [pid 410] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] ioctl(3, LOOP_CLR_FD [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] openat(AT_FDCWD, "./514/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] close(3 [pid 410] <... openat resumed>) = 4 [pid 409] <... close resumed>) = 0 [pid 410] fstat(4, [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14375 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./514/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14374] <... set_robust_list resumed>) = 0 [pid 410] close(3 [pid 408] <... umount2 resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./514") = 0 [pid 410] mkdir("./515", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14376 ./strace-static-x86_64: Process 14375 attached ./strace-static-x86_64: Process 14376 attached [pid 14376] set_robust_list(0x555555f755e0, 24 [pid 14375] set_robust_list(0x555555f755e0, 24) = 0 [pid 14376] <... set_robust_list resumed>) = 0 [pid 14375] chdir("./507" [pid 14376] chdir("./515") = 0 [pid 14376] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 408] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14374] memfd_create("syzkaller", 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14376] <... prctl resumed>) = 0 [pid 14375] <... chdir resumed>) = 0 [pid 14374] <... memfd_create resumed>) = 3 [pid 408] lstat("./511/bus", [pid 14376] setpgid(0, 0 [pid 14375] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14363] <... openat resumed>) = 7 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14374] <... mmap resumed>) = 0x7f1c2a016000 [pid 408] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14376] <... setpgid resumed>) = 0 [pid 14375] <... prctl resumed>) = 0 [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] setpgid(0, 0 [pid 14356] <... futex resumed>) = 0 [pid 14356] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14356] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14363] <... futex resumed>) = 1 [pid 14375] <... setpgid resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./511/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./511/bus" [pid 14363] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] <... rmdir resumed>) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3 [pid 14374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./511" [pid 14375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 408] <... rmdir resumed>) = 0 [pid 408] mkdir("./512", 0777 [pid 14363] <... openat resumed>) = 8 [pid 408] <... mkdir resumed>) = 0 [pid 14375] <... openat resumed>) = 3 [pid 14363] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14375] write(3, "1000", 4 [pid 14363] <... futex resumed>) = 1 [pid 14356] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 14375] <... write resumed>) = 4 [pid 14363] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14356] exit_group(0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 14375] close(3 [pid 14363] <... futex resumed>) = ? [pid 14356] <... exit_group resumed>) = ? [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14376] <... openat resumed>) = 3 [pid 14374] <... write resumed>) = 1048576 [pid 408] close(3 [pid 14376] write(3, "1000", 4 [pid 14374] munmap(0x7f1c2a016000, 1048576 [pid 408] <... close resumed>) = 0 [pid 14376] <... write resumed>) = 4 [pid 14374] <... munmap resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14376] close(3 [pid 14374] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14376] <... close resumed>) = 0 [pid 14374] <... openat resumed>) = 4 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14377 [pid 14376] symlink("/dev/binderfs", "./binderfs" [pid 14374] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14377 attached [pid 14376] <... symlink resumed>) = 0 [pid 14375] <... close resumed>) = 0 [pid 14363] +++ exited with 0 +++ [pid 14356] +++ exited with 0 +++ [pid 14377] set_robust_list(0x555555f755e0, 24 [pid 14375] symlink("/dev/binderfs", "./binderfs" [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14356, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14377] <... set_robust_list resumed>) = 0 [pid 14375] <... symlink resumed>) = 0 [pid 14377] chdir("./512" [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14377] <... chdir resumed>) = 0 [pid 14375] <... futex resumed>) = 0 [pid 411] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14377] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14375] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14377] <... prctl resumed>) = 0 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] <... mmap resumed>) = 0x7f1c32416000 [pid 411] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14376] <... futex resumed>) = 0 [pid 14374] <... ioctl resumed>) = 0 [pid 14376] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14374] close(3 [pid 14376] <... mmap resumed>) = 0x7f1c32416000 [pid 14374] <... close resumed>) = 0 [pid 14376] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14374] mkdir("./bus", 0777 [pid 14376] <... mprotect resumed>) = 0 [pid 14376] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14375] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14374] <... mkdir resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 14376] <... clone resumed>, parent_tid=[14378], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14378 [pid 14374] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] <... mprotect resumed>) = 0 [pid 411] fstat(3, [pid 14376] <... futex resumed>) = 0 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14377] setpgid(0, 0) = 0 [pid 14377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14377] write(3, "1000", 4) = 4 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, [pid 14377] close(3) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14375] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14377] symlink("/dev/binderfs", "./binderfs" [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14377] <... symlink resumed>) = 0 [pid 411] lstat("./511/binderfs", [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14377] <... futex resumed>) = 0 [pid 411] unlink("./511/binderfs" [pid 14377] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 411] <... unlink resumed>) = 0 [pid 14377] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 411] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14377] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 14379 attached ./strace-static-x86_64: Process 14378 attached [pid 14377] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14375] <... clone resumed>, parent_tid=[14379], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14379 [pid 14379] set_robust_list(0x7f1c324369e0, 24 [pid 14378] set_robust_list(0x7f1c324369e0, 24 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... set_robust_list resumed>) = 0 [pid 14378] <... set_robust_list resumed>) = 0 [pid 14375] <... futex resumed>) = 0 [pid 14379] memfd_create("syzkaller", 0 [pid 14378] memfd_create("syzkaller", 0 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14379] <... memfd_create resumed>) = 3 [pid 14378] <... memfd_create resumed>) = 3 [pid 14379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14379] <... mmap resumed>) = 0x7f1c2a016000 [pid 14378] <... mmap resumed>) = 0x7f1c2a016000 [ 254.527653][T14363] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.544899][T14363] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 254.568605][T14374] loop0: detected capacity change from 0 to 2048 [pid 14378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./508/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./508/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./508/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 14377] <... clone resumed>, parent_tid=[14381], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14381 [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./508") = 0 [pid 412] mkdir("./509", 0777 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3./strace-static-x86_64: Process 14381 attached [pid 14377] <... futex resumed>) = 0 [pid 14374] <... mount resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 14381] set_robust_list(0x7f1c324369e0, 24 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14374] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14381] <... set_robust_list resumed>) = 0 [pid 14374] <... openat resumed>) = 3 [pid 14381] memfd_create("syzkaller", 0 [pid 14374] chdir("./bus" [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14383 [pid 14381] <... memfd_create resumed>) = 3 [pid 14374] <... chdir resumed>) = 0 [pid 14381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14374] ioctl(4, LOOP_CLR_FD [pid 14381] <... mmap resumed>) = 0x7f1c2a016000 [pid 14379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14374] <... ioctl resumed>) = 0 [pid 14374] close(4) = 0 [pid 14381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14379] <... write resumed>) = 1048576 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14383 attached [pid 14379] munmap(0x7f1c2a016000, 1048576 [pid 14378] <... write resumed>) = 1048576 [pid 14374] <... futex resumed>) = 1 [pid 14373] <... futex resumed>) = 0 [pid 14383] set_robust_list(0x555555f755e0, 24 [pid 14379] <... munmap resumed>) = 0 [pid 14378] munmap(0x7f1c2a016000, 1048576 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14383] <... set_robust_list resumed>) = 0 [pid 14379] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14378] <... munmap resumed>) = 0 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 14383] chdir("./509" [pid 14379] <... openat resumed>) = 4 [pid 14378] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14374] chdir("./file0" [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14383] <... chdir resumed>) = 0 [pid 14379] ioctl(4, LOOP_SET_FD, 3 [pid 14378] <... openat resumed>) = 4 [pid 14374] <... chdir resumed>) = 0 [pid 14383] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14373] <... futex resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 14374] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... open resumed>) = 4 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14373] <... futex resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 14374] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... openat resumed>) = 5 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14373] <... futex resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 14374] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... write resumed>) = 196608 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14383] <... prctl resumed>) = 0 [pid 14381] <... write resumed>) = 1048576 [pid 14379] <... ioctl resumed>) = 0 [pid 14378] ioctl(4, LOOP_SET_FD, 3 [pid 14374] <... futex resumed>) = 1 [pid 14373] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 14383] setpgid(0, 0 [pid 14381] munmap(0x7f1c2a016000, 1048576 [pid 14379] close(3 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14383] <... setpgid resumed>) = 0 [pid 14381] <... munmap resumed>) = 0 [pid 14379] <... close resumed>) = 0 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14381] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14379] mkdir("./bus", 0777 [pid 14378] <... ioctl resumed>) = 0 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./511/bus", [pid 14383] <... openat resumed>) = 3 [pid 14381] <... openat resumed>) = 4 [pid 14379] <... mkdir resumed>) = 0 [pid 14378] close(3 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14383] write(3, "1000", 4 [ 254.590300][T14374] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/505/bus supports timestamps until 2038 (0x7fffffff) [ 254.618125][T14379] loop2: detected capacity change from 0 to 2048 [ 254.629097][T14378] loop3: detected capacity change from 0 to 2048 [pid 14381] ioctl(4, LOOP_SET_FD, 3 [pid 14379] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14378] <... close resumed>) = 0 [pid 411] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14383] <... write resumed>) = 4 [pid 14374] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14383] close(3 [pid 14381] <... ioctl resumed>) = 0 [pid 14378] mkdir("./bus", 0777 [pid 14374] <... mount resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14383] <... close resumed>) = 0 [pid 14378] <... mkdir resumed>) = 0 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./511/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14383] symlink("/dev/binderfs", "./binderfs" [pid 14378] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14374] <... futex resumed>) = 1 [pid 14373] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 14383] <... symlink resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 411] fstat(4, [pid 14383] <... futex resumed>) = 0 [pid 14374] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14383] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14374] <... open resumed>) = 6 [pid 411] getdents64(4, [pid 14383] <... mmap resumed>) = 0x7f1c32416000 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14383] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14374] <... futex resumed>) = 1 [pid 14373] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 14383] <... mprotect resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14383] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14381] close(3 [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 411] close(4 [pid 14381] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 14383] <... clone resumed>, parent_tid=[14388], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14388 [pid 14381] mkdir("./bus", 0777 [pid 411] rmdir("./511/bus" [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] <... mkdir resumed>) = 0 [pid 14374] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... rmdir resumed>) = 0 [pid 14383] <... futex resumed>) = 0 [pid 14381] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 411] getdents64(3, [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./511") = 0 [pid 411] mkdir("./512", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14389 ./strace-static-x86_64: Process 14388 attached [pid 14388] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14388] memfd_create("syzkaller", 0) = 3 [pid 14388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 254.637505][T14381] loop1: detected capacity change from 0 to 2048 ./strace-static-x86_64: Process 14389 attached [pid 14379] <... mount resumed>) = 0 [pid 14379] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14379] chdir("./bus") = 0 [pid 14379] ioctl(4, LOOP_CLR_FD) = 0 [pid 14379] close(4) = 0 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14379] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14389] set_robust_list(0x555555f755e0, 24) = 0 [pid 14389] chdir("./512") = 0 [pid 14389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14389] setpgid(0, 0) = 0 [pid 14389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14389] write(3, "1000", 4) = 4 [pid 14389] close(3) = 0 [pid 14389] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14389] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14389] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14390], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14390 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14390 attached [pid 14390] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14390] memfd_create("syzkaller", 0) = 3 [pid 14390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14375] <... futex resumed>) = 0 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... futex resumed>) = 0 [pid 14375] <... futex resumed>) = 1 [pid 14379] chdir("./file0") = 0 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... write resumed>) = 1048576 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... futex resumed>) = 0 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14374] <... futex resumed>) = 1 [pid 14373] <... futex resumed>) = 0 [pid 14379] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14375] <... futex resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14373] <... futex resumed>) = 0 [pid 14374] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14379] <... open resumed>) = 4 [pid 14390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14390] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14390] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14390] ioctl(4, LOOP_SET_FD, 3 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14375] <... futex resumed>) = 0 [pid 14379] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14375] <... futex resumed>) = 0 [pid 14379] <... openat resumed>) = 5 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14379] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14375] <... futex resumed>) = 0 [pid 14379] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] <... ioctl resumed>) = 0 [pid 14390] close(3) = 0 [pid 14390] mkdir("./bus", 0777) = 0 [pid 14390] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14378] <... mount resumed>) = 0 [pid 14378] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14378] chdir("./bus") = 0 [pid 14378] ioctl(4, LOOP_CLR_FD) = 0 [pid 14378] close(4) = 0 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... write resumed>) = 196608 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14375] <... futex resumed>) = 0 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14375] <... futex resumed>) = 0 [pid 14379] <... mount resumed>) = 0 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14375] <... futex resumed>) = 0 [pid 14379] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... open resumed>) = 6 [pid 14375] <... futex resumed>) = 0 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14375] <... futex resumed>) = 0 [pid 14379] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14376] <... futex resumed>) = 0 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] <... futex resumed>) = 1 [pid 14378] chdir("./file0") = 0 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14376] <... futex resumed>) = 0 [pid 14378] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14378] <... open resumed>) = 4 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14376] <... futex resumed>) = 0 [pid 14378] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] <... openat resumed>) = 5 [pid 14376] <... futex resumed>) = 0 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] <... futex resumed>) = 0 [pid 14376] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14378] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] <... write resumed>) = 196608 [pid 14376] <... futex resumed>) = 0 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14376] <... futex resumed>) = 0 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] <... futex resumed>) = 1 [pid 14378] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14376] <... futex resumed>) = 0 [pid 14378] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] <... open resumed>) = 6 [pid 14376] <... futex resumed>) = 0 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] <... futex resumed>) = 0 [pid 14376] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14378] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 254.661558][T14379] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/507/bus supports timestamps until 2038 (0x7fffffff) [ 254.670532][T14378] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/515/bus supports timestamps until 2038 (0x7fffffff) [ 254.688824][T14374] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.693457][T14390] loop4: detected capacity change from 0 to 2048 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] <... mount resumed>) = 0 [pid 14388] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14374] <... openat resumed>) = 7 [pid 14373] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14390] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14388] <... write resumed>) = 1048576 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14390] <... openat resumed>) = 3 [pid 14388] munmap(0x7f1c2a016000, 1048576 [pid 14374] <... futex resumed>) = 0 [pid 14390] chdir("./bus" [pid 14388] <... munmap resumed>) = 0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14390] <... chdir resumed>) = 0 [pid 14388] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14390] ioctl(4, LOOP_CLR_FD) = 0 [pid 14388] <... openat resumed>) = 4 [pid 14390] close(4) = 0 [pid 14388] ioctl(4, LOOP_SET_FD, 3 [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... write resumed>) = 1048576 [pid 14378] <... write resumed>) = 1048576 [pid 14375] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14373] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14374] <... futex resumed>) = 0 [pid 14373] <... futex resumed>) = 1 [pid 14379] <... futex resumed>) = 0 [pid 14378] <... futex resumed>) = 1 [pid 14376] <... futex resumed>) = 0 [pid 14375] <... futex resumed>) = 0 [pid 14374] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14373] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14379] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14378] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... openat resumed>) = 8 [pid 14390] <... futex resumed>) = 1 [pid 14389] <... futex resumed>) = 0 [pid 14388] <... ioctl resumed>) = 0 [pid 14381] <... mount resumed>) = 0 [pid 14390] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14388] close(3 [pid 14390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14389] <... futex resumed>) = 0 [pid 14388] <... close resumed>) = 0 [pid 14390] chdir("./file0" [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14388] mkdir("./bus", 0777 [pid 14381] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14390] <... chdir resumed>) = 0 [pid 14388] <... mkdir resumed>) = 0 [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14388] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14381] <... openat resumed>) = 3 [pid 14390] <... futex resumed>) = 1 [pid 14389] <... futex resumed>) = 0 [pid 14390] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] chdir("./bus" [pid 14390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14389] <... futex resumed>) = 0 [ 254.730694][T14374] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 254.746581][T14390] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/512/bus supports timestamps until 2038 (0x7fffffff) [ 254.746581][T14381] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/512/bus supports timestamps until 2038 (0x7fffffff) [ 254.760106][T14388] loop5: detected capacity change from 0 to 2048 [pid 14390] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14381] <... chdir resumed>) = 0 [pid 14381] ioctl(4, LOOP_CLR_FD) = 0 [pid 14381] close(4) = 0 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14377] <... futex resumed>) = 0 [pid 14381] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14377] <... futex resumed>) = 0 [pid 14381] chdir("./file0" [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14378] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14376] <... futex resumed>) = 0 [pid 14374] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14374] <... futex resumed>) = 1 [pid 14373] <... futex resumed>) = 0 [pid 14373] exit_group(0 [pid 14374] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14390] <... open resumed>) = 4 [pid 14374] <... futex resumed>) = ? [pid 14373] <... exit_group resumed>) = ? [pid 14374] +++ exited with 0 +++ [pid 14373] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14373, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14390] <... futex resumed>) = 1 [pid 14389] <... futex resumed>) = 0 [pid 407] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./505/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./505/binderfs") = 0 [pid 407] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14390] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] <... chdir resumed>) = 0 [pid 14390] <... openat resumed>) = 5 [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14390] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14389] <... futex resumed>) = 1 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14390] <... futex resumed>) = 0 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14390] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14389] <... futex resumed>) = 0 [pid 14390] <... write resumed>) = 196608 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14389] <... futex resumed>) = 0 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] <... futex resumed>) = 1 [pid 14390] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14389] <... futex resumed>) = 0 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] <... futex resumed>) = 1 [pid 14390] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14389] <... futex resumed>) = 0 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] <... futex resumed>) = 1 [pid 14390] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14377] <... futex resumed>) = 0 [pid 14381] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14381] <... open resumed>) = 4 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14377] <... futex resumed>) = 0 [pid 14381] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14377] <... futex resumed>) = 0 [pid 14381] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14381] <... openat resumed>) = 5 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... openat resumed>) = 7 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14379] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14381] <... futex resumed>) = 1 [pid 14381] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14378] <... openat resumed>) = 7 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14378] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14375] <... futex resumed>) = 0 [pid 14375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14379] <... futex resumed>) = 0 [pid 14375] <... futex resumed>) = 1 [pid 14379] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14379] <... openat resumed>) = 8 [pid 14379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14375] <... futex resumed>) = 0 [pid 14379] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 254.774706][T14379] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.798967][T14378] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.799790][T14379] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 254.819126][T14378] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14375] exit_group(0 [pid 14379] <... futex resumed>) = ? [pid 14375] <... exit_group resumed>) = ? [pid 14390] <... write resumed>) = 1048576 [pid 14379] +++ exited with 0 +++ [pid 14377] <... futex resumed>) = 0 [pid 14376] <... futex resumed>) = 0 [pid 14375] +++ exited with 0 +++ [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14389] <... futex resumed>) = 0 [pid 14390] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14388] <... mount resumed>) = 0 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14376] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14375, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14388] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14381] <... futex resumed>) = 0 [pid 14378] <... futex resumed>) = 0 [pid 14377] <... futex resumed>) = 1 [pid 14376] <... futex resumed>) = 1 [pid 14381] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14378] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14376] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14388] <... openat resumed>) = 3 [pid 14381] <... write resumed>) = 196608 [pid 14378] <... openat resumed>) = 8 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14388] chdir("./bus" [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14377] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14388] <... chdir resumed>) = 0 [pid 14381] <... futex resumed>) = 0 [pid 14378] <... futex resumed>) = 1 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14376] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14388] ioctl(4, LOOP_CLR_FD [pid 14381] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14378] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14377] <... futex resumed>) = 0 [pid 14376] exit_group(0 [pid 409] <... openat resumed>) = 3 [pid 14388] <... ioctl resumed>) = 0 [pid 14381] <... mount resumed>) = 0 [pid 14378] <... futex resumed>) = ? [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14376] <... exit_group resumed>) = ? [pid 409] fstat(3, [pid 14388] close(4 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14378] +++ exited with 0 +++ [pid 14377] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14376] +++ exited with 0 +++ [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14388] <... close resumed>) = 0 [pid 14381] <... futex resumed>) = 0 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14376, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] getdents64(3, [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14377] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 14381] <... open resumed>) = 6 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 14381] <... futex resumed>) = 1 [pid 14377] <... futex resumed>) = 0 [pid 409] lstat("./507/binderfs", [pid 14388] chdir("./file0" [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14381] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14388] <... chdir resumed>) = 0 [pid 14381] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14377] <... futex resumed>) = 0 [pid 409] unlink("./507/binderfs" [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... unlink resumed>) = 0 [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 410] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14388] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./515/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./515/binderfs") = 0 [pid 410] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14390] <... openat resumed>) = 7 [pid 14388] <... open resumed>) = 4 [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14383] <... futex resumed>) = 0 [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 14388] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14388] <... openat resumed>) = 5 [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14383] <... futex resumed>) = 0 [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 14388] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14388] <... write resumed>) = 196608 [pid 14390] <... futex resumed>) = 1 [pid 14389] <... futex resumed>) = 0 [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14381] <... write resumed>) = 1048576 [pid 407] <... umount2 resumed>) = 0 [pid 14390] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14389] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 407] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14390] <... openat resumed>) = 8 [pid 14389] <... futex resumed>) = 0 [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14390] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14389] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14390] <... futex resumed>) = 0 [pid 14389] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14388] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] lstat("./505/bus", [pid 14390] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14389] exit_group(0 [pid 14388] <... mount resumed>) = 0 [pid 14390] <... futex resumed>) = ? [pid 14389] <... exit_group resumed>) = ? [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14390] +++ exited with 0 +++ [pid 14389] +++ exited with 0 +++ [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 14381] <... futex resumed>) = 1 [pid 14377] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 407] umount2("./505/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14389, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 14377] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14388] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14381] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./505/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14388] <... open resumed>) = 6 [pid 411] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... openat resumed>) = 4 [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] fstat(4, [ 254.841583][T14388] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/509/bus supports timestamps until 2038 (0x7fffffff) [ 254.848823][T14390] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.872766][T14390] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 409] lstat("./507/bus", [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14388] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14383] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 14388] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, [pid 411] getdents64(3, [pid 410] <... umount2 resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./515/bus", [pid 411] lstat("./512/binderfs", [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./512/binderfs" [pid 410] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... unlink resumed>) = 0 [pid 411] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./515/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./515/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./515") = 0 [pid 410] mkdir("./516", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14398 ./strace-static-x86_64: Process 14398 attached [pid 14398] set_robust_list(0x555555f755e0, 24) = 0 [pid 14398] chdir("./516") = 0 [pid 14398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14398] setpgid(0, 0) = 0 [pid 14398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14398] write(3, "1000", 4) = 4 [pid 14398] close(3) = 0 [pid 14398] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14398] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14398] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14399], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14399 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14399 attached [pid 14399] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14399] memfd_create("syzkaller", 0) = 3 [pid 14399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 409] openat(AT_FDCWD, "./507/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] getdents64(4, [pid 14388] <... write resumed>) = 1048576 [pid 409] <... openat resumed>) = 4 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] fstat(4, [pid 407] close(4 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... close resumed>) = 0 [pid 409] getdents64(4, [pid 407] rmdir("./505/bus" [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 409] getdents64(4, [pid 407] <... rmdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] getdents64(3, [pid 409] close(4 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... close resumed>) = 0 [pid 407] close(3 [pid 409] rmdir("./507/bus" [pid 407] <... close resumed>) = 0 [pid 14388] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... rmdir resumed>) = 0 [pid 407] rmdir("./505" [pid 14399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14383] <... futex resumed>) = 0 [pid 14381] <... openat resumed>) = 7 [pid 409] getdents64(3, [pid 407] <... rmdir resumed>) = 0 [pid 14399] <... write resumed>) = 1048576 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] mkdir("./506", 0777 [pid 409] close(3 [pid 407] <... mkdir resumed>) = 0 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... close resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 409] rmdir("./507" [pid 407] <... openat resumed>) = 3 [pid 14399] munmap(0x7f1c2a016000, 1048576 [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... rmdir resumed>) = 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 409] mkdir("./508", 0777 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 254.906976][T14381] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 254.928782][T14381] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 254.940334][T14388] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14399] <... munmap resumed>) = 0 [pid 14399] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14399] ioctl(4, LOOP_SET_FD, 3 [pid 14381] <... futex resumed>) = 0 [pid 14377] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 409] <... mkdir resumed>) = 0 [pid 407] close(3 [pid 14388] <... openat resumed>) = 7 [pid 14381] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 407] <... close resumed>) = 0 [pid 14381] <... openat resumed>) = 8 [pid 14377] <... futex resumed>) = 0 [pid 411] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... openat resumed>) = 3 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] ioctl(3, LOOP_CLR_FD [pid 14381] <... futex resumed>) = 0 [pid 14377] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] lstat("./512/bus", [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14400 [pid 14381] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14377] exit_group(0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] close(3 [pid 14381] <... futex resumed>) = ? [pid 14377] <... exit_group resumed>) = ? [pid 411] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 14381] +++ exited with 0 +++ [pid 14377] +++ exited with 0 +++ [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] openat(AT_FDCWD, "./512/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14377, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 411] <... openat resumed>) = 4 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14401 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(4, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] getdents64(4, [pid 408] <... openat resumed>) = 3 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] fstat(3, [pid 411] close(4 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... close resumed>) = 0 [pid 408] getdents64(3, [pid 411] rmdir("./512/bus" [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... rmdir resumed>) = 0 [pid 408] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] lstat("./512/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./512/binderfs" [pid 411] close(3 [pid 408] <... unlink resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 408] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] rmdir("./512"./strace-static-x86_64: Process 14401 attached ./strace-static-x86_64: Process 14400 attached [pid 14399] <... ioctl resumed>) = 0 [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 14399] close(3 [pid 14388] <... futex resumed>) = 1 [pid 14383] <... futex resumed>) = 0 [pid 14399] <... close resumed>) = 0 [pid 14388] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14383] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14399] mkdir("./bus", 0777 [pid 14388] <... openat resumed>) = 8 [pid 14383] <... futex resumed>) = 0 [pid 14399] <... mkdir resumed>) = 0 [pid 14388] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14383] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14399] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14388] <... futex resumed>) = 0 [pid 14383] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14388] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14383] exit_group(0 [pid 411] mkdir("./513", 0777 [pid 14388] <... futex resumed>) = ? [pid 14383] <... exit_group resumed>) = ? [pid 14388] +++ exited with 0 +++ [pid 14383] +++ exited with 0 +++ [pid 14400] set_robust_list(0x555555f755e0, 24) = 0 [pid 14400] chdir("./506") = 0 [pid 14400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14400] setpgid(0, 0) = 0 [pid 14400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14400] write(3, "1000", 4) = 4 [pid 14400] close(3) = 0 [pid 14400] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14400] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14400] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14383, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14400] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 14400] <... clone resumed>, parent_tid=[14402], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14402 [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14401] set_robust_list(0x555555f755e0, 24) = 0 [pid 14401] chdir("./508") = 0 [pid 14401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14401] setpgid(0, 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 14401] <... setpgid resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 412] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 412] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14403 [pid 412] <... openat resumed>) = 3 [pid 412] fstat(3, [pid 14401] write(3, "1000", 4 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, ./strace-static-x86_64: Process 14403 attached ./strace-static-x86_64: Process 14402 attached [pid 14401] <... write resumed>) = 4 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14403] set_robust_list(0x555555f755e0, 24 [pid 14402] set_robust_list(0x7f1c324369e0, 24 [pid 14401] close(3 [pid 412] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14403] <... set_robust_list resumed>) = 0 [pid 14402] <... set_robust_list resumed>) = 0 [pid 14401] <... close resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14403] chdir("./513" [pid 14402] memfd_create("syzkaller", 0 [pid 14401] symlink("/dev/binderfs", "./binderfs" [ 254.956089][T14388] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 254.956482][T14399] loop3: detected capacity change from 0 to 2048 [pid 412] lstat("./509/binderfs", [pid 14403] <... chdir resumed>) = 0 [pid 14402] <... memfd_create resumed>) = 3 [pid 14401] <... symlink resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14403] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./509/binderfs" [pid 14403] <... prctl resumed>) = 0 [pid 14402] <... mmap resumed>) = 0x7f1c2a016000 [pid 14401] <... futex resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 14403] setpgid(0, 0 [pid 14402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14401] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14403] <... setpgid resumed>) = 0 [pid 14402] <... write resumed>) = 1048576 [pid 14401] <... mmap resumed>) = 0x7f1c32416000 [pid 14403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14401] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14403] <... openat resumed>) = 3 [pid 14401] <... mprotect resumed>) = 0 [pid 14403] write(3, "1000", 4 [pid 14401] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14403] <... write resumed>) = 4 [pid 14403] close(3 [pid 14401] <... clone resumed>, parent_tid=[14406], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14406 [pid 14403] <... close resumed>) = 0 [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] symlink("/dev/binderfs", "./binderfs" [pid 14401] <... futex resumed>) = 0 [pid 14403] <... symlink resumed>) = 0 [pid 14402] munmap(0x7f1c2a016000, 1048576 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 14406 attached [pid 14403] <... futex resumed>) = 0 [pid 14399] <... mount resumed>) = 0 [pid 14406] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14403] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14399] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14406] memfd_create("syzkaller", 0 [pid 14403] <... mmap resumed>) = 0x7f1c32416000 [pid 14402] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14406] <... memfd_create resumed>) = 3 [pid 14403] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14402] <... openat resumed>) = 4 [pid 14399] <... openat resumed>) = 3 [pid 14406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14403] <... mprotect resumed>) = 0 [pid 14402] ioctl(4, LOOP_SET_FD, 3 [pid 14406] <... mmap resumed>) = 0x7f1c2a016000 [pid 14403] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14399] chdir("./bus" [pid 14406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14407 attached [pid 14403] <... clone resumed>, parent_tid=[14407], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14407 [pid 14402] <... ioctl resumed>) = 0 [pid 14407] set_robust_list(0x7f1c324369e0, 24 [pid 14402] close(3 [pid 14407] <... set_robust_list resumed>) = 0 [pid 14402] <... close resumed>) = 0 [pid 14407] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14402] mkdir("./bus", 0777) = 0 [pid 14402] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14399] <... chdir resumed>) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14399] ioctl(4, LOOP_CLR_FD) = 0 [pid 14399] close(4) = 0 [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14399] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14406] <... write resumed>) = 1048576 [pid 14406] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14406] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14406] ioctl(4, LOOP_SET_FD, 3 [pid 14398] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14399] <... futex resumed>) = 0 [pid 14398] <... futex resumed>) = 1 [pid 408] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./512/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./512/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./512/bus") = 0 [pid 408] getdents64(3, [pid 14399] chdir("./file0" [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3 [pid 14399] <... chdir resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./512") = 0 [pid 408] mkdir("./513", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14408 [pid 14407] <... futex resumed>) = 0 [pid 14407] memfd_create("syzkaller", 0) = 3 [pid 14407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./509/bus", [pid 14399] <... futex resumed>) = 1 [pid 14398] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14399] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14398] <... futex resumed>) = 0 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./509/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14399] <... open resumed>) = 4 [pid 412] <... openat resumed>) = 4 [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14398] <... futex resumed>) = 0 [pid 412] fstat(4, [pid 14399] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14399] <... openat resumed>) = 5 [pid 14398] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14399] <... futex resumed>) = 0 [pid 14398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] getdents64(4, [pid 14399] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [ 254.997667][T14399] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/516/bus supports timestamps until 2038 (0x7fffffff) [ 255.016935][T14402] loop0: detected capacity change from 0 to 2048 [ 255.028335][T14406] loop2: detected capacity change from 0 to 2048 [pid 14407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14407] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14407] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14407] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14408 attached [pid 14399] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14398] <... futex resumed>) = 0 [pid 412] close(4 [pid 14399] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... close resumed>) = 0 [pid 14407] <... ioctl resumed>) = 0 [pid 14407] close(3) = 0 [pid 14407] mkdir("./bus", 0777) = 0 [pid 14399] <... write resumed>) = 196608 [pid 412] rmdir("./509/bus" [pid 14407] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14402] <... mount resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./509" [pid 14402] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14402] chdir("./bus") = 0 [pid 14402] ioctl(4, LOOP_CLR_FD) = 0 [pid 14402] close(4) = 0 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 14400] <... futex resumed>) = 0 [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14402] <... futex resumed>) = 1 [pid 14402] chdir("./file0" [pid 14406] <... ioctl resumed>) = 0 [pid 14406] close(3) = 0 [pid 14406] mkdir("./bus", 0777 [pid 412] mkdir("./510", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 14406] <... mkdir resumed>) = 0 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14413 [pid 14399] <... futex resumed>) = 1 [pid 14398] <... futex resumed>) = 0 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14399] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14406] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14399] <... mount resumed>) = 0 [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14398] <... futex resumed>) = 0 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 255.051727][T14402] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/506/bus supports timestamps until 2038 (0x7fffffff) [ 255.061660][T14407] loop4: detected capacity change from 0 to 2048 [pid 14399] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c./strace-static-x86_64: Process 14413 attached [pid 14408] set_robust_list(0x555555f755e0, 24 [pid 14402] <... chdir resumed>) = 0 [pid 14408] <... set_robust_list resumed>) = 0 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14408] chdir("./513" [pid 14402] <... futex resumed>) = 1 [pid 14408] <... chdir resumed>) = 0 [pid 14402] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14408] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14408] setpgid(0, 0) = 0 [pid 14408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14408] write(3, "1000", 4) = 4 [pid 14408] close(3) = 0 [pid 14408] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14408] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14408] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14408] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14414], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14414 [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14413] set_robust_list(0x555555f755e0, 24) = 0 [pid 14413] chdir("./510") = 0 [pid 14413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14413] setpgid(0, 0) = 0 [pid 14413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14413] write(3, "1000", 4) = 4 [pid 14413] close(3) = 0 [pid 14413] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14413] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14413] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14415], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14415 [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14415 attached [pid 14415] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14415] memfd_create("syzkaller", 0) = 3 [pid 14415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14415] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14415] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14415] ioctl(4, LOOP_SET_FD, 3 [pid 14400] <... futex resumed>) = 0 [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14399] <... open resumed>) = 6 [pid 14402] <... futex resumed>) = 0 [pid 14400] <... futex resumed>) = 1 [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14398] <... futex resumed>) = 0 [pid 14399] <... futex resumed>) = 1 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] <... open resumed>) = 4 [pid 14399] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14398] <... futex resumed>) = 0 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14402] <... futex resumed>) = 1 [pid 14400] <... futex resumed>) = 0 [pid 14402] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14400] <... futex resumed>) = 0 [pid 14402] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] <... mount resumed>) = 0 [pid 14407] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14402] <... openat resumed>) = 5 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14400] <... futex resumed>) = 0 [pid 14402] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14400] <... futex resumed>) = 0 [pid 14402] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] <... openat resumed>) = 3 [pid 14407] chdir("./bus") = 0 [pid 14407] ioctl(4, LOOP_CLR_FD) = 0 [pid 14407] close(4 [pid 14402] <... write resumed>) = 196608 [pid 14407] <... close resumed>) = 0 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] <... futex resumed>) = 1 [pid 14407] chdir("./file0") = 0 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] <... futex resumed>) = 1 [pid 14407] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 14414 attached [pid 14414] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14402] <... futex resumed>) = 1 [pid 14400] <... futex resumed>) = 0 [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14414] memfd_create("syzkaller", 0) = 3 [pid 14414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14407] <... open resumed>) = 4 [pid 14402] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] <... mount resumed>) = 0 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14407] <... futex resumed>) = 1 [pid 14403] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14402] <... futex resumed>) = 1 [pid 14400] <... futex resumed>) = 0 [pid 14407] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14402] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14407] <... openat resumed>) = 5 [pid 14402] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14407] <... futex resumed>) = 1 [pid 14400] <... futex resumed>) = 0 [pid 14402] <... futex resumed>) = 1 [pid 14407] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14402] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] <... futex resumed>) = 0 [pid 14400] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14407] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14407] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14414] <... write resumed>) = 1048576 [pid 14414] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14414] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14414] ioctl(4, LOOP_SET_FD, 3 [pid 14415] <... ioctl resumed>) = 0 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] close(3 [pid 14407] <... futex resumed>) = 1 [pid 14403] <... futex resumed>) = 0 [pid 14414] <... ioctl resumed>) = 0 [pid 14414] close(3) = 0 [pid 14414] mkdir("./bus", 0777) = 0 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14402] <... write resumed>) = 1048576 [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14402] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14403] <... futex resumed>) = 0 [pid 14400] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14400] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14415] <... close resumed>) = 0 [pid 14415] mkdir("./bus", 0777) = 0 [pid 14415] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14407] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14403] <... futex resumed>) = 0 [pid 14400] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14407] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14403] <... futex resumed>) = 0 [pid 14407] <... open resumed>) = 6 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14407] <... futex resumed>) = 0 [pid 14407] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14398] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14403] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14398] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14398] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14398] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14419], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14419 [pid 14398] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14419 attached [pid 14419] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 255.090876][T14407] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/513/bus supports timestamps until 2038 (0x7fffffff) [ 255.103274][T14415] loop5: detected capacity change from 0 to 2048 [ 255.132853][T14414] loop1: detected capacity change from 0 to 2048 [pid 14419] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14407] <... write resumed>) = 1048576 [pid 14402] <... futex resumed>) = 0 [pid 14399] <... write resumed>) = 1048576 [pid 14398] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14399] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14402] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14407] <... futex resumed>) = 1 [ 255.165504][T14419] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.177721][T14402] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.179905][T14407] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.194324][T14402] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14407] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14419] <... openat resumed>) = 7 [pid 14402] <... openat resumed>) = 7 [pid 14400] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 255.206845][T14419] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 255.216562][T14407] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 255.224738][T14406] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/508/bus supports timestamps until 2038 (0x7fffffff) [ 255.244629][T14414] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/513/bus supports timestamps until 2038 (0x7fffffff) [pid 14419] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] <... mount resumed>) = 0 [pid 14406] <... mount resumed>) = 0 [pid 14403] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14402] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14400] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14398] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14419] <... futex resumed>) = 0 [pid 14403] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14400] <... futex resumed>) = 0 [pid 14398] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14419] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14415] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14403] <... futex resumed>) = 0 [pid 14400] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14399] <... futex resumed>) = 0 [pid 14398] <... futex resumed>) = 1 [pid 14415] <... openat resumed>) = 3 [pid 14403] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14400] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14399] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14398] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14415] chdir("./bus" [pid 14406] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14403] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14400] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14399] <... openat resumed>) = 8 [pid 14415] <... chdir resumed>) = 0 [pid 14406] <... openat resumed>) = 3 [pid 14403] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14400] <... mprotect resumed>) = 0 [pid 14399] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] ioctl(4, LOOP_CLR_FD [pid 14406] chdir("./bus" [pid 14403] <... mprotect resumed>) = 0 [pid 14400] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14399] <... futex resumed>) = 1 [pid 14398] <... futex resumed>) = 0 [pid 14415] <... ioctl resumed>) = 0 [pid 14406] <... chdir resumed>) = 0 [pid 14403] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14399] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14398] exit_group(0 [pid 14419] <... futex resumed>) = ? [pid 14415] close(4 [pid 14406] ioctl(4, LOOP_CLR_FD [pid 14400] <... clone resumed>, parent_tid=[14423], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14423 [pid 14399] <... futex resumed>) = ? [pid 14398] <... exit_group resumed>) = ? [pid 14419] +++ exited with 0 +++ [pid 14415] <... close resumed>) = 0 [pid 14406] <... ioctl resumed>) = 0 [pid 14403] <... clone resumed>, parent_tid=[14424], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14424 [pid 14400] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14399] +++ exited with 0 +++ [pid 14398] +++ exited with 0 +++ [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14406] close(4 [pid 14403] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14400] <... futex resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14398, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14415] <... futex resumed>) = 1 [pid 14413] <... futex resumed>) = 0 [pid 14406] <... close resumed>) = 0 [pid 14403] <... futex resumed>) = 0 [pid 14400] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14415] chdir("./file0" [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14403] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14415] <... chdir resumed>) = 0 [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14406] <... futex resumed>) = 1 [pid 14401] <... futex resumed>) = 0 [pid 410] fstat(3, [pid 14415] <... futex resumed>) = 1 [pid 14413] <... futex resumed>) = 0 [pid 14406] chdir("./file0" [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14415] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14401] <... futex resumed>) = 0 [pid 410] getdents64(3, [pid 14415] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14413] <... futex resumed>) = 0 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14415] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./516/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./516/binderfs") = 0 [pid 410] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14424 attached ./strace-static-x86_64: Process 14423 attached [pid 14415] <... open resumed>) = 4 [pid 14414] <... mount resumed>) = 0 [pid 14407] <... openat resumed>) = 7 [pid 14406] <... chdir resumed>) = 0 [pid 14402] <... futex resumed>) = 0 [pid 14407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14424] set_robust_list(0x7f1c2a1159e0, 24 [pid 14423] set_robust_list(0x7f1c2a1159e0, 24 [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14407] <... futex resumed>) = 0 [pid 14406] <... futex resumed>) = 1 [pid 14402] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14401] <... futex resumed>) = 0 [pid 14424] <... set_robust_list resumed>) = 0 [pid 14423] <... set_robust_list resumed>) = 0 [pid 14415] <... futex resumed>) = 1 [pid 14414] <... openat resumed>) = 3 [pid 14413] <... futex resumed>) = 0 [pid 14407] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14424] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14423] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14415] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14414] chdir("./bus" [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14424] <... openat resumed>) = 8 [pid 14423] <... openat resumed>) = 8 [pid 14415] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14414] <... chdir resumed>) = 0 [pid 14413] <... futex resumed>) = 0 [pid 14406] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14401] <... futex resumed>) = 0 [pid 14424] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14423] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14414] ioctl(4, LOOP_CLR_FD [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14424] <... futex resumed>) = 1 [pid 14423] <... futex resumed>) = 1 [pid 14415] <... openat resumed>) = 5 [pid 14414] <... ioctl resumed>) = 0 [pid 14406] <... open resumed>) = 4 [pid 14403] <... futex resumed>) = 0 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14400] <... futex resumed>) = 0 [pid 14424] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14423] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] close(4 [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14403] exit_group(0 [pid 14401] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14400] exit_group(0 [pid 14424] <... futex resumed>) = ? [pid 14423] <... futex resumed>) = ? [pid 14415] <... futex resumed>) = 1 [pid 14414] <... close resumed>) = 0 [pid 14413] <... futex resumed>) = 0 [pid 14407] <... futex resumed>) = ? [pid 14406] <... futex resumed>) = 0 [pid 14403] <... exit_group resumed>) = ? [pid 14402] <... futex resumed>) = ? [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14400] <... exit_group resumed>) = ? [pid 14424] +++ exited with 0 +++ [pid 14423] +++ exited with 0 +++ [pid 14415] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14402] +++ exited with 0 +++ [pid 14415] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14414] <... futex resumed>) = 1 [pid 14413] <... futex resumed>) = 0 [pid 14408] <... futex resumed>) = 0 [pid 14407] +++ exited with 0 +++ [pid 14403] +++ exited with 0 +++ [pid 14401] <... futex resumed>) = 0 [pid 14415] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14406] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14400] +++ exited with 0 +++ [pid 14415] <... write resumed>) = 196608 [pid 14414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14408] <... futex resumed>) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14400, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] chdir("./file0" [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14415] <... futex resumed>) = 1 [pid 14414] <... chdir resumed>) = 0 [pid 14413] <... futex resumed>) = 0 [pid 14415] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14414] <... futex resumed>) = 1 [pid 14413] <... futex resumed>) = 0 [pid 14408] <... futex resumed>) = 0 [pid 14415] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] <... mount resumed>) = 0 [pid 14414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14408] <... futex resumed>) = 0 [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14406] <... openat resumed>) = 5 [pid 14415] <... futex resumed>) = 1 [pid 14413] <... futex resumed>) = 0 [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14403, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14406] <... futex resumed>) = 1 [pid 14401] <... futex resumed>) = 0 [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 407] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14415] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14414] <... open resumed>) = 4 [pid 14413] <... futex resumed>) = 0 [pid 14406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... restart_syscall resumed>) = 0 [pid 14415] <... open resumed>) = 6 [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14406] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14401] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] <... futex resumed>) = 1 [pid 14413] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14408] <... futex resumed>) = 0 [pid 14406] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14415] <... futex resumed>) = 0 [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14406] <... write resumed>) = 196608 [pid 411] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14415] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14413] <... futex resumed>) = 0 [pid 14408] <... futex resumed>) = 0 [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... openat resumed>) = 3 [pid 14406] <... futex resumed>) = 1 [pid 14401] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 14406] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14401] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 14406] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14406] <... mount resumed>) = 0 [pid 411] getdents64(3, [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14406] <... futex resumed>) = 1 [pid 14401] <... futex resumed>) = 0 [pid 411] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14406] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14401] <... futex resumed>) = 0 [pid 411] lstat("./513/binderfs", [pid 14414] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14406] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] fstat(3, [pid 14406] <... open resumed>) = 6 [pid 411] unlink("./513/binderfs" [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... unlink resumed>) = 0 [pid 14406] <... futex resumed>) = 1 [pid 14401] <... futex resumed>) = 0 [pid 411] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14414] <... openat resumed>) = 5 [pid 14406] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14401] <... futex resumed>) = 0 [ 255.244629][T14415] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/510/bus supports timestamps until 2038 (0x7fffffff) [pid 14406] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] getdents64(3, [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = 0 [pid 14414] <... futex resumed>) = 1 [pid 14408] <... futex resumed>) = 0 [pid 410] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14408] <... futex resumed>) = 0 [pid 410] lstat("./516/bus", [pid 14414] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./516/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./516/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./516") = 0 [pid 410] mkdir("./517", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 14414] <... write resumed>) = 196608 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(3 [pid 407] lstat("./506/binderfs", [pid 14414] <... futex resumed>) = 1 [pid 14408] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14414] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] unlink("./506/binderfs" [pid 14414] <... mount resumed>) = 0 [pid 14408] <... futex resumed>) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14425 ./strace-static-x86_64: Process 14425 attached [pid 14425] set_robust_list(0x555555f755e0, 24 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14425] <... set_robust_list resumed>) = 0 [pid 14425] chdir("./517" [pid 407] <... unlink resumed>) = 0 [pid 407] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14425] <... chdir resumed>) = 0 [pid 14425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14425] setpgid(0, 0) = 0 [pid 14425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14425] write(3, "1000", 4) = 4 [pid 14425] close(3) = 0 [pid 14425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14425] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14408] <... futex resumed>) = 0 [pid 14425] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14426], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14426 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14426 attached [pid 14426] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14426] memfd_create("syzkaller", 0) = 3 [pid 14426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14414] <... futex resumed>) = 1 [pid 14414] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14408] <... futex resumed>) = 0 [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14408] <... futex resumed>) = 0 [pid 14414] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14426] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14426] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14426] ioctl(4, LOOP_SET_FD, 3 [pid 14406] <... write resumed>) = 1048576 [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14401] <... futex resumed>) = 0 [pid 14401] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14401] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14406] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14426] <... ioctl resumed>) = 0 [pid 14426] close(3) = 0 [pid 14426] mkdir("./bus", 0777) = 0 [pid 14426] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14413] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14413] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 14413] <... futex resumed>) = 0 [pid 14413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14413] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14413] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14427], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14427 [pid 14413] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14413] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14427 attached [pid 14427] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14427] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... umount2 resumed>) = 0 [pid 411] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./513/bus", [pid 407] lstat("./506/bus", [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./506/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14408] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] openat(AT_FDCWD, "./513/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] openat(AT_FDCWD, "./506/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 411] <... openat resumed>) = 4 [pid 407] <... openat resumed>) = 4 [pid 14408] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] fstat(4, [pid 407] fstat(4, [pid 14408] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14408] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 407] getdents64(4, [pid 14408] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14408] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 411] getdents64(4, [pid 407] getdents64(4, [pid 14408] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14408] <... mprotect resumed>) = 0 [pid 411] close(4 [pid 407] close(4 [pid 14408] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 411] rmdir("./513/bus" [pid 14408] <... clone resumed>, parent_tid=[14429], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14429 [pid 411] <... rmdir resumed>) = 0 [pid 407] rmdir("./506/bus" [pid 14408] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 407] <... rmdir resumed>) = 0 [pid 14408] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] getdents64(3, [pid 14408] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] close(3 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... close resumed>) = 0 [pid 407] close(3 [pid 411] rmdir("./513" [pid 407] <... close resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 407] rmdir("./506" [pid 411] mkdir("./514", 0777 [pid 407] <... rmdir resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 407] mkdir("./507", 0777 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 407] <... mkdir resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 411] ioctl(3, LOOP_CLR_FD [pid 407] <... openat resumed>) = 3 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] ioctl(3, LOOP_CLR_FD [pid 411] close(3 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14415] <... write resumed>) = 1048576 [pid 411] <... close resumed>) = 0 [pid 407] close(3./strace-static-x86_64: Process 14429 attached [ 255.334304][T14426] loop3: detected capacity change from 0 to 2048 [ 255.341861][T14406] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.367273][T14427] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... close resumed>) = 0 [pid 14429] set_robust_list(0x7f1c2a1159e0, 24 [pid 14415] <... futex resumed>) = 0 [pid 14401] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14415] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14401] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14431 [pid 14401] <... futex resumed>) = 0 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14432 [pid 14401] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14401] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14401] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14433], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14433 [pid 14401] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14401] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14433 attached ./strace-static-x86_64: Process 14432 attached ./strace-static-x86_64: Process 14431 attached [pid 14429] <... set_robust_list resumed>) = 0 [pid 14427] <... openat resumed>) = 7 [pid 14426] <... mount resumed>) = 0 [pid 14414] <... write resumed>) = 1048576 [pid 14433] set_robust_list(0x7f1c2a1159e0, 24 [pid 14432] set_robust_list(0x555555f755e0, 24 [pid 14431] set_robust_list(0x555555f755e0, 24 [pid 14429] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14426] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14433] <... set_robust_list resumed>) = 0 [pid 14432] <... set_robust_list resumed>) = 0 [pid 14431] <... set_robust_list resumed>) = 0 [pid 14427] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14413] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14406] <... openat resumed>) = 7 [pid 14413] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14415] <... futex resumed>) = 0 [pid 14413] <... futex resumed>) = 1 [pid 14415] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14413] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14415] <... openat resumed>) = 8 [pid 14415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14413] <... futex resumed>) = 0 [pid 14415] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14413] exit_group(0 [pid 14415] <... futex resumed>) = ? [pid 14413] <... exit_group resumed>) = ? [pid 14415] +++ exited with 0 +++ [pid 14406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14427] <... futex resumed>) = ? [pid 14406] <... futex resumed>) = 0 [ 255.388161][T14427] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 255.396945][T14426] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/517/bus supports timestamps until 2038 (0x7fffffff) [ 255.399073][T14406] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 255.413871][T14429] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14433] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14432] chdir("./507" [pid 14431] chdir("./514" [pid 14429] <... openat resumed>) = 7 [pid 14426] <... openat resumed>) = 3 [pid 14414] <... futex resumed>) = 0 [pid 14408] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14433] <... openat resumed>) = 8 [pid 14432] <... chdir resumed>) = 0 [pid 14431] <... chdir resumed>) = 0 [pid 14429] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14426] chdir("./bus" [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14433] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14431] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14429] <... futex resumed>) = 0 [pid 14426] <... chdir resumed>) = 0 [pid 14414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14433] <... futex resumed>) = 1 [pid 14432] <... prctl resumed>) = 0 [pid 14431] <... prctl resumed>) = 0 [pid 14429] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14426] ioctl(4, LOOP_CLR_FD [pid 14414] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14408] <... futex resumed>) = 0 [pid 14401] <... futex resumed>) = 0 [pid 14406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14433] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14432] setpgid(0, 0 [pid 14431] setpgid(0, 0 [pid 14427] +++ exited with 0 +++ [pid 14426] <... ioctl resumed>) = 0 [pid 14414] <... openat resumed>) = 8 [pid 14413] +++ exited with 0 +++ [pid 14408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14401] exit_group(0 [pid 14433] <... futex resumed>) = ? [pid 14432] <... setpgid resumed>) = 0 [pid 14431] <... setpgid resumed>) = 0 [pid 14426] close(4 [pid 14414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14408] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14406] <... futex resumed>) = ? [pid 14401] <... exit_group resumed>) = ? [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14413, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 14433] +++ exited with 0 +++ [pid 14432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14426] <... close resumed>) = 0 [pid 14414] <... futex resumed>) = 0 [pid 14431] <... openat resumed>) = 3 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14431] write(3, "1000", 4 [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 412] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14431] <... write resumed>) = 4 [pid 14426] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14431] close(3 [pid 14426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14425] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14431] <... close resumed>) = 0 [pid 14426] chdir("./file0" [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... openat resumed>) = 3 [pid 14431] symlink("/dev/binderfs", "./binderfs" [pid 14426] <... chdir resumed>) = 0 [pid 412] fstat(3, [pid 14431] <... symlink resumed>) = 0 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 14431] <... futex resumed>) = 0 [pid 14426] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14425] <... futex resumed>) = 0 [pid 412] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14431] <... mmap resumed>) = 0x7f1c32416000 [pid 14426] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14431] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 412] lstat("./510/binderfs", [pid 14431] <... mprotect resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14431] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] unlink("./510/binderfs") = 0 [pid 14431] <... clone resumed>, parent_tid=[14434], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14434 [pid 412] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14408] exit_group(0 [pid 14406] +++ exited with 0 +++ [pid 14432] <... openat resumed>) = 3 [pid 14432] write(3, "1000", 4 [pid 14414] <... futex resumed>) = ? [pid 14408] <... exit_group resumed>) = ? [pid 14401] +++ exited with 0 +++ [pid 14432] <... write resumed>) = 4 [pid 14426] <... open resumed>) = 4 [pid 14414] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14401, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14432] close(3 [pid 14429] <... futex resumed>) = ? [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 14432] <... close resumed>) = 0 [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 409] <... restart_syscall resumed>) = 0 [pid 14432] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14432] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14432] <... mmap resumed>) = 0x7f1c32416000 [pid 14426] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14425] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 14432] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14429] +++ exited with 0 +++ [pid 14426] <... openat resumed>) = 5 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14408] +++ exited with 0 +++ [pid 409] fstat(3, [pid 14432] <... mprotect resumed>) = 0 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14408, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14432] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14426] <... futex resumed>) = 0 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, [pid 14426] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14425] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14432] <... clone resumed>, parent_tid=[14435], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14435 [pid 409] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14432] <... futex resumed>) = 0 [pid 409] lstat("./508/binderfs", [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14426] <... write resumed>) = 196608 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] unlink("./508/binderfs" [pid 408] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... unlink resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14426] <... futex resumed>) = 0 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14426] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14425] <... futex resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] fstat(3, [pid 14426] <... mount resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./513/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./513/binderfs") = 0 [pid 408] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14434 attached [pid 14434] set_robust_list(0x7f1c324369e0, 24 [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14434] <... set_robust_list resumed>) = 0 [pid 14434] memfd_create("syzkaller", 0) = 3 [pid 14434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14426] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = 0 [pid 14426] <... open resumed>) = 6 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14426] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] lstat("./513/bus", [pid 14426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14425] <... futex resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14426] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 255.431534][T14429] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 408] openat(AT_FDCWD, "./513/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./513/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./513") = 0 [pid 408] mkdir("./514", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14435 attached [pid 14435] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14435] memfd_create("syzkaller", 0) = 3 [pid 14435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14434] <... write resumed>) = 1048576 [pid 14434] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14434] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14434] ioctl(4, LOOP_SET_FD, 3 [pid 14426] <... write resumed>) = 1048576 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 14426] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14434] <... ioctl resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./510/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./510/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./510/bus") = 0 [pid 14435] <... write resumed>) = 1048576 [pid 14435] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14435] ioctl(4, LOOP_SET_FD, 3 [pid 412] getdents64(3, [pid 409] <... umount2 resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 14435] <... ioctl resumed>) = 0 [pid 14435] close(3) = 0 [pid 14435] mkdir("./bus", 0777) = 0 [pid 14435] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14434] close(3) = 0 [pid 14434] mkdir("./bus", 0777) = 0 [pid 14434] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14436 [pid 409] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./508/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./508/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [ 255.491449][T14434] loop4: detected capacity change from 0 to 2048 [ 255.510265][T14435] loop0: detected capacity change from 0 to 2048 [ 255.515068][T14426] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 409] rmdir("./508/bus"./strace-static-x86_64: Process 14436 attached [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./510") = 0 [pid 412] mkdir("./511", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14437 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./508") = 0 [pid 409] mkdir("./509", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14438 ./strace-static-x86_64: Process 14437 attached ./strace-static-x86_64: Process 14438 attached [pid 14437] set_robust_list(0x555555f755e0, 24 [pid 14426] <... openat resumed>) = 7 [pid 14438] set_robust_list(0x555555f755e0, 24 [pid 14437] <... set_robust_list resumed>) = 0 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] <... set_robust_list resumed>) = 0 [pid 14437] chdir("./511" [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 14425] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14437] <... chdir resumed>) = 0 [pid 14438] chdir("./509" [pid 14426] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14425] <... futex resumed>) = 0 [pid 14438] <... chdir resumed>) = 0 [pid 14437] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14426] <... openat resumed>) = 8 [pid 14425] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14437] <... prctl resumed>) = 0 [pid 14436] set_robust_list(0x555555f755e0, 24) = 0 [pid 14436] chdir("./514") = 0 [pid 14436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14436] setpgid(0, 0) = 0 [pid 14436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14436] write(3, "1000", 4) = 4 [pid 14436] close(3) = 0 [pid 14436] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14436] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14436] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14436] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14443], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14443 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14443 attached [pid 14443] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14443] memfd_create("syzkaller", 0) = 3 [pid 14443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14437] setpgid(0, 0 [pid 14443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14443] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14443] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14443] ioctl(4, LOOP_SET_FD, 3 [pid 14438] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14437] <... setpgid resumed>) = 0 [pid 14435] <... mount resumed>) = 0 [pid 14434] <... mount resumed>) = 0 [pid 14426] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] <... prctl resumed>) = 0 [pid 14437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14426] <... futex resumed>) = 1 [pid 14425] <... futex resumed>) = 0 [pid 14438] setpgid(0, 0 [pid 14437] <... openat resumed>) = 3 [pid 14426] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14425] exit_group(0 [pid 14438] <... setpgid resumed>) = 0 [pid 14437] write(3, "1000", 4 [pid 14426] <... futex resumed>) = ? [pid 14425] <... exit_group resumed>) = ? [pid 14438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14437] <... write resumed>) = 4 [pid 14426] +++ exited with 0 +++ [pid 14425] +++ exited with 0 +++ [pid 14438] <... openat resumed>) = 3 [pid 14437] close(3 [pid 14438] write(3, "1000", 4 [pid 14437] <... close resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14425, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14438] <... write resumed>) = 4 [pid 14437] symlink("/dev/binderfs", "./binderfs" [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 14438] close(3 [pid 14437] <... symlink resumed>) = 0 [pid 410] <... restart_syscall resumed>) = 0 [pid 14438] <... close resumed>) = 0 [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] symlink("/dev/binderfs", "./binderfs" [pid 14437] <... futex resumed>) = 0 [pid 14438] <... symlink resumed>) = 0 [pid 14437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14437] <... mmap resumed>) = 0x7f1c32416000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14438] <... futex resumed>) = 0 [pid 14437] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 410] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14438] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14437] <... mprotect resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 14438] <... mmap resumed>) = 0x7f1c32416000 [pid 14437] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] fstat(3, [pid 14438] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14438] <... mprotect resumed>) = 0 [pid 14437] <... clone resumed>, parent_tid=[14444], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14444 [pid 410] getdents64(3, [pid 14438] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14437] <... futex resumed>) = 0 [pid 410] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14438] <... clone resumed>, parent_tid=[14445], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14445 [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./517/binderfs", ./strace-static-x86_64: Process 14445 attached ./strace-static-x86_64: Process 14444 attached [pid 14443] <... ioctl resumed>) = 0 [pid 14438] <... futex resumed>) = 0 [pid 14435] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14434] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14445] set_robust_list(0x7f1c324369e0, 24 [pid 14444] set_robust_list(0x7f1c324369e0, 24 [pid 14443] close(3 [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14435] <... openat resumed>) = 3 [pid 14434] <... openat resumed>) = 3 [pid 410] unlink("./517/binderfs") = 0 [pid 410] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14443] <... close resumed>) = 0 [pid 14443] mkdir("./bus", 0777) = 0 [pid 14443] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14445] <... set_robust_list resumed>) = 0 [pid 14445] memfd_create("syzkaller", 0) = 3 [pid 14435] chdir("./bus") = 0 [pid 14445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14435] ioctl(4, LOOP_CLR_FD [pid 14445] <... mmap resumed>) = 0x7f1c2a016000 [pid 14435] <... ioctl resumed>) = 0 [pid 14435] close(4) = 0 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14435] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14444] <... set_robust_list resumed>) = 0 [pid 14444] memfd_create("syzkaller", 0 [pid 14434] chdir("./bus") = 0 [pid 14434] ioctl(4, LOOP_CLR_FD [pid 14444] <... memfd_create resumed>) = 3 [pid 14434] <... ioctl resumed>) = 0 [pid 14444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14434] close(4 [pid 14444] <... mmap resumed>) = 0x7f1c2a016000 [pid 14434] <... close resumed>) = 0 [pid 14444] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] <... futex resumed>) = 0 [pid 14434] <... futex resumed>) = 1 [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14431] <... futex resumed>) = 0 [pid 14434] chdir("./file0" [pid 14432] <... futex resumed>) = 1 [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14431] <... futex resumed>) = 0 [pid 14435] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] chdir("./file0") = 0 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] <... chdir resumed>) = 0 [pid 14435] <... futex resumed>) = 1 [pid 14432] <... futex resumed>) = 0 [pid 14435] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] <... open resumed>) = 4 [pid 14431] <... futex resumed>) = 0 [pid 14434] <... futex resumed>) = 1 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] <... futex resumed>) = 1 [pid 14432] <... futex resumed>) = 0 [pid 14435] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14432] <... futex resumed>) = 0 [pid 14435] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14434] <... open resumed>) = 4 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] <... openat resumed>) = 5 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] <... futex resumed>) = 1 [pid 14431] <... futex resumed>) = 0 [pid 14435] <... futex resumed>) = 1 [pid 14434] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14432] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14435] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14434] <... openat resumed>) = 5 [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14431] <... futex resumed>) = 0 [pid 14432] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 255.535284][T14426] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 255.551736][T14434] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/514/bus supports timestamps until 2038 (0x7fffffff) [ 255.564276][T14435] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/507/bus supports timestamps until 2038 (0x7fffffff) [ 255.570570][T14443] loop1: detected capacity change from 0 to 2048 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] <... write resumed>) = 196608 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14434] <... futex resumed>) = 1 [pid 14431] <... futex resumed>) = 0 [pid 14434] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14431] <... futex resumed>) = 0 [pid 14445] <... write resumed>) = 1048576 [pid 14444] <... write resumed>) = 1048576 [pid 14445] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14444] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14444] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14445] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14444] <... openat resumed>) = 4 [pid 14445] <... openat resumed>) = 4 [pid 14445] ioctl(4, LOOP_SET_FD, 3 [pid 14444] ioctl(4, LOOP_SET_FD, 3 [pid 14435] <... futex resumed>) = 1 [pid 14434] <... write resumed>) = 196608 [pid 14432] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14443] <... mount resumed>) = 0 [pid 14443] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14443] chdir("./bus") = 0 [pid 14443] ioctl(4, LOOP_CLR_FD) = 0 [pid 14443] close(4) = 0 [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... futex resumed>) = 0 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14443] <... futex resumed>) = 1 [pid 14443] chdir("./file0" [pid 14445] <... ioctl resumed>) = 0 [pid 14445] close(3) = 0 [pid 14445] mkdir("./bus", 0777) = 0 [pid 14445] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14435] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14434] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] <... futex resumed>) = 0 [pid 14431] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14435] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14432] <... futex resumed>) = 0 [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14434] <... futex resumed>) = 0 [pid 14434] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14435] <... open resumed>) = 6 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14432] <... futex resumed>) = 0 [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14431] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14434] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14431] <... futex resumed>) = 0 [pid 14434] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14443] <... chdir resumed>) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14436] <... futex resumed>) = 0 [pid 14443] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14443] <... open resumed>) = 4 [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14436] <... futex resumed>) = 0 [pid 14443] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] <... openat resumed>) = 5 [pid 14436] <... futex resumed>) = 0 [pid 410] lstat("./517/bus", [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14443] <... futex resumed>) = 0 [pid 14436] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14443] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] <... write resumed>) = 196608 [pid 14436] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] openat(AT_FDCWD, "./517/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./517/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./517") = 0 [pid 410] mkdir("./518", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14448 [pid 14444] <... ioctl resumed>) = 0 [pid 14444] close(3) = 0 [pid 14444] mkdir("./bus", 0777) = 0 [ 255.618336][T14443] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/514/bus supports timestamps until 2038 (0x7fffffff) [ 255.627779][T14445] loop2: detected capacity change from 0 to 2048 [ 255.632994][T14444] loop5: detected capacity change from 0 to 2048 [pid 14444] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14448 attached ) = 1 [pid 14436] <... futex resumed>) = 0 [pid 14443] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14436] <... futex resumed>) = 0 [pid 14443] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] <... write resumed>) = 1048576 [pid 14443] <... mount resumed>) = 0 [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] <... write resumed>) = 1048576 [pid 14448] set_robust_list(0x555555f755e0, 24 [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] <... futex resumed>) = 0 [pid 14435] <... futex resumed>) = 1 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... futex resumed>) = 0 [pid 14443] <... futex resumed>) = 1 [pid 14435] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14432] <... futex resumed>) = 0 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14434] <... futex resumed>) = 1 [pid 14436] <... futex resumed>) = 0 [pid 14432] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14431] <... futex resumed>) = 0 [pid 14443] <... open resumed>) = 6 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14434] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14431] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14431] <... futex resumed>) = 0 [pid 14443] <... futex resumed>) = 1 [pid 14436] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14434] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14443] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14448] <... set_robust_list resumed>) = 0 [pid 14448] chdir("./518") = 0 [pid 14448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14448] setpgid(0, 0) = 0 [pid 14448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14448] write(3, "1000", 4) = 4 [pid 14448] close(3) = 0 [pid 14448] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14448] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14448] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14448] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14449], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14449 [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14449 attached [pid 14449] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14449] memfd_create("syzkaller", 0) = 3 [pid 14449] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14449] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14449] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14449] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14449] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14449] close(3) = 0 [pid 14449] mkdir("./bus", 0777) = 0 [ 255.688675][T14434] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.707613][T14449] loop3: detected capacity change from 0 to 2048 [ 255.710901][T14435] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14449] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14445] <... mount resumed>) = 0 [pid 14445] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14445] chdir("./bus") = 0 [pid 14445] ioctl(4, LOOP_CLR_FD) = 0 [pid 14445] close(4) = 0 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14445] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14438] <... futex resumed>) = 0 [pid 14436] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14432] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14431] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14431] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] <... futex resumed>) = 1 [pid 14436] <... futex resumed>) = 0 [pid 14432] <... futex resumed>) = 0 [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14431] <... futex resumed>) = 0 [pid 14445] <... futex resumed>) = 0 [pid 14436] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14436] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14432] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14445] chdir("./file0" [pid 14436] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14432] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14431] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14436] <... mprotect resumed>) = 0 [pid 14432] <... mprotect resumed>) = 0 [pid 14431] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14436] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14432] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14431] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 14455 attached ./strace-static-x86_64: Process 14454 attached [pid 14445] <... chdir resumed>) = 0 [pid 14443] <... write resumed>) = 1048576 [pid 14435] <... openat resumed>) = 7 [pid 14434] <... openat resumed>) = 7 [pid 14431] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14455] set_robust_list(0x7f1c2a1159e0, 24 [pid 14454] set_robust_list(0x7f1c2a1159e0, 24 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... clone resumed>, parent_tid=[14454], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14454 [pid 14432] <... clone resumed>, parent_tid=[14455], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14455 [pid 14455] <... set_robust_list resumed>) = 0 [pid 14454] <... set_robust_list resumed>) = 0 [pid 14445] <... futex resumed>) = 1 [pid 14443] <... futex resumed>) = 0 [pid 14438] <... futex resumed>) = 0 [pid 14436] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14431] <... clone resumed>, parent_tid=[14456], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14456 [pid 14455] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14454] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14445] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14443] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... futex resumed>) = 0 [pid 14432] <... futex resumed>) = 0 [pid 14431] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14456 attached [pid 14455] <... openat resumed>) = 8 [pid 14445] <... open resumed>) = 4 [pid 14444] <... mount resumed>) = 0 [pid 14438] <... futex resumed>) = 0 [pid 14436] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14432] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14431] <... futex resumed>) = 0 [pid 14455] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14434] <... futex resumed>) = 0 [pid 14432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14431] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14455] <... futex resumed>) = 0 [pid 14445] <... futex resumed>) = 0 [pid 14434] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14432] exit_group(0 [pid 14445] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14432] <... exit_group resumed>) = ? [pid 14455] +++ exited with 0 +++ [pid 14444] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14435] <... futex resumed>) = ? [pid 14435] +++ exited with 0 +++ [pid 14432] +++ exited with 0 +++ [pid 14444] chdir("./bus") = 0 [pid 14444] ioctl(4, LOOP_CLR_FD) = 0 [pid 14444] close(4) = 0 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14456] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14456] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14456] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14431] <... futex resumed>) = 0 [pid 14431] exit_group(0 [pid 14434] <... futex resumed>) = ? [pid 14431] <... exit_group resumed>) = ? [pid 14434] +++ exited with 0 +++ [pid 14456] <... futex resumed>) = ? [pid 14456] +++ exited with 0 +++ [pid 14431] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14431, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./514/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./514/binderfs") = 0 [pid 411] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14432, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 255.733004][T14445] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/509/bus supports timestamps until 2038 (0x7fffffff) [ 255.733693][T14434] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 255.751666][T14435] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 255.766523][T14444] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/511/bus supports timestamps until 2038 (0x7fffffff) [pid 407] lstat("./507/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./507/binderfs") = 0 [pid 407] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] <... futex resumed>) = 0 [pid 14438] <... futex resumed>) = 1 [pid 14437] <... futex resumed>) = 0 [pid 14445] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] <... futex resumed>) = 0 [pid 14437] <... futex resumed>) = 1 [pid 14444] chdir("./file0" [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14445] <... openat resumed>) = 5 [pid 14444] <... chdir resumed>) = 0 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] <... futex resumed>) = 1 [pid 14444] <... futex resumed>) = 1 [pid 14438] <... futex resumed>) = 0 [pid 14437] <... futex resumed>) = 0 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14437] <... futex resumed>) = 0 [pid 14444] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... mount resumed>) = 0 [pid 14445] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14454] <... openat resumed>) = 7 [pid 14449] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14445] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14444] <... open resumed>) = 4 [pid 14438] <... futex resumed>) = 0 [pid 14449] <... openat resumed>) = 3 [pid 14445] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14454] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14449] chdir("./bus" [pid 14445] <... write resumed>) = 196608 [pid 14454] <... futex resumed>) = 1 [pid 14449] <... chdir resumed>) = 0 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... futex resumed>) = 0 [pid 14449] ioctl(4, LOOP_CLR_FD [pid 14445] <... futex resumed>) = 1 [pid 14438] <... futex resumed>) = 0 [pid 14449] <... ioctl resumed>) = 0 [pid 14445] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14454] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14449] close(4 [pid 14445] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14438] <... futex resumed>) = 0 [pid 14436] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14449] <... close resumed>) = 0 [pid 14445] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14444] <... futex resumed>) = 1 [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14443] <... futex resumed>) = 0 [pid 14437] <... futex resumed>) = 0 [pid 14436] <... futex resumed>) = 1 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] <... mount resumed>) = 0 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14443] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... futex resumed>) = 1 [pid 14448] <... futex resumed>) = 0 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14443] <... openat resumed>) = 8 [pid 14437] <... futex resumed>) = 0 [pid 14449] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] <... futex resumed>) = 1 [pid 14444] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14443] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] <... futex resumed>) = 0 [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14448] <... futex resumed>) = 0 [pid 14445] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14444] <... openat resumed>) = 5 [pid 14443] <... futex resumed>) = 1 [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... futex resumed>) = 0 [pid 14449] chdir("./file0" [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14445] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14438] <... futex resumed>) = 0 [pid 14449] <... chdir resumed>) = 0 [pid 14445] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14444] <... futex resumed>) = 1 [pid 14437] <... futex resumed>) = 0 [pid 14436] exit_group(0 [pid 14454] <... futex resumed>) = ? [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] <... exit_group resumed>) = ? [pid 14454] +++ exited with 0 +++ [pid 14444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14437] <... futex resumed>) = 0 [pid 14444] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14444] <... write resumed>) = 196608 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14437] <... futex resumed>) = 0 [pid 14445] <... open resumed>) = 6 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14443] <... futex resumed>) = ? [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14437] <... futex resumed>) = 0 [pid 14444] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14444] <... mount resumed>) = 0 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14437] <... futex resumed>) = 0 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14437] <... futex resumed>) = 0 [pid 14444] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... futex resumed>) = 1 [pid 14448] <... futex resumed>) = 0 [pid 14445] <... futex resumed>) = 0 [pid 14444] <... open resumed>) = 6 [pid 14443] +++ exited with 0 +++ [pid 14438] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14436] +++ exited with 0 +++ [pid 14449] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14445] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14436, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14449] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14448] <... futex resumed>) = 0 [pid 14444] <... futex resumed>) = 1 [pid 14437] <... futex resumed>) = 0 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14437] <... futex resumed>) = 0 [pid 14444] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14448] <... futex resumed>) = 0 [pid 14449] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14449] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14448] <... futex resumed>) = 0 [pid 14449] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... openat resumed>) = 5 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14448] <... futex resumed>) = 0 [pid 14449] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14449] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14448] <... futex resumed>) = 0 [pid 14449] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... write resumed>) = 196608 [pid 14438] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14448] <... futex resumed>) = 0 [pid 14449] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14449] <... mount resumed>) = 0 [pid 14448] <... futex resumed>) = 0 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... futex resumed>) = 0 [pid 14448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14449] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14449] <... open resumed>) = 6 [pid 14448] <... futex resumed>) = 0 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... futex resumed>) = 0 [pid 14448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14449] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./507/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./507/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./507/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./507/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] close(3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... close resumed>) = 0 [pid 408] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] rmdir("./507" [pid 408] <... openat resumed>) = 3 [pid 407] <... rmdir resumed>) = 0 [pid 408] fstat(3, [pid 407] mkdir("./508", 0777 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 408] getdents64(3, [pid 407] <... openat resumed>) = 3 [pid 407] ioctl(3, LOOP_CLR_FD [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] close(3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... close resumed>) = 0 [pid 408] lstat("./514/binderfs", [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14460 [pid 408] unlink("./514/binderfs") = 0 [pid 408] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14460 attached [pid 14460] set_robust_list(0x555555f755e0, 24) = 0 [pid 14460] chdir("./508") = 0 [pid 14460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14460] setpgid(0, 0) = 0 [pid 14460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14460] write(3, "1000", 4) = 4 [pid 14460] close(3) = 0 [pid 14460] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14460] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14460] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14461], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14461 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14461 attached [pid 14461] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14461] memfd_create("syzkaller", 0) = 3 [pid 14461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 255.769778][T14454] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.794956][T14454] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 255.801721][T14449] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/518/bus supports timestamps until 2038 (0x7fffffff) [pid 411] <... umount2 resumed>) = 0 [pid 14461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./514/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./514/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./514/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./514") = 0 [pid 14461] <... write resumed>) = 1048576 [pid 411] mkdir("./515", 0777 [pid 14461] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14461] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 411] <... mkdir resumed>) = 0 [pid 14461] <... openat resumed>) = 4 [pid 14461] ioctl(4, LOOP_SET_FD, 3 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14461] <... ioctl resumed>) = 0 [pid 14461] close(3) = 0 [pid 14461] mkdir("./bus", 0777) = 0 [pid 14461] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 411] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14462 ./strace-static-x86_64: Process 14462 attached [pid 14462] set_robust_list(0x555555f755e0, 24) = 0 [pid 14462] chdir("./515") = 0 [pid 14462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14462] setpgid(0, 0) = 0 [pid 14462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14462] write(3, "1000", 4) = 4 [pid 14462] close(3) = 0 [pid 14462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14462] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14462] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14449] <... write resumed>) = 1048576 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14449] <... futex resumed>) = 1 [pid 14448] <... futex resumed>) = 0 [pid 14449] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14448] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14448] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14449] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14449] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14462] <... clone resumed>, parent_tid=[14463], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14463 [pid 14437] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14437] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14437] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14462] <... futex resumed>) = 0 [pid 14437] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14438] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14437] <... mprotect resumed>) = 0 [pid 14438] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14437] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14438] <... futex resumed>) = 0 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14463 attached [pid 14438] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14437] <... clone resumed>, parent_tid=[14464], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14464 [pid 14438] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14437] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14437] <... futex resumed>) = 0 [pid 14438] <... mprotect resumed>) = 0 [pid 14437] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14438] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14465], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14465 [pid 14438] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14438] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14463] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14463] memfd_create("syzkaller", 0) = 3 [pid 14463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 14464 attached [pid 14464] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14464] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14465 attached [pid 14465] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 255.879085][T14461] loop0: detected capacity change from 0 to 2048 [ 255.897188][T14449] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.898893][T14464] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14465] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14463] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14463] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14463] ioctl(4, LOOP_SET_FD, 3 [pid 14438] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14437] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... umount2 resumed>) = 0 [pid 14438] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14437] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14438] <... futex resumed>) = 0 [pid 14437] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14448] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14438] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14438] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 14437] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 14438] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 14437] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 408] lstat("./514/bus", [pid 14438] <... mprotect resumed>) = 0 [pid 14437] <... mprotect resumed>) = 0 [pid 14448] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14437] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14448] <... futex resumed>) = 0 [pid 14448] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14448] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14438] <... clone resumed>, parent_tid=[14467], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 14467 [pid 14437] <... clone resumed>, parent_tid=[14468], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 14468 [pid 14438] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14437] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14438] <... futex resumed>) = 0 [pid 14437] <... futex resumed>) = 0 [pid 14438] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14437] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14448] <... mprotect resumed>) = 0 [pid 14448] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14448] <... clone resumed>, parent_tid=[14469], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14469 [pid 14445] <... write resumed>) = 1048576 [pid 14444] <... write resumed>) = 1048576 [pid 408] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14448] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14448] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 14469 attached [pid 14469] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14469] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14463] <... ioctl resumed>) = 0 [pid 14463] close(3) = 0 [pid 14463] mkdir("./bus", 0777) = 0 [pid 14463] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14467 attached [pid 14467] set_robust_list(0x7f1c2a0f49e0, 24) = 0 [pid 14467] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14468 attached [pid 14468] set_robust_list(0x7f1c2a0f49e0, 24) = 0 [pid 14468] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14445] <... futex resumed>) = 0 [pid 14445] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14444] <... futex resumed>) = 0 [pid 14444] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] openat(AT_FDCWD, "./514/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./514/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./514") = 0 [pid 408] mkdir("./515", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14471 [ 255.928283][T14465] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 255.933832][T14463] loop4: detected capacity change from 0 to 2048 [ 255.955530][T14461] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/508/bus supports timestamps until 2038 (0x7fffffff) [ 255.967984][T14465] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem ./strace-static-x86_64: Process 14471 attached [pid 14468] <... openat resumed>) = 8 [pid 14468] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14437] <... futex resumed>) = 0 [pid 14468] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14464] <... openat resumed>) = 7 [pid 14464] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14464] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14471] set_robust_list(0x555555f755e0, 24 [pid 14437] exit_group(0 [pid 14468] <... futex resumed>) = ? [pid 14464] <... futex resumed>) = ? [pid 14444] <... futex resumed>) = ? [pid 14437] <... exit_group resumed>) = ? [pid 14468] +++ exited with 0 +++ [pid 14444] +++ exited with 0 +++ [pid 14471] <... set_robust_list resumed>) = 0 [pid 14471] chdir("./515" [pid 14464] +++ exited with 0 +++ [pid 14437] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14437, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 14471] <... chdir resumed>) = 0 [pid 14471] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 412] <... restart_syscall resumed>) = 0 [pid 412] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 14471] <... prctl resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./511/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./511/binderfs" [pid 14471] setpgid(0, 0 [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14471] <... setpgid resumed>) = 0 [pid 14471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14438] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14438] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14471] write(3, "1000", 4) = 4 [pid 14471] close(3) = 0 [pid 14471] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14448] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14471] <... futex resumed>) = 0 [pid 14471] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14471] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14471] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] <... umount2 resumed>) = 0 [pid 14471] <... clone resumed>, parent_tid=[14472], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14472 [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14472 attached [pid 14472] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14472] memfd_create("syzkaller", 0) = 3 [pid 14472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14461] <... mount resumed>) = 0 [pid 14461] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14461] chdir("./bus") = 0 [pid 14461] ioctl(4, LOOP_CLR_FD) = 0 [pid 14461] close(4) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14460] <... futex resumed>) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14461] <... futex resumed>) = 1 [pid 14461] chdir("./file0" [pid 412] lstat("./511/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14461] <... chdir resumed>) = 0 [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14460] <... futex resumed>) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14461] <... futex resumed>) = 1 [pid 14461] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./511/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, [pid 14461] <... open resumed>) = 4 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14460] <... futex resumed>) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(4, [pid 14461] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14460] <... futex resumed>) = 0 [pid 14461] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14461] <... write resumed>) = 196608 [pid 14460] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14460] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14461] <... futex resumed>) = 1 [pid 14461] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 412] close(4 [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 14460] <... futex resumed>) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] rmdir("./511/bus" [pid 14461] <... futex resumed>) = 1 [pid 14461] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14460] <... futex resumed>) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14461] <... futex resumed>) = 1 [pid 14461] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 412] <... rmdir resumed>) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./511") = 0 [pid 412] mkdir("./512", 0777 [pid 14469] <... openat resumed>) = 8 [pid 14449] <... openat resumed>) = 7 [pid 14469] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14469] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... mkdir resumed>) = 0 [pid 14449] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14449] <... futex resumed>) = 0 [pid 14448] exit_group(0 [pid 14469] <... futex resumed>) = ? [pid 14448] <... exit_group resumed>) = ? [pid 14469] +++ exited with 0 +++ [pid 14467] <... openat resumed>) = 8 [pid 14467] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14467] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14465] <... openat resumed>) = 7 [pid 14465] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14461] <... write resumed>) = 1048576 [pid 14465] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14460] <... futex resumed>) = 0 [pid 14460] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14438] exit_group(0 [pid 14467] <... futex resumed>) = ? [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14445] <... futex resumed>) = ? [pid 14438] <... exit_group resumed>) = ? [pid 14467] +++ exited with 0 +++ [pid 14445] +++ exited with 0 +++ [pid 14465] <... futex resumed>) = ? [ 255.968021][T14449] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 255.977372][T14464] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14461] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14449] +++ exited with 0 +++ [pid 14448] +++ exited with 0 +++ [pid 412] <... openat resumed>) = 3 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14448, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14472] <... write resumed>) = 1048576 [pid 14465] +++ exited with 0 +++ [pid 14438] +++ exited with 0 +++ [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14475 [pid 14472] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14472] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14472] ioctl(4, LOOP_SET_FD, 3 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14438, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... openat resumed>) = 3 [pid 410] <... openat resumed>) = 3 [pid 409] fstat(3, [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 409] getdents64(3, [pid 14472] <... ioctl resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14472] close(3 [pid 410] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./518/binderfs", [pid 409] lstat("./509/binderfs", [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./518/binderfs" [pid 409] unlink("./509/binderfs" [pid 14472] <... close resumed>) = 0 [pid 14472] mkdir("./bus", 0777 [pid 410] <... unlink resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14472] <... mkdir resumed>) = 0 [pid 14472] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14475 attached [pid 14475] set_robust_list(0x555555f755e0, 24) = 0 [pid 14475] chdir("./512") = 0 [pid 14475] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14475] setpgid(0, 0) = 0 [pid 14475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14475] write(3, "1000", 4) = 4 [pid 14475] close(3) = 0 [pid 14475] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14475] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14475] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14475] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14476], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14476 [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14476 attached [pid 14476] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14476] memfd_create("syzkaller", 0) = 3 [pid 14476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14460] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14460] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14460] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14460] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14460] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14477], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14477 [pid 14460] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14460] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 256.042185][T14463] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/515/bus supports timestamps until 2038 (0x7fffffff) [ 256.055612][T14461] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.058233][T14472] loop1: detected capacity change from 0 to 2048 [ 256.081827][T14461] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 ./strace-static-x86_64: Process 14477 attached [pid 14463] <... mount resumed>) = 0 [pid 14461] <... openat resumed>) = 7 [pid 14477] set_robust_list(0x7f1c2a1159e0, 24 [pid 14476] munmap(0x7f1c2a016000, 1048576 [pid 14463] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14477] <... set_robust_list resumed>) = 0 [pid 14476] <... munmap resumed>) = 0 [pid 14463] <... openat resumed>) = 3 [pid 14477] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14476] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14463] chdir("./bus" [pid 14477] <... openat resumed>) = 8 [pid 14476] <... openat resumed>) = 4 [pid 14463] <... chdir resumed>) = 0 [pid 14477] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14476] ioctl(4, LOOP_SET_FD, 3 [pid 14463] ioctl(4, LOOP_CLR_FD [pid 14477] <... futex resumed>) = 1 [pid 14463] <... ioctl resumed>) = 0 [pid 14461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14460] <... futex resumed>) = 0 [pid 14461] <... futex resumed>) = 0 [pid 14461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14472] <... mount resumed>) = 0 [pid 14472] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14472] chdir("./bus") = 0 [pid 14472] ioctl(4, LOOP_CLR_FD) = 0 [pid 14472] close(4 [pid 14477] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14476] <... ioctl resumed>) = 0 [pid 14472] <... close resumed>) = 0 [pid 14463] close(4 [pid 14460] exit_group(0 [pid 14477] <... futex resumed>) = ? [pid 14463] <... close resumed>) = 0 [pid 14460] <... exit_group resumed>) = ? [pid 14477] +++ exited with 0 +++ [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14462] <... futex resumed>) = 0 [pid 14463] chdir("./file0" [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14463] <... chdir resumed>) = 0 [pid 14462] <... futex resumed>) = 0 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14463] <... futex resumed>) = 0 [pid 14462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14463] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14463] <... open resumed>) = 4 [pid 14462] <... futex resumed>) = 0 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14461] <... futex resumed>) = ? [pid 14463] <... futex resumed>) = 0 [pid 14462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14463] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14463] <... openat resumed>) = 5 [pid 14462] <... futex resumed>) = 0 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14463] <... futex resumed>) = 0 [pid 14462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14463] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14461] +++ exited with 0 +++ [pid 14460] +++ exited with 0 +++ [pid 14476] close(3 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] <... futex resumed>) = 0 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14460, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14463] <... write resumed>) = 196608 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./508/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] unlink("./508/binderfs" [pid 14463] <... futex resumed>) = 1 [pid 14462] <... futex resumed>) = 0 [pid 407] <... unlink resumed>) = 0 [pid 14463] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14463] <... mount resumed>) = 0 [pid 14462] <... futex resumed>) = 0 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14463] <... futex resumed>) = 0 [pid 14462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14463] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14463] <... open resumed>) = 6 [pid 14462] <... futex resumed>) = 0 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14463] <... futex resumed>) = 0 [pid 14462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14463] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] <... close resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./509/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./509/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./509/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./509") = 0 [pid 409] mkdir("./510", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14476] mkdir("./bus", 0777 [pid 14472] <... futex resumed>) = 1 [pid 14471] <... futex resumed>) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14480 [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14480 attached [pid 14480] set_robust_list(0x555555f755e0, 24) = 0 [pid 14480] chdir("./510") = 0 [pid 14480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14463] <... write resumed>) = 1048576 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14462] <... futex resumed>) = 0 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 256.097097][T14472] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/515/bus supports timestamps until 2038 (0x7fffffff) [ 256.102615][T14476] loop5: detected capacity change from 0 to 2048 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14480] setpgid(0, 0) = 0 [pid 14463] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14480] write(3, "1000", 4) = 4 [pid 14480] close(3) = 0 [pid 14480] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14480] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14480] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14481], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14481 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14481 attached [pid 14481] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14481] memfd_create("syzkaller", 0) = 3 [pid 14481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14481] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14481] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14481] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14481] ioctl(4, LOOP_SET_FD, 3 [pid 14476] <... mkdir resumed>) = 0 [pid 14472] chdir("./file0" [pid 14476] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14472] <... chdir resumed>) = 0 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14481] <... ioctl resumed>) = 0 [pid 14481] close(3) = 0 [pid 14481] mkdir("./bus", 0777) = 0 [pid 14481] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14472] <... futex resumed>) = 1 [pid 14471] <... futex resumed>) = 0 [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14472] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14472] <... open resumed>) = 4 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14471] <... futex resumed>) = 0 [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14472] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14472] <... futex resumed>) = 1 [pid 14471] <... futex resumed>) = 0 [pid 14463] <... openat resumed>) = 7 [pid 410] lstat("./518/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14472] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./518/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] rmdir("./518/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./518" [pid 407] <... umount2 resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 410] mkdir("./519", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14482 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] <... futex resumed>) = 0 [pid 14462] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14462] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14463] <... futex resumed>) = 1 [pid 14463] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14463] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14462] <... futex resumed>) = 0 [pid 14462] exit_group(0) = ? [pid 14463] <... futex resumed>) = ? [pid 407] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14472] <... write resumed>) = 196608 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 14482 attached [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] lstat("./508/bus", [pid 14472] <... futex resumed>) = 1 [pid 14471] <... futex resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./508/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14471] <... futex resumed>) = 0 [pid 14472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14472] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 407] openat(AT_FDCWD, "./508/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14472] <... mount resumed>) = 0 [pid 14463] +++ exited with 0 +++ [pid 14462] +++ exited with 0 +++ [pid 407] <... openat resumed>) = 4 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] fstat(4, [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14462, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14472] <... futex resumed>) = 1 [pid 14471] <... futex resumed>) = 0 [pid 411] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] getdents64(4, [pid 14472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14482] set_robust_list(0x555555f755e0, 24 [pid 14472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14471] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14482] <... set_robust_list resumed>) = 0 [pid 14472] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... openat resumed>) = 3 [pid 407] getdents64(4, [pid 14482] chdir("./519" [pid 14472] <... open resumed>) = 6 [pid 411] fstat(3, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14482] <... chdir resumed>) = 0 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] close(4 [pid 14482] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14472] <... futex resumed>) = 1 [pid 14471] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 407] <... close resumed>) = 0 [pid 14482] <... prctl resumed>) = 0 [pid 14472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] rmdir("./508/bus" [pid 14482] setpgid(0, 0 [pid 14472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14471] <... futex resumed>) = 0 [pid 411] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14482] <... setpgid resumed>) = 0 [pid 14472] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... rmdir resumed>) = 0 [pid 14482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] lstat("./515/binderfs", [pid 14482] <... openat resumed>) = 3 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14482] write(3, "1000", 4 [pid 411] unlink("./515/binderfs" [pid 14482] <... write resumed>) = 4 [pid 411] <... unlink resumed>) = 0 [pid 14482] close(3 [pid 411] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14482] <... close resumed>) = 0 [pid 407] getdents64(3, [pid 14482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] close(3 [pid 14482] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14482] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14482] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14485], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14485 [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./508") = 0 [pid 407] mkdir("./509", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14487 ./strace-static-x86_64: Process 14487 attached [pid 14487] set_robust_list(0x555555f755e0, 24) = 0 [pid 14487] chdir("./509") = 0 [pid 14487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14487] setpgid(0, 0) = 0 [pid 14487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14487] write(3, "1000", 4) = 4 [pid 14487] close(3) = 0 [pid 14487] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14487] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14487] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14487] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14489], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14489 [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14489 attached [pid 14489] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14489] memfd_create("syzkaller", 0) = 3 [pid 14489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 256.142797][T14463] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.156424][T14481] loop2: detected capacity change from 0 to 2048 [ 256.164953][T14463] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14489] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14489] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14489] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14485 attached [pid 14485] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14485] memfd_create("syzkaller", 0 [pid 14476] <... mount resumed>) = 0 [pid 14472] <... write resumed>) = 1048576 [pid 14471] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] <... umount2 resumed>) = 0 [pid 14485] <... memfd_create resumed>) = 3 [pid 14476] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14472] <... futex resumed>) = 0 [pid 14485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14476] <... openat resumed>) = 3 [pid 14472] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14471] <... futex resumed>) = 0 [pid 411] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14485] <... mmap resumed>) = 0x7f1c2a016000 [pid 14476] chdir("./bus" [pid 14481] <... mount resumed>) = 0 [pid 14481] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14481] chdir("./bus") = 0 [pid 14481] ioctl(4, LOOP_CLR_FD) = 0 [pid 14481] close(4) = 0 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] chdir("./file0") = 0 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14480] <... futex resumed>) = 0 [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14481] <... futex resumed>) = 1 [pid 14481] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] <... chdir resumed>) = 0 [pid 14485] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14476] ioctl(4, LOOP_CLR_FD) = 0 [pid 14476] close(4) = 0 [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14475] <... futex resumed>) = 0 [pid 14476] chdir("./file0" [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14476] <... chdir resumed>) = 0 [pid 14475] <... futex resumed>) = 0 [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14476] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14476] <... open resumed>) = 4 [pid 14475] <... futex resumed>) = 0 [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14476] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14476] <... openat resumed>) = 5 [pid 14475] <... futex resumed>) = 0 [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14476] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] <... write resumed>) = 1048576 [pid 14481] <... write resumed>) = 1048576 [pid 14476] <... write resumed>) = 196608 [pid 14475] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14485] munmap(0x7f1c2a016000, 1048576 [pid 411] lstat("./515/bus", [pid 14485] <... munmap resumed>) = 0 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14485] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14481] <... futex resumed>) = 1 [pid 14480] <... futex resumed>) = 0 [pid 411] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14485] <... openat resumed>) = 4 [pid 14481] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14489] <... ioctl resumed>) = 0 [pid 14481] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 256.227327][T14476] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/512/bus supports timestamps until 2038 (0x7fffffff) [ 256.236085][T14489] loop0: detected capacity change from 0 to 2048 [ 256.246210][T14481] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/510/bus supports timestamps until 2038 (0x7fffffff) [ 256.259502][T14472] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14480] <... futex resumed>) = 0 [pid 14481] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14489] close(3 [pid 14485] ioctl(4, LOOP_SET_FD, 3 [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./515/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14489] <... close resumed>) = 0 [pid 14472] <... openat resumed>) = 7 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14471] <... futex resumed>) = 0 [pid 14472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14471] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14471] <... futex resumed>) = 0 [pid 14472] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14471] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14472] <... openat resumed>) = 8 [pid 14472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14471] <... futex resumed>) = 0 [pid 14472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14471] exit_group(0 [pid 14472] <... futex resumed>) = ? [pid 14471] <... exit_group resumed>) = ? [pid 14489] mkdir("./bus", 0777 [pid 14485] <... ioctl resumed>) = 0 [pid 14476] <... futex resumed>) = 1 [pid 14475] <... futex resumed>) = 0 [pid 14472] +++ exited with 0 +++ [pid 14471] +++ exited with 0 +++ [pid 411] <... openat resumed>) = 4 [pid 14489] <... mkdir resumed>) = 0 [pid 14485] close(3 [pid 14476] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] fstat(4, [pid 14489] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14485] <... close resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14485] mkdir("./bus", 0777 [pid 411] getdents64(4, [pid 14485] <... mkdir resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14485] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./515/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./515") = 0 [pid 411] mkdir("./516", 0777 [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... mkdir resumed>) = 0 [pid 14476] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = 1 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14471, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14476] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 408] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14476] <... mount resumed>) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14476] <... futex resumed>) = 1 [pid 14475] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 14476] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14476] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14475] <... futex resumed>) = 0 [pid 14476] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14490 [pid 408] <... openat resumed>) = 3 [pid 14476] <... open resumed>) = 6 [pid 408] fstat(3, [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14476] <... futex resumed>) = 1 [pid 14475] <... futex resumed>) = 0 [pid 14476] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(3, [pid 14476] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14475] <... futex resumed>) = 0 [pid 14476] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./515/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./515/binderfs") = 0 [pid 408] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14490 attached [pid 14490] set_robust_list(0x555555f755e0, 24) = 0 [pid 14490] chdir("./516") = 0 [pid 14490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14490] setpgid(0, 0) = 0 [pid 14490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14490] write(3, "1000", 4) = 4 [pid 14490] close(3 [pid 14481] <... openat resumed>) = 7 [pid 14476] <... write resumed>) = 1048576 [pid 14490] <... close resumed>) = 0 [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14490] symlink("/dev/binderfs", "./binderfs" [pid 14481] <... futex resumed>) = 1 [pid 14480] <... futex resumed>) = 0 [pid 14476] <... futex resumed>) = 1 [pid 14475] <... futex resumed>) = 0 [pid 14490] <... symlink resumed>) = 0 [pid 14476] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14490] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14490] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14490] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14495], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14495 [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14481] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14480] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14495 attached [ 256.296110][T14472] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 256.297738][T14481] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.305317][T14485] loop3: detected capacity change from 0 to 2048 [ 256.334059][T14481] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14495] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14495] memfd_create("syzkaller", 0) = 3 [pid 14495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14495] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14495] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14495] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14485] <... mount resumed>) = 0 [pid 14481] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14480] <... futex resumed>) = 0 [pid 14476] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = 1 [pid 14495] close(3 [pid 14485] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14481] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14480] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14475] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14495] <... close resumed>) = 0 [pid 14489] <... mount resumed>) = 0 [pid 14485] <... openat resumed>) = 3 [pid 14481] <... openat resumed>) = 8 [pid 14495] mkdir("./bus", 0777 [pid 14485] chdir("./bus" [pid 14481] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14495] <... mkdir resumed>) = 0 [pid 14485] <... chdir resumed>) = 0 [pid 14481] <... futex resumed>) = 1 [pid 14480] <... futex resumed>) = 0 [pid 14495] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14485] ioctl(4, LOOP_CLR_FD [pid 14481] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14480] exit_group(0 [pid 14485] <... ioctl resumed>) = 0 [pid 14481] <... futex resumed>) = ? [pid 14480] <... exit_group resumed>) = ? [pid 14485] close(4 [pid 14481] +++ exited with 0 +++ [pid 14480] +++ exited with 0 +++ [pid 14485] <... close resumed>) = 0 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14480, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14485] <... futex resumed>) = 1 [pid 409] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./510/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./510/binderfs" [pid 14489] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14482] <... futex resumed>) = 0 [pid 14489] <... openat resumed>) = 3 [pid 14489] chdir("./bus") = 0 [pid 14489] ioctl(4, LOOP_CLR_FD) = 0 [pid 14489] close(4 [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] <... futex resumed>) = 0 [pid 14482] <... futex resumed>) = 1 [pid 14489] <... close resumed>) = 0 [pid 14485] chdir("./file0" [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 256.354533][T14485] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/519/bus supports timestamps until 2038 (0x7fffffff) [ 256.365925][T14495] loop4: detected capacity change from 0 to 2048 [ 256.367443][T14489] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/509/bus supports timestamps until 2038 (0x7fffffff) [ 256.385921][T14476] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14489] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14487] <... futex resumed>) = 0 [pid 14485] <... chdir resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 409] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./515/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./515/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./515/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./515") = 0 [pid 408] mkdir("./516", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14498 [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] <... futex resumed>) = 0 [pid 14487] <... futex resumed>) = 1 [pid 14489] chdir("./file0" [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14489] <... chdir resumed>) = 0 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14487] <... futex resumed>) = 0 [pid 14489] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14498 attached [pid 14498] set_robust_list(0x555555f755e0, 24) = 0 [pid 14498] chdir("./516" [pid 14489] <... open resumed>) = 4 [pid 14482] <... futex resumed>) = 0 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] <... futex resumed>) = 1 [pid 14487] <... futex resumed>) = 0 [pid 14489] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] <... openat resumed>) = 5 [pid 14487] <... futex resumed>) = 0 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14485] <... futex resumed>) = 0 [pid 14482] <... futex resumed>) = 1 [pid 14489] <... futex resumed>) = 0 [pid 14487] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14485] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14475] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14489] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] <... write resumed>) = 196608 [pid 14487] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = 0 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14475] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14485] <... open resumed>) = 4 [pid 14475] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14482] <... futex resumed>) = 0 [pid 14475] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14482] <... futex resumed>) = 0 [pid 14485] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14485] <... openat resumed>) = 5 [pid 14475] <... mprotect resumed>) = 0 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14482] <... futex resumed>) = 0 [pid 14475] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14482] <... futex resumed>) = 0 [pid 14475] <... clone resumed>, parent_tid=[14499], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14499 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14475] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] <... futex resumed>) = 1 [pid 14487] <... futex resumed>) = 0 [pid 14475] <... futex resumed>) = 0 [pid 14489] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14489] <... mount resumed>) = 0 [pid 14487] <... futex resumed>) = 0 [pid 14476] <... openat resumed>) = 7 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14489] <... futex resumed>) = 0 [pid 14487] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14476] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] <... open resumed>) = 6 [pid 14487] <... futex resumed>) = 0 [pid 14476] <... futex resumed>) = 0 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14476] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14499 attached [pid 14498] <... chdir resumed>) = 0 [pid 14489] <... futex resumed>) = 0 [pid 14487] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14485] <... write resumed>) = 196608 [pid 14495] <... mount resumed>) = 0 [pid 14499] set_robust_list(0x7f1c2a1159e0, 24 [pid 14498] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14489] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14499] <... set_robust_list resumed>) = 0 [pid 14498] <... prctl resumed>) = 0 [pid 14495] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14487] <... futex resumed>) = 0 [pid 14485] <... futex resumed>) = 1 [pid 14482] <... futex resumed>) = 0 [pid 14499] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14498] setpgid(0, 0 [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14499] <... openat resumed>) = 8 [pid 14498] <... setpgid resumed>) = 0 [pid 14485] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14482] <... futex resumed>) = 0 [pid 14499] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14485] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14499] <... futex resumed>) = 1 [pid 14498] <... openat resumed>) = 3 [pid 14485] <... mount resumed>) = 0 [pid 14475] <... futex resumed>) = 0 [pid 14499] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14498] write(3, "1000", 4 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14475] exit_group(0 [pid 14499] <... futex resumed>) = ? [pid 14498] <... write resumed>) = 4 [pid 14485] <... futex resumed>) = 1 [pid 14482] <... futex resumed>) = 0 [pid 14476] <... futex resumed>) = ? [pid 14475] <... exit_group resumed>) = ? [pid 14499] +++ exited with 0 +++ [pid 14498] close(3 [pid 14495] <... openat resumed>) = 3 [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14476] +++ exited with 0 +++ [pid 14475] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14475, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14495] chdir("./bus" [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14495] <... chdir resumed>) = 0 [pid 412] lstat("./512/binderfs", [pid 14495] ioctl(4, LOOP_CLR_FD [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14495] <... ioctl resumed>) = 0 [pid 412] unlink("./512/binderfs" [pid 14495] close(4 [pid 412] <... unlink resumed>) = 0 [pid 14495] <... close resumed>) = 0 [pid 412] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14490] <... futex resumed>) = 0 [pid 14495] chdir("./file0" [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14495] <... chdir resumed>) = 0 [pid 14490] <... futex resumed>) = 0 [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14495] <... futex resumed>) = 0 [pid 14490] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14495] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14498] <... close resumed>) = 0 [pid 14490] <... futex resumed>) = 0 [pid 14485] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14482] <... futex resumed>) = 0 [pid 14498] symlink("/dev/binderfs", "./binderfs" [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14498] <... symlink resumed>) = 0 [pid 14485] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14498] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14498] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14498] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14500], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14500 [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14485] <... open resumed>) = 6 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14482] <... futex resumed>) = 0 [pid 409] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14500 attached [pid 14495] <... open resumed>) = 4 [pid 14489] <... write resumed>) = 1048576 [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14500] set_robust_list(0x7f1c324369e0, 24 [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] <... futex resumed>) = 0 [pid 14482] <... futex resumed>) = 1 [pid 409] lstat("./510/bus", [pid 14500] <... set_robust_list resumed>) = 0 [pid 14495] <... futex resumed>) = 1 [pid 14490] <... futex resumed>) = 0 [pid 14489] <... futex resumed>) = 1 [pid 14487] <... futex resumed>) = 0 [pid 14485] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14500] memfd_create("syzkaller", 0 [pid 14495] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14489] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14487] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./510/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 256.411482][T14476] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 256.420971][T14495] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/516/bus supports timestamps until 2038 (0x7fffffff) [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./510/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./510") = 0 [pid 409] mkdir("./511", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 14487] <... futex resumed>) = 0 [pid 14490] <... futex resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14501 [pid 14500] <... memfd_create resumed>) = 3 [pid 14500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14495] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14489] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14487] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14500] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14495] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14489] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14495] <... openat resumed>) = 5 [pid 14500] <... write resumed>) = 1048576 [pid 14500] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14500] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14500] ioctl(4, LOOP_SET_FD, 3 [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14490] <... futex resumed>) = 0 [pid 14495] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14495] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14490] <... futex resumed>) = 0 [pid 14495] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14495] <... write resumed>) = 196608 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./512/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./512/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./512/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./512") = 0 [pid 412] mkdir("./513", 0777) = 0 [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14490] <... futex resumed>) = 0 [pid 14495] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14495] <... mount resumed>) = 0 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14490] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14495] <... futex resumed>) = 0 [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14495] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14490] <... futex resumed>) = 0 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14495] <... open resumed>) = 6 [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14501 attached ) = 1 [pid 14490] <... futex resumed>) = 0 [pid 14495] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14495] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14490] <... futex resumed>) = 0 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14502 [pid 14500] <... ioctl resumed>) = 0 [pid 14500] close(3) = 0 [pid 14500] mkdir("./bus", 0777) = 0 [pid 14500] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14501] set_robust_list(0x555555f755e0, 24) = 0 [pid 14501] chdir("./511" [pid 14482] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14482] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14482] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14482] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14482] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14503], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14503 [pid 14482] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14482] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14485] <... write resumed>) = 1048576 [pid 14487] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14487] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14487] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14487] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14487] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14505], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14505 [pid 14487] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14485] <... futex resumed>) = 0 [pid 14487] <... futex resumed>) = 0 [pid 14487] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14502 attached [pid 14502] set_robust_list(0x555555f755e0, 24) = 0 [pid 14495] <... write resumed>) = 1048576 [pid 14502] chdir("./513") = 0 [ 256.485058][T14489] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.489841][T14500] loop1: detected capacity change from 0 to 2048 [pid 14502] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14502] setpgid(0, 0) = 0 [pid 14502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14502] write(3, "1000", 4) = 4 [pid 14502] close(3) = 0 [pid 14502] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14502] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14502] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14502] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14506], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14506 [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14506 attached [pid 14506] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14506] memfd_create("syzkaller", 0) = 3 [pid 14506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14490] <... futex resumed>) = 0 [pid 14495] <... futex resumed>) = 1 [pid 14501] <... chdir resumed>) = 0 [pid 14490] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14495] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14490] <... futex resumed>) = 0 [pid 14490] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14506] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14506] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14506] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14505 attached ./strace-static-x86_64: Process 14503 attached [pid 14501] <... prctl resumed>) = 0 [pid 14506] <... ioctl resumed>) = 0 [pid 14506] close(3) = 0 [pid 14506] mkdir("./bus", 0777) = 0 [pid 14506] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14505] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14505] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14503] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 256.536826][T14489] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 256.547089][T14495] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.553573][T14506] loop5: detected capacity change from 0 to 2048 [ 256.564084][T14500] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/516/bus supports timestamps until 2038 (0x7fffffff) [pid 14503] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14505] <... openat resumed>) = 8 [pid 14501] setpgid(0, 0 [pid 14500] <... mount resumed>) = 0 [pid 14489] <... openat resumed>) = 7 [pid 14487] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14482] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14505] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] <... setpgid resumed>) = 0 [pid 14500] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14490] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14489] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14482] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14505] <... futex resumed>) = 0 [pid 14490] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14505] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14489] <... futex resumed>) = 0 [pid 14490] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14500] <... openat resumed>) = 3 [pid 14495] <... openat resumed>) = 7 [pid 14490] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14489] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14485] <... futex resumed>) = 0 [pid 14482] <... futex resumed>) = 1 [pid 14490] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14501] <... openat resumed>) = 3 [pid 14500] chdir("./bus" [pid 14495] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14490] <... mprotect resumed>) = 0 [pid 14485] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14482] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14490] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14487] exit_group(0 [pid 14505] <... futex resumed>) = ? [pid 14501] write(3, "1000", 4 [pid 14500] <... chdir resumed>) = 0 [pid 14495] <... futex resumed>) = 0 [pid 14489] <... futex resumed>) = ? [pid 14487] <... exit_group resumed>) = ? [pid 14501] <... write resumed>) = 4 [pid 14500] ioctl(4, LOOP_CLR_FD [pid 14495] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14501] close(3 [pid 14500] <... ioctl resumed>) = 0 [pid 14501] <... close resumed>) = 0 [pid 14500] close(4 [pid 14501] symlink("/dev/binderfs", "./binderfs" [pid 14500] <... close resumed>) = 0 [pid 14489] +++ exited with 0 +++ [pid 14505] +++ exited with 0 +++ [pid 14501] <... symlink resumed>) = 0 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14487] +++ exited with 0 +++ [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14500] <... futex resumed>) = 1 [pid 14498] <... futex resumed>) = 0 [pid 14490] <... clone resumed>, parent_tid=[14508], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14508 [pid 14501] <... futex resumed>) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14487, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14490] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14500] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14498] <... futex resumed>) = 0 [pid 14490] <... futex resumed>) = 0 [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 14501] <... mmap resumed>) = 0x7f1c32416000 [pid 14500] chdir("./file0" [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14501] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14500] <... chdir resumed>) = 0 [pid 14501] <... mprotect resumed>) = 0 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14500] <... futex resumed>) = 1 [pid 14498] <... futex resumed>) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] <... clone resumed>, parent_tid=[14510], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14510 [pid 14500] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14498] <... futex resumed>) = 0 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14500] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14501] <... futex resumed>) = 0 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14510 attached ./strace-static-x86_64: Process 14508 attached [pid 14500] <... open resumed>) = 4 [pid 14490] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... restart_syscall resumed>) = 0 [pid 14485] <... openat resumed>) = 8 [pid 14485] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14482] <... futex resumed>) = 0 [pid 14485] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14503] <... openat resumed>) = 7 [pid 14503] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14503] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14510] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14510] memfd_create("syzkaller", 0) = 3 [pid 14510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14482] exit_group(0 [pid 14510] <... mmap resumed>) = 0x7f1c2a016000 [pid 14485] <... futex resumed>) = ? [pid 14482] <... exit_group resumed>) = ? [pid 14510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14485] +++ exited with 0 +++ [pid 14503] <... futex resumed>) = ? [pid 14503] +++ exited with 0 +++ [pid 14482] +++ exited with 0 +++ [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14482, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14510] <... write resumed>) = 1048576 [pid 14510] munmap(0x7f1c2a016000, 1048576 [pid 14500] <... futex resumed>) = 1 [pid 14498] <... futex resumed>) = 0 [pid 407] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14508] set_robust_list(0x7f1c2a1159e0, 24 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14508] <... set_robust_list resumed>) = 0 [pid 14500] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14498] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14508] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14500] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14508] <... openat resumed>) = 8 [pid 14500] <... openat resumed>) = 5 [pid 14508] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14508] <... futex resumed>) = 1 [pid 14490] <... futex resumed>) = 0 [pid 14500] <... futex resumed>) = 1 [pid 407] fstat(3, [pid 14498] <... futex resumed>) = 0 [pid 14508] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14506] <... mount resumed>) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14490] exit_group(0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14500] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14490] <... exit_group resumed>) = ? [pid 14508] <... futex resumed>) = ? [pid 14500] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14498] <... futex resumed>) = 0 [pid 14495] <... futex resumed>) = ? [pid 407] getdents64(3, [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... munmap resumed>) = 0 [pid 14510] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 256.570580][T14503] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.579835][T14495] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 256.614549][T14503] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 256.619434][T14506] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/513/bus supports timestamps until 2038 (0x7fffffff) [pid 14510] ioctl(4, LOOP_SET_FD, 3 [pid 14508] +++ exited with 0 +++ [pid 14500] <... write resumed>) = 196608 [pid 14495] +++ exited with 0 +++ [pid 14490] +++ exited with 0 +++ [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14510] <... ioctl resumed>) = 0 [pid 14510] close(3) = 0 [pid 14510] mkdir("./bus", 0777) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14490, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14510] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 410] umount2("./519", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14506] <... openat resumed>) = 3 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14506] chdir("./bus" [pid 14500] <... futex resumed>) = 1 [pid 14498] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./509/binderfs", [pid 14506] <... chdir resumed>) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] openat(AT_FDCWD, "./519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14506] ioctl(4, LOOP_CLR_FD [pid 14500] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14498] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14506] <... ioctl resumed>) = 0 [pid 14500] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] fstat(3, [pid 407] unlink("./509/binderfs" [pid 14506] close(4 [pid 14500] <... mount resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14506] <... close resumed>) = 0 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... unlink resumed>) = 0 [pid 410] getdents64(3, [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14500] <... futex resumed>) = 1 [pid 14498] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 407] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14506] <... futex resumed>) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] fstat(3, [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14506] chdir("./file0" [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14500] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14506] <... chdir resumed>) = 0 [pid 14502] <... futex resumed>) = 0 [pid 14500] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14498] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14500] <... open resumed>) = 6 [pid 14506] <... futex resumed>) = 0 [pid 14502] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14500] <... futex resumed>) = 0 [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14502] <... futex resumed>) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14506] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] <... open resumed>) = 4 [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14502] <... futex resumed>) = 0 [pid 14506] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] <... openat resumed>) = 5 [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14502] <... futex resumed>) = 0 [pid 14506] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] <... write resumed>) = 196608 [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14502] <... futex resumed>) = 0 [pid 14506] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] <... mount resumed>) = 0 [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14502] <... futex resumed>) = 0 [pid 14506] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] <... open resumed>) = 6 [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14502] <... futex resumed>) = 0 [pid 14506] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... mount resumed>) = 0 [pid 14498] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] lstat("./519/binderfs", [pid 14510] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14510] <... openat resumed>) = 3 [pid 14500] <... futex resumed>) = 0 [pid 14498] <... futex resumed>) = 1 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] unlink("./519/binderfs" [pid 14510] chdir("./bus" [pid 14500] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./516/binderfs", [pid 410] <... unlink resumed>) = 0 [pid 14510] <... chdir resumed>) = 0 [pid 14510] ioctl(4, LOOP_CLR_FD) = 0 [pid 14510] close(4) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14501] <... futex resumed>) = 0 [pid 14510] chdir("./file0" [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14510] <... chdir resumed>) = 0 [pid 14501] <... futex resumed>) = 0 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... futex resumed>) = 0 [pid 14501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14510] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] unlink("./516/binderfs") = 0 [pid 411] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14510] <... open resumed>) = 4 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14501] <... futex resumed>) = 0 [pid 14510] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14510] <... openat resumed>) = 5 [pid 14501] <... futex resumed>) = 0 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... futex resumed>) = 0 [pid 14501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14510] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14510] <... write resumed>) = 196608 [pid 14501] <... futex resumed>) = 0 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] <... futex resumed>) = 0 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... futex resumed>) = 1 [pid 14510] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] <... futex resumed>) = 0 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... futex resumed>) = 1 [pid 14510] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] <... futex resumed>) = 0 [pid 14510] <... futex resumed>) = 1 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14510] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14501] <... futex resumed>) = 0 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14510] <... write resumed>) = 1048576 [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] <... write resumed>) = 1048576 [pid 14501] <... futex resumed>) = 0 [pid 14510] <... futex resumed>) = 1 [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14510] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14506] <... futex resumed>) = 1 [pid 14502] <... futex resumed>) = 0 [pid 14501] <... futex resumed>) = 0 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14502] <... futex resumed>) = 0 [pid 14502] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14506] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 256.641256][T14510] loop2: detected capacity change from 0 to 2048 [ 256.665092][T14510] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/511/bus supports timestamps until 2038 (0x7fffffff) [pid 14506] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./509/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./509/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./509/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./509/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./509") = 0 [pid 407] mkdir("./510", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 14498] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14498] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] <... close resumed>) = 0 [pid 14498] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14498] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14498] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14514 [pid 14498] <... clone resumed>, parent_tid=[14515], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14515 [pid 14498] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14498] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 14500] <... write resumed>) = 1048576 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14514 attached [pid 14514] set_robust_list(0x555555f755e0, 24) = 0 [pid 14514] chdir("./510") = 0 [pid 14514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14514] setpgid(0, 0) = 0 [pid 14514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14514] write(3, "1000", 4) = 4 [pid 14514] close(3) = 0 [pid 14514] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14514] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14514] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14516], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14516 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14516 attached [pid 14516] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14516] memfd_create("syzkaller", 0) = 3 [pid 14516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 256.711630][T14510] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.712464][T14506] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.747556][T14510] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14502] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14501] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14502] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14501] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14515 attached [pid 14502] <... futex resumed>) = 0 [pid 14501] <... futex resumed>) = 0 [pid 411] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14515] set_robust_list(0x7f1c2a1159e0, 24 [pid 14502] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14506] <... openat resumed>) = 7 [pid 14501] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14515] <... set_robust_list resumed>) = 0 [pid 14502] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14501] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14515] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14501] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 411] lstat("./516/bus", [pid 410] lstat("./519/bus", [pid 14502] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14510] <... openat resumed>) = 7 [pid 14506] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14516] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14516] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14516] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14516] ioctl(4, LOOP_SET_FD, 3 [pid 14502] <... mprotect resumed>) = 0 [pid 14501] <... mprotect resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14502] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14501] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14506] <... futex resumed>) = 0 [pid 14502] <... clone resumed>, parent_tid=[14517], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14517 [pid 14501] <... clone resumed>, parent_tid=[14518], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14518 [pid 14502] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./516/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./519/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14501] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14518 attached ./strace-static-x86_64: Process 14517 attached [pid 14510] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14506] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] <... futex resumed>) = 0 [pid 14501] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 410] <... openat resumed>) = 4 [pid 14518] set_robust_list(0x7f1c2a1159e0, 24 [pid 14517] set_robust_list(0x7f1c2a1159e0, 24 [pid 14510] <... futex resumed>) = 0 [pid 14502] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14501] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14518] <... set_robust_list resumed>) = 0 [pid 14517] <... set_robust_list resumed>) = 0 [pid 14510] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] fstat(4, [pid 410] fstat(4, [pid 14516] <... ioctl resumed>) = 0 [pid 14516] close(3) = 0 [pid 14516] mkdir("./bus", 0777) = 0 [pid 14516] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14518] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14517] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14498] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14518] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14517] <... openat resumed>) = 8 [pid 14501] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 410] getdents64(4, [pid 14518] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14501] exit_group(0 [pid 14498] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14500] <... futex resumed>) = 0 [pid 14498] <... futex resumed>) = 1 [pid 14500] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14518] <... futex resumed>) = ? [pid 14517] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14510] <... futex resumed>) = ? [pid 14501] <... exit_group resumed>) = ? [pid 14498] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(4, [pid 410] getdents64(4, [pid 14510] +++ exited with 0 +++ [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14517] <... futex resumed>) = 1 [pid 14502] <... futex resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 14518] +++ exited with 0 +++ [pid 14517] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14502] exit_group(0 [pid 14501] +++ exited with 0 +++ [pid 411] <... close resumed>) = 0 [pid 410] close(4 [pid 14502] <... exit_group resumed>) = ? [pid 14517] <... futex resumed>) = ? [pid 14506] <... futex resumed>) = ? [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14501, si_uid=0, si_status=0, si_utime=1, si_stime=4} --- [pid 14517] +++ exited with 0 +++ [pid 410] <... close resumed>) = 0 [pid 14506] +++ exited with 0 +++ [pid 14502] +++ exited with 0 +++ [pid 411] rmdir("./516/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./516") = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14502, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 410] rmdir("./519/bus" [pid 411] mkdir("./517", 0777) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] getdents64(3, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14500] <... openat resumed>) = 8 [pid 409] <... openat resumed>) = 3 [pid 14500] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(3 [pid 409] fstat(3, [pid 14515] <... openat resumed>) = 7 [pid 14500] <... futex resumed>) = 1 [pid 14498] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 14515] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14500] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14515] <... futex resumed>) = 0 [pid 14498] exit_group(0 [pid 410] rmdir("./519" [pid 14500] <... futex resumed>) = ? [pid 14498] <... exit_group resumed>) = ? [pid 409] getdents64(3, [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] <... rmdir resumed>) = 0 [pid 14500] +++ exited with 0 +++ [pid 411] <... openat resumed>) = 3 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] ioctl(3, LOOP_CLR_FD [pid 410] mkdir("./520", 0777 [pid 409] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] close(3 [pid 410] <... mkdir resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] lstat("./511/binderfs", [pid 412] <... openat resumed>) = 3 [pid 411] <... close resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] fstat(3, [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] unlink("./511/binderfs" [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... unlink resumed>) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14519 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./513/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] unlink("./513/binderfs" [pid 410] close(3 [pid 412] <... unlink resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 412] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14520 [pid 14515] +++ exited with 0 +++ [pid 14498] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14498, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 14519 attached [pid 14519] set_robust_list(0x555555f755e0, 24 [pid 408] <... restart_syscall resumed>) = 0 [pid 408] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./516/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./516/binderfs") = 0 [pid 408] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14520 attached [pid 14519] <... set_robust_list resumed>) = 0 [pid 14520] set_robust_list(0x555555f755e0, 24 [pid 14519] chdir("./517" [pid 14520] <... set_robust_list resumed>) = 0 [pid 14520] chdir("./520") = 0 [pid 14520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14520] setpgid(0, 0) = 0 [pid 14520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14520] write(3, "1000", 4) = 4 [pid 14520] close(3) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14520] symlink("/dev/binderfs", "./binderfs" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./516/bus", [pid 14520] <... symlink resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./516/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14520] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14520] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14520] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] <... openat resumed>) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4 [pid 14520] <... clone resumed>, parent_tid=[14522], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14522 [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./516/bus" [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14519] <... chdir resumed>) = 0 [ 256.756522][T14506] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 256.767084][T14515] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.775408][T14516] loop0: detected capacity change from 0 to 2048 [ 256.788225][T14515] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14519] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14519] setpgid(0, 0) = 0 [pid 14519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14519] write(3, "1000", 4) = 4 [pid 14519] close(3) = 0 [pid 14519] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14519] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14519] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14519] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14524], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14524 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14524 attached [pid 14524] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14524] memfd_create("syzkaller", 0) = 3 [pid 14524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 14522 attached [pid 14516] <... mount resumed>) = 0 [pid 408] getdents64(3, [pid 14522] set_robust_list(0x7f1c324369e0, 24 [pid 14516] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14522] <... set_robust_list resumed>) = 0 [pid 408] close(3 [pid 14522] memfd_create("syzkaller", 0 [pid 408] <... close resumed>) = 0 [pid 14516] <... openat resumed>) = 3 [pid 14522] <... memfd_create resumed>) = 3 [pid 14516] chdir("./bus" [pid 408] rmdir("./516" [pid 14522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 408] <... rmdir resumed>) = 0 [pid 14524] <... write resumed>) = 1048576 [pid 14516] <... chdir resumed>) = 0 [pid 408] mkdir("./517", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14516] ioctl(4, LOOP_CLR_FD) = 0 [pid 14516] close(4) = 0 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14516] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14524] munmap(0x7f1c2a016000, 1048576 [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] <... munmap resumed>) = 0 [pid 14524] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14524] ioctl(4, LOOP_SET_FD, 3 [pid 14522] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14516] <... futex resumed>) = 0 [pid 14516] chdir("./file0") = 0 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] <... futex resumed>) = 1 [pid 14516] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] <... futex resumed>) = 1 [pid 14516] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] <... futex resumed>) = 1 [pid 14516] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14524] <... ioctl resumed>) = 0 [pid 14522] <... write resumed>) = 1048576 [pid 14524] close(3 [pid 14522] munmap(0x7f1c2a016000, 1048576 [pid 14524] <... close resumed>) = 0 [pid 14524] mkdir("./bus", 0777) = 0 [pid 14524] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14522] <... munmap resumed>) = 0 [pid 14522] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14522] ioctl(4, LOOP_SET_FD, 3 [pid 412] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 412] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] lstat("./513/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] lstat("./511/bus", [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] openat(AT_FDCWD, "./513/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... openat resumed>) = 4 [pid 408] <... openat resumed>) = 3 [pid 412] fstat(4, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] ioctl(3, LOOP_CLR_FD [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] openat(AT_FDCWD, "./511/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] getdents64(4, [pid 409] <... openat resumed>) = 4 [pid 408] close(3 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] fstat(4, [pid 408] <... close resumed>) = 0 [pid 412] getdents64(4, [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] getdents64(4, [pid 412] close(4 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14527 [pid 412] <... close resumed>) = 0 [pid 409] getdents64(4, [pid 412] rmdir("./513/bus" [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 409] close(4 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... close resumed>) = 0 [pid 412] close(3 [pid 409] rmdir("./511/bus" [pid 412] <... close resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] rmdir("./513" [pid 409] getdents64(3, [pid 412] <... rmdir resumed>) = 0 [pid 412] mkdir("./514", 0777 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 409] close(3 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./511" [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 409] <... rmdir resumed>) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] mkdir("./512", 0777 [pid 412] close(3 [pid 14522] <... ioctl resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... openat resumed>) = 3 [pid 14522] close(3 [pid 409] ioctl(3, LOOP_CLR_FD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14528 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14522] <... close resumed>) = 0 [pid 14522] mkdir("./bus", 0777 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14529 [pid 14522] <... mkdir resumed>) = 0 [pid 14522] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14529 attached [pid 14529] set_robust_list(0x555555f755e0, 24) = 0 [pid 14529] chdir("./512" [pid 14516] <... write resumed>) = 196608 [pid 14529] <... chdir resumed>) = 0 [pid 14529] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14529] setpgid(0, 0 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14529] <... setpgid resumed>) = 0 [pid 14529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14516] <... futex resumed>) = 1 [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14514] <... futex resumed>) = 0 [pid 14516] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] <... open resumed>) = 6 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14529] <... openat resumed>) = 3 [pid 14529] write(3, "1000", 4) = 4 [pid 14529] close(3) = 0 [pid 14529] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14528 attached ) = 0 [pid 14528] set_robust_list(0x555555f755e0, 24 [pid 14529] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14528] <... set_robust_list resumed>) = 0 [pid 14528] chdir("./514") = 0 ./strace-static-x86_64: Process 14527 attached [pid 14528] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14529] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14528] <... prctl resumed>) = 0 [pid 14527] set_robust_list(0x555555f755e0, 24 [pid 14528] setpgid(0, 0 [pid 14527] <... set_robust_list resumed>) = 0 [pid 14528] <... setpgid resumed>) = 0 [pid 14529] <... mprotect resumed>) = 0 [pid 14528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14527] chdir("./517" [pid 14529] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14528] <... openat resumed>) = 3 [pid 14527] <... chdir resumed>) = 0 [pid 14528] write(3, "1000", 4 [pid 14527] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14529] <... clone resumed>, parent_tid=[14532], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14532 [pid 14528] <... write resumed>) = 4 [pid 14527] <... prctl resumed>) = 0 [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] close(3 [pid 14527] setpgid(0, 0 [pid 14529] <... futex resumed>) = 0 [pid 14528] <... close resumed>) = 0 [pid 14527] <... setpgid resumed>) = 0 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14528] symlink("/dev/binderfs", "./binderfs" [pid 14527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14528] <... symlink resumed>) = 0 [pid 14527] <... openat resumed>) = 3 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14527] write(3, "1000", 4 [pid 14528] <... futex resumed>) = 0 [pid 14527] <... write resumed>) = 4 [pid 14528] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14527] close(3 [pid 14528] <... mmap resumed>) = 0x7f1c32416000 [pid 14527] <... close resumed>) = 0 [pid 14528] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14527] symlink("/dev/binderfs", "./binderfs" [pid 14528] <... mprotect resumed>) = 0 [pid 14527] <... symlink resumed>) = 0 [pid 14528] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... clone resumed>, parent_tid=[14533], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14533 [pid 14527] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14527] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14528] <... futex resumed>) = 0 [pid 14527] <... mmap resumed>) = 0x7f1c32416000 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14527] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14527] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14534], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14534 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 256.836564][T14516] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/510/bus supports timestamps until 2038 (0x7fffffff) [ 256.858477][T14524] loop4: detected capacity change from 0 to 2048 [ 256.869662][T14522] loop3: detected capacity change from 0 to 2048 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14534 attached ./strace-static-x86_64: Process 14533 attached ./strace-static-x86_64: Process 14532 attached [pid 14533] set_robust_list(0x7f1c324369e0, 24 [pid 14532] set_robust_list(0x7f1c324369e0, 24 [pid 14533] <... set_robust_list resumed>) = 0 [pid 14532] <... set_robust_list resumed>) = 0 [pid 14533] memfd_create("syzkaller", 0 [pid 14532] memfd_create("syzkaller", 0 [pid 14534] set_robust_list(0x7f1c324369e0, 24 [pid 14533] <... memfd_create resumed>) = 3 [pid 14532] <... memfd_create resumed>) = 3 [pid 14534] <... set_robust_list resumed>) = 0 [pid 14533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14534] memfd_create("syzkaller", 0 [pid 14532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14534] <... memfd_create resumed>) = 3 [pid 14533] <... mmap resumed>) = 0x7f1c2a016000 [pid 14532] <... mmap resumed>) = 0x7f1c2a016000 [pid 14534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14534] <... mmap resumed>) = 0x7f1c2a016000 [pid 14533] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14524] <... mount resumed>) = 0 [pid 14522] <... mount resumed>) = 0 [pid 14524] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14524] chdir("./bus") = 0 [pid 14524] ioctl(4, LOOP_CLR_FD) = 0 [pid 14524] close(4 [pid 14516] <... write resumed>) = 1048576 [pid 14524] <... close resumed>) = 0 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14522] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14522] chdir("./bus") = 0 [pid 14522] ioctl(4, LOOP_CLR_FD) = 0 [pid 14522] close(4) = 0 [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14522] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14520] <... futex resumed>) = 0 [pid 14519] <... futex resumed>) = 0 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] <... futex resumed>) = 1 [pid 14516] <... futex resumed>) = 1 [pid 14514] <... futex resumed>) = 0 [pid 14519] <... futex resumed>) = 1 [pid 14524] <... futex resumed>) = 0 [pid 14533] <... write resumed>) = 1048576 [pid 14524] chdir("./file0" [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14524] <... chdir resumed>) = 0 [pid 14522] <... futex resumed>) = 0 [pid 14516] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14514] <... futex resumed>) = 0 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] chdir("./file0" [pid 14516] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] <... futex resumed>) = 1 [pid 14519] <... futex resumed>) = 0 [pid 14533] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14533] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 256.916965][T14524] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/517/bus supports timestamps until 2038 (0x7fffffff) [ 256.931213][T14522] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/520/bus supports timestamps until 2038 (0x7fffffff) [pid 14533] ioctl(4, LOOP_SET_FD, 3 [pid 14534] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14532] <... write resumed>) = 1048576 [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14522] <... chdir resumed>) = 0 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14533] <... ioctl resumed>) = 0 [pid 14533] close(3) = 0 [pid 14533] mkdir("./bus", 0777) = 0 [pid 14533] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14534] <... write resumed>) = 1048576 [pid 14534] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14534] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14534] ioctl(4, LOOP_SET_FD, 3 [pid 14532] munmap(0x7f1c2a016000, 1048576 [pid 14524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] <... futex resumed>) = 0 [pid 14532] <... munmap resumed>) = 0 [pid 14524] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14522] <... futex resumed>) = 1 [pid 14520] <... futex resumed>) = 0 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14532] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14520] <... futex resumed>) = 0 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14532] <... openat resumed>) = 4 [pid 14532] ioctl(4, LOOP_SET_FD, 3 [pid 14522] <... open resumed>) = 4 [pid 14534] <... ioctl resumed>) = 0 [pid 14534] close(3) = 0 [pid 14534] mkdir("./bus", 0777) = 0 [pid 14534] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14524] <... open resumed>) = 4 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14522] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14519] <... futex resumed>) = 0 [pid 14520] <... futex resumed>) = 0 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] <... ioctl resumed>) = 0 [pid 14522] <... futex resumed>) = 0 [pid 14520] <... futex resumed>) = 1 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14522] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14522] <... openat resumed>) = 5 [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14520] <... futex resumed>) = 0 [pid 14522] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14516] <... openat resumed>) = 7 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14516] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14532] close(3) = 0 [pid 14532] mkdir("./bus", 0777 [pid 14522] <... write resumed>) = 196608 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14514] <... futex resumed>) = 0 [pid 14514] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14524] <... futex resumed>) = 0 [pid 14514] <... futex resumed>) = 1 [pid 14514] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14519] <... futex resumed>) = 0 [pid 14516] <... futex resumed>) = 0 [pid 14516] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14516] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14514] <... futex resumed>) = 0 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14524] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] <... futex resumed>) = 0 [pid 14514] exit_group(0 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14516] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14532] <... mkdir resumed>) = 0 [pid 14532] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14524] <... write resumed>) = 196608 [pid 14514] <... exit_group resumed>) = ? [pid 14522] <... futex resumed>) = 1 [pid 14520] <... futex resumed>) = 0 [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14520] <... futex resumed>) = 0 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] <... futex resumed>) = 1 [pid 14522] <... mount resumed>) = 0 [pid 14519] <... futex resumed>) = 0 [pid 14524] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] <... futex resumed>) = 1 [pid 14524] <... mount resumed>) = 0 [pid 14520] <... futex resumed>) = 0 [pid 14519] <... futex resumed>) = 0 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] <... futex resumed>) = 0 [pid 14522] <... open resumed>) = 6 [pid 14520] <... futex resumed>) = 0 [pid 14519] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14522] <... futex resumed>) = 0 [pid 14520] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14519] <... futex resumed>) = 0 [pid 14516] <... futex resumed>) = ? [pid 14524] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14522] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14520] <... futex resumed>) = 0 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] <... open resumed>) = 6 [pid 14516] +++ exited with 0 +++ [pid 14514] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14514, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 14524] <... futex resumed>) = 1 [pid 14519] <... futex resumed>) = 0 [pid 407] fstat(3, [pid 14524] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14519] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./510/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./510/binderfs") = 0 [ 256.958759][T14516] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 256.960608][T14533] loop5: detected capacity change from 0 to 2048 [ 256.974475][T14516] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 256.986358][T14534] loop1: detected capacity change from 0 to 2048 [ 256.995107][T14532] loop2: detected capacity change from 0 to 2048 [pid 407] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14534] <... mount resumed>) = 0 [pid 14534] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14534] chdir("./bus") = 0 [pid 14534] ioctl(4, LOOP_CLR_FD) = 0 [pid 14534] close(4 [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./510/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./510/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14520] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14520] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] openat(AT_FDCWD, "./510/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14522] <... write resumed>) = 1048576 [pid 14520] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] <... openat resumed>) = 4 [pid 14520] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 407] fstat(4, [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14520] <... mprotect resumed>) = 0 [pid 14522] <... futex resumed>) = 0 [pid 407] getdents64(4, [pid 14522] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14520] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14524] <... write resumed>) = 1048576 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] <... clone resumed>, parent_tid=[14540], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14540 [pid 14524] <... futex resumed>) = 1 [pid 14520] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14519] <... futex resumed>) = 0 [pid 407] getdents64(4, [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14520] <... futex resumed>) = 0 [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14519] <... futex resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] close(4 [pid 14534] <... close resumed>) = 0 [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14534] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14533] <... mount resumed>) = 0 [pid 14533] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14533] chdir("./bus") = 0 [pid 14533] ioctl(4, LOOP_CLR_FD) = 0 [pid 14533] close(4 [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./510/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14534] <... futex resumed>) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./510") = 0 [pid 407] mkdir("./511", 0777 [pid 14534] chdir("./file0" [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 14534] <... chdir resumed>) = 0 [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14534] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14534] <... open resumed>) = 4 [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14534] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 407] <... close resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14534] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14542 [pid 14533] <... close resumed>) = 0 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] chdir("./file0") = 0 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14534] <... write resumed>) = 196608 ./strace-static-x86_64: Process 14540 attached [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14540] set_robust_list(0x7f1c2a1159e0, 24 [pid 14534] <... futex resumed>) = 1 [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 257.036225][T14534] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/517/bus supports timestamps until 2038 (0x7fffffff) [ 257.048188][T14533] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/514/bus supports timestamps until 2038 (0x7fffffff) [ 257.068875][T14524] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14540] <... set_robust_list resumed>) = 0 [pid 14534] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14533] <... open resumed>) = 4 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14542 attached [pid 14542] set_robust_list(0x555555f755e0, 24) = 0 [pid 14542] chdir("./511") = 0 [pid 14542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14542] setpgid(0, 0) = 0 [pid 14542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14542] write(3, "1000", 4) = 4 [pid 14542] close(3) = 0 [pid 14542] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14542] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14542] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14542] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14533] <... write resumed>) = 196608 [pid 14542] <... clone resumed>, parent_tid=[14543], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14543 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] <... futex resumed>) = 1 [pid 14533] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14540] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14534] <... mount resumed>) = 0 ./strace-static-x86_64: Process 14543 attached [pid 14524] <... openat resumed>) = 7 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14519] <... futex resumed>) = 0 [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14519] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14519] <... futex resumed>) = 0 [pid 14524] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14519] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14524] <... openat resumed>) = 8 [pid 14524] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14519] <... futex resumed>) = 0 [pid 14524] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14519] exit_group(0 [pid 14524] <... futex resumed>) = ? [pid 14519] <... exit_group resumed>) = ? [pid 14524] +++ exited with 0 +++ [pid 14519] +++ exited with 0 +++ [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14520] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14534] <... futex resumed>) = 1 [pid 14527] <... futex resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14519, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14534] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14527] <... futex resumed>) = 0 [pid 14534] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14534] <... open resumed>) = 6 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14534] <... futex resumed>) = 1 [pid 14527] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 14534] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] fstat(3, [pid 14534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14527] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14534] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 14543] set_robust_list(0x7f1c324369e0, 24 [pid 14520] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14543] <... set_robust_list resumed>) = 0 [pid 14540] <... openat resumed>) = 7 [pid 14522] <... futex resumed>) = 0 [pid 14520] <... futex resumed>) = 1 [pid 411] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14543] memfd_create("syzkaller", 0 [pid 14540] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14520] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14543] <... memfd_create resumed>) = 3 [pid 14540] <... futex resumed>) = 0 [pid 14532] <... mount resumed>) = 0 [pid 14522] <... openat resumed>) = 8 [pid 14543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14540] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14543] <... mmap resumed>) = 0x7f1c2a016000 [pid 14522] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] lstat("./517/binderfs", [pid 14543] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14533] <... write resumed>) = 1048576 [pid 14532] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14522] <... futex resumed>) = 1 [pid 14520] <... futex resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14543] <... write resumed>) = 1048576 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] <... openat resumed>) = 3 [pid 14528] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14522] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 257.097142][T14524] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 257.108131][T14540] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.115225][T14532] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/512/bus supports timestamps until 2038 (0x7fffffff) [ 257.122282][T14540] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14520] exit_group(0 [pid 411] unlink("./517/binderfs" [pid 14540] <... futex resumed>) = ? [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14522] <... futex resumed>) = ? [pid 14520] <... exit_group resumed>) = ? [pid 14543] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14540] +++ exited with 0 +++ [pid 14522] +++ exited with 0 +++ [pid 411] <... unlink resumed>) = 0 [pid 14543] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14543] ioctl(4, LOOP_SET_FD, 3 [pid 14533] <... futex resumed>) = 0 [pid 14532] chdir("./bus" [pid 14528] <... futex resumed>) = 0 [pid 14520] +++ exited with 0 +++ [pid 411] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14520, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14543] <... ioctl resumed>) = 0 [pid 410] umount2("./520", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14543] close(3) = 0 [pid 14543] mkdir("./bus", 0777) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14543] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 410] openat(AT_FDCWD, "./520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14533] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] getdents64(3, [pid 14534] <... write resumed>) = 1048576 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./520/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14534] <... futex resumed>) = 1 [pid 14527] <... futex resumed>) = 0 [pid 14534] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] unlink("./520/binderfs" [pid 14527] <... futex resumed>) = 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... unlink resumed>) = 0 [pid 14532] <... chdir resumed>) = 0 [pid 14532] ioctl(4, LOOP_CLR_FD) = 0 [pid 14532] close(4) = 0 [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14532] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14529] <... futex resumed>) = 0 [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14532] <... futex resumed>) = 0 [pid 14532] chdir("./file0" [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14532] <... chdir resumed>) = 0 [pid 14533] <... openat resumed>) = 7 [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] <... futex resumed>) = 1 [pid 14529] <... futex resumed>) = 0 [ 257.159191][T14543] loop0: detected capacity change from 0 to 2048 [ 257.169653][T14533] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.184356][T14534] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.198167][T14533] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14532] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14533] <... futex resumed>) = 1 [pid 14532] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14529] <... futex resumed>) = 0 [pid 14528] <... futex resumed>) = 0 [pid 14528] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14528] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14533] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14533] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14528] <... futex resumed>) = 0 [pid 14528] exit_group(0) = ? [pid 14533] <... futex resumed>) = ? [pid 14533] +++ exited with 0 +++ [pid 14528] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14528, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 412] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14532] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./514/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14543] <... mount resumed>) = 0 [pid 14532] <... open resumed>) = 4 [pid 412] unlink("./514/binderfs" [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... unlink resumed>) = 0 [pid 14532] <... futex resumed>) = 1 [pid 14529] <... futex resumed>) = 0 [pid 412] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14543] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14532] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14529] <... futex resumed>) = 0 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14532] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14534] <... openat resumed>) = 7 [pid 14532] <... openat resumed>) = 5 [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14529] <... futex resumed>) = 0 [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14527] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14527] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = 0 [pid 14527] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 14534] <... futex resumed>) = 1 [pid 14534] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14534] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14527] <... futex resumed>) = 0 [pid 14527] exit_group(0) = ? [pid 14534] <... futex resumed>) = ? [pid 14532] <... write resumed>) = 196608 [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14529] <... futex resumed>) = 0 [pid 14532] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14532] <... mount resumed>) = 0 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14543] <... openat resumed>) = 3 [pid 14532] <... futex resumed>) = 1 [pid 14529] <... futex resumed>) = 0 [pid 14543] chdir("./bus" [pid 14532] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 14543] <... chdir resumed>) = 0 [pid 14532] <... open resumed>) = 6 [pid 14529] <... futex resumed>) = 0 [pid 412] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14543] ioctl(4, LOOP_CLR_FD [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14543] <... ioctl resumed>) = 0 [pid 14532] <... futex resumed>) = 0 [pid 14529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] lstat("./514/bus", [pid 14543] close(4 [pid 14532] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14529] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14534] +++ exited with 0 +++ [pid 14527] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14527, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 14532] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... restart_syscall resumed>) = 0 [pid 408] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./517/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./517/binderfs") = 0 [pid 408] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14543] <... close resumed>) = 0 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14543] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./514/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14542] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 4 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 14542] <... futex resumed>) = 1 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, [pid 14543] <... futex resumed>) = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14543] chdir("./file0" [pid 14532] <... write resumed>) = 1048576 [pid 412] close(4 [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 14543] <... chdir resumed>) = 0 [pid 14532] <... futex resumed>) = 1 [pid 14529] <... futex resumed>) = 0 [pid 412] rmdir("./514/bus" [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [ 257.214109][T14534] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 257.214368][T14543] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/511/bus supports timestamps until 2038 (0x7fffffff) [pid 14543] <... futex resumed>) = 1 [pid 14542] <... futex resumed>) = 0 [pid 14529] <... futex resumed>) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./514") = 0 [pid 410] <... umount2 resumed>) = 0 [pid 412] mkdir("./515", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14543] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = 0 [pid 410] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14542] <... futex resumed>) = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14543] <... open resumed>) = 4 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14542] <... futex resumed>) = 0 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14543] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14542] <... futex resumed>) = 0 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14543] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 411] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./517/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./517/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] getdents64(4, [pid 410] lstat("./520/bus", [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] close(4) = 0 [pid 410] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] rmdir("./517/bus") = 0 [pid 410] openat(AT_FDCWD, "./520/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 411] getdents64(3, [pid 410] rmdir("./520/bus" [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 411] close(3) = 0 [pid 410] getdents64(3, [pid 411] rmdir("./517" [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 410] close(3 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14532] <... openat resumed>) = 7 [pid 411] mkdir("./518", 0777 [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./520" [pid 411] <... mkdir resumed>) = 0 [pid 14543] <... futex resumed>) = 1 [pid 14542] <... futex resumed>) = 0 [pid 14543] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] <... rmdir resumed>) = 0 [pid 14542] <... futex resumed>) = 0 [pid 14543] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... openat resumed>) = 3 [pid 410] mkdir("./521", 0777 [pid 14543] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] ioctl(3, LOOP_CLR_FD [pid 14543] <... futex resumed>) = 1 [pid 14542] <... futex resumed>) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... mkdir resumed>) = 0 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 14542] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14543] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14543] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14532] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14542] <... futex resumed>) = 0 [pid 14529] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14529] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] ioctl(3, LOOP_CLR_FD [pid 14543] <... futex resumed>) = 0 [pid 14542] <... futex resumed>) = 1 [pid 14532] <... futex resumed>) = 0 [pid 14529] <... futex resumed>) = 1 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 14547 attached [pid 14543] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14529] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] close(3 [pid 14532] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14532] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14532] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14547] set_robust_list(0x555555f755e0, 24) = 0 [pid 14547] chdir("./518") = 0 [pid 14547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14547] setpgid(0, 0) = 0 [pid 14547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14547] write(3, "1000", 4) = 4 [pid 14547] close(3) = 0 [pid 14547] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14547 [pid 14529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... close resumed>) = 0 [pid 14529] exit_group(0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14529] <... exit_group resumed>) = ? [pid 14547] <... futex resumed>) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14548 [pid 14547] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14547] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14547] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14549], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14549 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14532] <... futex resumed>) = ? [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14548 attached [pid 14548] set_robust_list(0x555555f755e0, 24) = 0 [pid 14548] chdir("./521") = 0 [pid 14548] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14532] +++ exited with 0 +++ [pid 14529] +++ exited with 0 +++ [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14529, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14550 [pid 14548] <... prctl resumed>) = 0 [pid 14548] setpgid(0, 0) = 0 [pid 14548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14548] write(3, "1000", 4 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14548] <... write resumed>) = 4 [pid 409] lstat("./512/binderfs", [pid 14548] close(3 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14548] <... close resumed>) = 0 [pid 409] unlink("./512/binderfs" [pid 14548] symlink("/dev/binderfs", "./binderfs") = 0 [pid 409] <... unlink resumed>) = 0 [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14548] <... futex resumed>) = 0 [pid 14548] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14548] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14548] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14548] <... clone resumed>, parent_tid=[14551], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14551 [pid 408] lstat("./517/bus", [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14548] <... futex resumed>) = 0 [pid 408] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./517/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, [pid 409] <... umount2 resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./517/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./517") = 0 [pid 408] mkdir("./518", 0777 [pid 409] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... mkdir resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 409] lstat("./512/bus", [pid 408] <... openat resumed>) = 3 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 409] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] close(3./strace-static-x86_64: Process 14550 attached [pid 409] openat(AT_FDCWD, "./512/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... close resumed>) = 0 [ 257.266746][T14532] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.283915][T14532] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14552 ./strace-static-x86_64: Process 14549 attached [pid 409] <... openat resumed>) = 4 [pid 14550] set_robust_list(0x555555f755e0, 24 [pid 409] fstat(4, [pid 14550] <... set_robust_list resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14550] chdir("./515" [pid 409] getdents64(4, [pid 14550] <... chdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14550] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 409] getdents64(4, [pid 14550] <... prctl resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14550] setpgid(0, 0 [pid 409] close(4 [pid 14550] <... setpgid resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 409] rmdir("./512/bus" [pid 14549] set_robust_list(0x7f1c324369e0, 24 [pid 409] <... rmdir resumed>) = 0 [pid 14550] <... openat resumed>) = 3 [pid 409] getdents64(3, [pid 14550] write(3, "1000", 4 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14550] <... write resumed>) = 4 [pid 409] close(3 [pid 14550] close(3./strace-static-x86_64: Process 14551 attached ) = 0 [pid 409] <... close resumed>) = 0 [pid 14549] <... set_robust_list resumed>) = 0 [pid 14551] set_robust_list(0x7f1c324369e0, 24 [pid 14550] symlink("/dev/binderfs", "./binderfs" [pid 14549] memfd_create("syzkaller", 0 [pid 409] rmdir("./512" [pid 14551] <... set_robust_list resumed>) = 0 [pid 14549] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 14552 attached [pid 14551] memfd_create("syzkaller", 0 [pid 14550] <... symlink resumed>) = 0 [pid 14549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14543] <... write resumed>) = 1048576 [pid 409] <... rmdir resumed>) = 0 [pid 14551] <... memfd_create resumed>) = 3 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] <... mmap resumed>) = 0x7f1c2a016000 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] mkdir("./513", 0777 [pid 14552] set_robust_list(0x555555f755e0, 24 [pid 14551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14550] <... futex resumed>) = 0 [pid 14543] <... futex resumed>) = 1 [pid 14542] <... futex resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 14552] <... set_robust_list resumed>) = 0 [pid 14551] <... mmap resumed>) = 0x7f1c2a016000 [pid 14550] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14543] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14552] chdir("./518" [pid 14550] <... mmap resumed>) = 0x7f1c32416000 [pid 14549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14543] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14542] <... futex resumed>) = 0 [pid 14552] <... chdir resumed>) = 0 [pid 14551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14550] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14543] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14552] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14550] <... mprotect resumed>) = 0 [pid 14549] <... write resumed>) = 1048576 [pid 14549] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14549] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14549] ioctl(4, LOOP_SET_FD, 3 [pid 14552] <... prctl resumed>) = 0 [pid 14551] <... write resumed>) = 1048576 [pid 14550] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14549] <... ioctl resumed>) = 0 [pid 14549] close(3) = 0 [pid 14549] mkdir("./bus", 0777) = 0 [pid 14549] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14552] setpgid(0, 0) = 0 [pid 14552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14552] write(3, "1000", 4) = 4 [pid 14552] close(3) = 0 [pid 14552] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14552] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14552] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14552] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14553], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14553 [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14551] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14551] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14551] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... openat resumed>) = 3 [pid 14550] <... clone resumed>, parent_tid=[14554], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14554 [pid 409] ioctl(3, LOOP_CLR_FD [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14550] <... futex resumed>) = 0 [pid 409] close(3 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 409] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14551] <... ioctl resumed>) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14555 [pid 14551] close(3) = 0 [pid 14551] mkdir("./bus", 0777) = 0 [pid 14551] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14553 attached [pid 14553] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14553] memfd_create("syzkaller", 0 [pid 14543] <... openat resumed>) = 7 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14542] <... futex resumed>) = 0 [pid 14542] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14542] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14543] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14543] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14542] <... futex resumed>) = 0 [pid 14542] exit_group(0) = ? [pid 14543] +++ exited with 0 +++ [pid 14542] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14542, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./511/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./511/binderfs"./strace-static-x86_64: Process 14554 attached ) = 0 [pid 407] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14555 attached [pid 14554] set_robust_list(0x7f1c324369e0, 24 [pid 14553] <... memfd_create resumed>) = 3 [pid 14553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 257.363260][T14543] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.364453][T14549] loop4: detected capacity change from 0 to 2048 [ 257.378464][T14543] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 257.390549][T14551] loop3: detected capacity change from 0 to 2048 [pid 14553] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14553] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14553] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14549] <... mount resumed>) = 0 [pid 14554] <... set_robust_list resumed>) = 0 [pid 14555] set_robust_list(0x555555f755e0, 24 [pid 14554] memfd_create("syzkaller", 0 [pid 14553] <... openat resumed>) = 4 [pid 14549] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14555] <... set_robust_list resumed>) = 0 [pid 14555] chdir("./513") = 0 [pid 14555] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14555] setpgid(0, 0) = 0 [pid 14555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14555] write(3, "1000", 4) = 4 [pid 14555] close(3) = 0 [pid 14555] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14555] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14555] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14555] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14560], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14560 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14560 attached [pid 14560] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14560] memfd_create("syzkaller", 0) = 3 [pid 14560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14554] <... memfd_create resumed>) = 3 [pid 14553] ioctl(4, LOOP_SET_FD, 3 [pid 14551] <... mount resumed>) = 0 [pid 14549] <... openat resumed>) = 3 [pid 14554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14549] chdir("./bus" [pid 14554] <... mmap resumed>) = 0x7f1c2a016000 [pid 14549] <... chdir resumed>) = 0 [pid 14560] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14553] <... ioctl resumed>) = 0 [pid 14551] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14549] ioctl(4, LOOP_CLR_FD) = 0 [pid 14549] close(4) = 0 [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14547] <... futex resumed>) = 0 [pid 14549] chdir("./file0" [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] <... chdir resumed>) = 0 [pid 14547] <... futex resumed>) = 0 [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14549] <... futex resumed>) = 0 [pid 14547] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14549] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14551] <... openat resumed>) = 3 [pid 14551] chdir("./bus") = 0 [pid 14553] close(3) = 0 [pid 14551] ioctl(4, LOOP_CLR_FD [pid 14553] mkdir("./bus", 0777 [pid 14551] <... ioctl resumed>) = 0 [pid 14551] close(4) = 0 [pid 14549] <... open resumed>) = 4 [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14547] <... futex resumed>) = 0 [pid 14549] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14549] <... openat resumed>) = 5 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14548] <... futex resumed>) = 0 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14551] <... futex resumed>) = 1 [pid 14548] <... futex resumed>) = 0 [pid 14551] chdir("./file0" [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14553] <... mkdir resumed>) = 0 [pid 14551] <... chdir resumed>) = 0 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14548] <... futex resumed>) = 0 [pid 14553] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14551] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] <... write resumed>) = 1048576 [pid 14549] <... futex resumed>) = 0 [pid 14548] <... futex resumed>) = 0 [pid 14547] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14547] <... futex resumed>) = 0 [pid 14560] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14560] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 257.417781][T14549] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/518/bus supports timestamps until 2038 (0x7fffffff) [ 257.430427][T14551] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/521/bus supports timestamps until 2038 (0x7fffffff) [ 257.443666][T14553] loop1: detected capacity change from 0 to 2048 [pid 14560] ioctl(4, LOOP_SET_FD, 3 [pid 14551] <... open resumed>) = 4 [pid 14549] <... write resumed>) = 196608 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14549] <... futex resumed>) = 1 [pid 14548] <... futex resumed>) = 0 [pid 14547] <... futex resumed>) = 0 [pid 14551] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14549] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14548] <... futex resumed>) = 0 [pid 14547] <... futex resumed>) = 0 [pid 14551] <... openat resumed>) = 5 [pid 14549] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] <... mount resumed>) = 0 [pid 14560] <... ioctl resumed>) = 0 [pid 14560] close(3 [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14548] <... futex resumed>) = 0 [pid 14551] <... futex resumed>) = 1 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14547] <... futex resumed>) = 0 [pid 14549] <... futex resumed>) = 1 [pid 14551] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14548] <... futex resumed>) = 0 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14547] <... futex resumed>) = 0 [pid 14549] <... open resumed>) = 6 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] <... close resumed>) = 0 [pid 14560] mkdir("./bus", 0777 [pid 14547] <... futex resumed>) = 0 [pid 14549] <... futex resumed>) = 1 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14549] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14560] <... mkdir resumed>) = 0 [pid 14560] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14554] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14551] <... write resumed>) = 196608 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14548] <... futex resumed>) = 0 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14551] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14548] <... futex resumed>) = 0 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14551] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14548] <... futex resumed>) = 0 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14551] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 1048576 [pid 407] <... umount2 resumed>) = 0 [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14548] <... futex resumed>) = 0 [pid 14551] <... futex resumed>) = 1 [pid 14548] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14551] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14548] <... futex resumed>) = 0 [pid 14548] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./511/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./511/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./511/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./511/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./511") = 0 [pid 407] mkdir("./512", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14563 [pid 14554] <... write resumed>) = 1048576 [pid 14554] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14554] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 257.468468][T14560] loop2: detected capacity change from 0 to 2048 [ 257.504066][T14551] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14554] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14563 attached [pid 14549] <... write resumed>) = 1048576 [pid 14554] <... ioctl resumed>) = 0 [pid 14554] close(3) = 0 [pid 14554] mkdir("./bus", 0777) = 0 [pid 14554] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14563] set_robust_list(0x555555f755e0, 24) = 0 [pid 14563] chdir("./512") = 0 [pid 14563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14563] setpgid(0, 0) = 0 [pid 14563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14563] write(3, "1000", 4) = 4 [pid 14563] close(3) = 0 [pid 14563] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14563] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14563] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14563] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14566], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14566 [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14549] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14547] <... futex resumed>) = 0 [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14566 attached [pid 14566] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14566] memfd_create("syzkaller", 0) = 3 [pid 14566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14566] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14566] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14549] <... futex resumed>) = 0 [pid 14548] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14547] <... futex resumed>) = 1 [pid 14549] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14548] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [ 257.520862][T14554] loop5: detected capacity change from 0 to 2048 [ 257.526205][T14551] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 257.536588][T14553] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/518/bus supports timestamps until 2038 (0x7fffffff) [ 257.548771][T14560] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/513/bus supports timestamps until 2038 (0x7fffffff) [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... openat resumed>) = 4 [pid 14566] ioctl(4, LOOP_SET_FD, 3 [pid 14560] <... mount resumed>) = 0 [pid 14553] <... mount resumed>) = 0 [pid 14551] <... openat resumed>) = 7 [pid 14548] <... futex resumed>) = 0 [pid 14566] <... ioctl resumed>) = 0 [pid 14566] close(3) = 0 [pid 14566] mkdir("./bus", 0777) = 0 [pid 14566] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14560] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14560] chdir("./bus") = 0 [pid 14560] ioctl(4, LOOP_CLR_FD) = 0 [pid 14560] close(4) = 0 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14555] <... futex resumed>) = 0 [pid 14560] chdir("./file0" [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] <... chdir resumed>) = 0 [pid 14555] <... futex resumed>) = 0 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14560] <... futex resumed>) = 0 [pid 14555] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14560] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14553] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14551] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14548] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14551] <... futex resumed>) = 0 [pid 14548] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14551] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14548] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14548] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14567], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14567 [pid 14548] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14548] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14553] <... openat resumed>) = 3 [pid 14553] chdir("./bus") = 0 [pid 14553] ioctl(4, LOOP_CLR_FD) = 0 [pid 14553] close(4) = 0 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14553] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14552] <... futex resumed>) = 0 [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14553] <... futex resumed>) = 0 [pid 14552] <... futex resumed>) = 1 [pid 14553] chdir("./file0" [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14553] <... chdir resumed>) = 0 [pid 14549] <... openat resumed>) = 7 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14553] <... futex resumed>) = 1 [pid 14552] <... futex resumed>) = 0 [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14547] <... futex resumed>) = 0 [pid 14553] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14552] <... futex resumed>) = 0 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14547] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14547] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14549] <... futex resumed>) = 1 [pid 14549] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14549] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14547] <... futex resumed>) = 0 [pid 14547] exit_group(0 [pid 14553] <... open resumed>) = 4 [pid 14547] <... exit_group resumed>) = ? [pid 14549] <... futex resumed>) = ? [pid 14549] +++ exited with 0 +++ [pid 14547] +++ exited with 0 +++ [pid 14560] <... open resumed>) = 4 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14547, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14553] <... futex resumed>) = 1 [pid 14552] <... futex resumed>) = 0 [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] <... futex resumed>) = 1 [pid 14555] <... futex resumed>) = 0 [pid 14553] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14552] <... futex resumed>) = 0 [pid 14560] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14555] <... futex resumed>) = 0 [pid 411] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14553] <... openat resumed>) = 5 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14560] <... openat resumed>) = 5 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, [pid 14553] <... futex resumed>) = 1 [pid 14552] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14560] <... futex resumed>) = 1 [pid 14555] <... futex resumed>) = 0 [pid 14553] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 14560] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14553] <... write resumed>) = 196608 [pid 14555] <... futex resumed>) = 0 [pid 14552] <... futex resumed>) = 0 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14560] <... write resumed>) = 196608 [pid 411] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./518/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./518/binderfs") = 0 [pid 411] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14567 attached [pid 14567] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14553] <... futex resumed>) = 1 [pid 14552] <... futex resumed>) = 0 [pid 14553] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14553] <... mount resumed>) = 0 [pid 14552] <... futex resumed>) = 0 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14567] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14567] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14548] <... futex resumed>) = 0 [pid 14548] exit_group(0 [pid 14551] <... futex resumed>) = ? [pid 14548] <... exit_group resumed>) = ? [pid 14551] +++ exited with 0 +++ [pid 14567] <... futex resumed>) = ? [pid 14567] +++ exited with 0 +++ [pid 14548] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14548, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 410] umount2("./521", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./521/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./521/binderfs") = 0 [pid 410] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14560] <... futex resumed>) = 1 [pid 14560] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14553] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14555] <... futex resumed>) = 0 [pid 14552] <... futex resumed>) = 0 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = 0 [pid 14555] <... futex resumed>) = 1 [pid 14552] <... futex resumed>) = 1 [pid 14553] <... futex resumed>) = 0 [pid 14560] <... futex resumed>) = 0 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14560] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14553] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14560] <... mount resumed>) = 0 [pid 14553] <... open resumed>) = 6 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14560] <... futex resumed>) = 1 [pid 14555] <... futex resumed>) = 0 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14553] <... futex resumed>) = 1 [pid 410] lstat("./521/bus", [pid 14552] <... futex resumed>) = 0 [pid 14560] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14555] <... futex resumed>) = 0 [pid 14553] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14553] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14552] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14560] <... open resumed>) = 6 [pid 14553] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [ 257.561328][T14549] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.561648][T14566] loop0: detected capacity change from 0 to 2048 [ 257.577548][T14549] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 410] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14560] <... futex resumed>) = 1 [pid 14560] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./521/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./521/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./521") = 0 [pid 410] mkdir("./522", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = 0 [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14570 ./strace-static-x86_64: Process 14570 attached [pid 14555] <... futex resumed>) = 0 [pid 14570] set_robust_list(0x555555f755e0, 24) = 0 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14570] chdir("./522") = 0 [pid 14570] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14570] setpgid(0, 0) = 0 [pid 14560] <... futex resumed>) = 0 [pid 14555] <... futex resumed>) = 1 [pid 14570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14560] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14570] <... openat resumed>) = 3 [pid 14570] write(3, "1000", 4) = 4 [pid 14570] close(3) = 0 [pid 14570] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14570] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14570] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14570] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14571], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14571 [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14571 attached [pid 14571] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14571] memfd_create("syzkaller", 0) = 3 [pid 14571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14571] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14571] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14571] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14554] <... mount resumed>) = 0 [pid 14554] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14554] chdir("./bus") = 0 [pid 14554] ioctl(4, LOOP_CLR_FD) = 0 [pid 14554] close(4) = 0 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] <... futex resumed>) = 1 [pid 14554] chdir("./file0") = 0 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] <... futex resumed>) = 1 [pid 14554] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14553] <... write resumed>) = 1048576 [pid 14566] <... mount resumed>) = 0 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14553] <... futex resumed>) = 1 [pid 14552] <... futex resumed>) = 0 [pid 14566] <... openat resumed>) = 3 [pid 14553] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14552] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] chdir("./bus" [pid 14553] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14552] <... futex resumed>) = 0 [pid 14553] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14552] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... chdir resumed>) = 0 [pid 14554] <... open resumed>) = 4 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] <... futex resumed>) = 1 [pid 14554] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] <... futex resumed>) = 1 [ 257.628063][T14554] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/515/bus supports timestamps until 2038 (0x7fffffff) [ 257.658827][T14566] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/512/bus supports timestamps until 2038 (0x7fffffff) [pid 14554] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./518/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./518/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./518/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./518") = 0 [pid 411] mkdir("./519", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 14566] ioctl(4, LOOP_CLR_FD [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14574 [pid 14566] <... ioctl resumed>) = 0 [pid 14566] close(4) = 0 [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14571] <... openat resumed>) = 4 [pid 14571] ioctl(4, LOOP_SET_FD, 3 [pid 14566] <... futex resumed>) = 1 [pid 14563] <... futex resumed>) = 0 [pid 14566] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14571] <... ioctl resumed>) = 0 [pid 14571] close(3) = 0 [pid 14571] mkdir("./bus", 0777) = 0 [pid 14555] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14555] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14563] <... futex resumed>) = 1 [pid 14555] <... futex resumed>) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14555] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14566] <... futex resumed>) = 0 [pid 14555] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14566] chdir("./file0" [pid 14555] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14566] <... chdir resumed>) = 0 [pid 14560] <... write resumed>) = 1048576 [pid 14555] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14571] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14555] <... clone resumed>, parent_tid=[14575], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14575 [pid 14555] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14554] <... write resumed>) = 196608 [pid 14555] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... futex resumed>) = 1 [pid 14563] <... futex resumed>) = 0 [pid 14560] <... futex resumed>) = 0 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14574 attached [pid 14574] set_robust_list(0x555555f755e0, 24) = 0 [pid 14574] chdir("./519") = 0 [pid 14563] <... futex resumed>) = 0 [pid 14574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14574] setpgid(0, 0) = 0 [pid 14574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14574] write(3, "1000", 4) = 4 [pid 14574] close(3) = 0 [pid 14574] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14574] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14574] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14574] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 14575 attached [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14575] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14566] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14566] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14575] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14566] <... open resumed>) = 4 [ 257.674098][T14553] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.691074][T14571] loop3: detected capacity change from 0 to 2048 [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14563] <... futex resumed>) = 0 [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... futex resumed>) = 1 [pid 14566] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14563] <... futex resumed>) = 0 [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... futex resumed>) = 1 [pid 14566] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14576 attached [pid 14574] <... clone resumed>, parent_tid=[14576], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14576 [pid 14566] <... write resumed>) = 196608 [pid 14554] <... futex resumed>) = 0 [pid 14550] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14554] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14574] <... futex resumed>) = 0 [pid 14554] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14550] <... futex resumed>) = 0 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14554] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] <... mount resumed>) = 0 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14550] <... futex resumed>) = 0 [pid 14554] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14554] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14552] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14550] <... futex resumed>) = 0 [pid 14554] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14552] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14576] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14576] memfd_create("syzkaller", 0) = 3 [pid 14576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14554] <... open resumed>) = 6 [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14552] <... futex resumed>) = 0 [pid 14575] <... openat resumed>) = 7 [pid 14553] <... openat resumed>) = 7 [pid 14553] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14553] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14575] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] <... futex resumed>) = 1 [pid 14563] <... futex resumed>) = 0 [pid 14554] <... futex resumed>) = 1 [pid 14552] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14550] <... futex resumed>) = 0 [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14576] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14575] <... futex resumed>) = 1 [pid 14566] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14555] <... futex resumed>) = 0 [pid 14554] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14552] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14555] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14575] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14560] <... futex resumed>) = 0 [pid 14555] <... futex resumed>) = 1 [pid 14554] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14552] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14550] <... futex resumed>) = 0 [pid 14566] <... mount resumed>) = 0 [pid 14560] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14555] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14560] <... openat resumed>) = 8 [pid 14554] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14552] <... mprotect resumed>) = 0 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14560] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14555] <... futex resumed>) = 0 [pid 14560] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14555] exit_group(0 [pid 14575] <... futex resumed>) = ? [pid 14560] <... futex resumed>) = ? [pid 14555] <... exit_group resumed>) = ? [pid 14576] <... write resumed>) = 1048576 [pid 14575] +++ exited with 0 +++ [pid 14566] <... futex resumed>) = 1 [pid 14563] <... futex resumed>) = 0 [pid 14560] +++ exited with 0 +++ [pid 14555] +++ exited with 0 +++ [pid 14552] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14576] munmap(0x7f1c2a016000, 1048576 [pid 14566] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14554] <... write resumed>) = 1048576 [pid 14566] <... open resumed>) = 6 [pid 14552] <... clone resumed>, parent_tid=[14578], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14578 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14555, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14554] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14578 attached [pid 14578] set_robust_list(0x7f1c2a1159e0, 24 [pid 14576] <... munmap resumed>) = 0 [pid 14566] <... futex resumed>) = 1 [pid 14563] <... futex resumed>) = 0 [pid 14552] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 14576] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14566] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14552] <... futex resumed>) = 0 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... restart_syscall resumed>) = 0 [pid 14576] <... openat resumed>) = 4 [pid 14566] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14552] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14550] <... futex resumed>) = 1 [pid 14576] ioctl(4, LOOP_SET_FD, 3 [ 257.715943][T14575] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.719184][T14553] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 257.738774][T14575] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 257.766649][T14571] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/522/bus supports timestamps until 2038 (0x7fffffff) [pid 14566] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14563] <... futex resumed>) = 0 [pid 14554] <... futex resumed>) = 0 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14578] <... set_robust_list resumed>) = 0 [pid 14576] <... ioctl resumed>) = 0 [pid 14571] <... mount resumed>) = 0 [pid 409] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14576] close(3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14576] <... close resumed>) = 0 [pid 409] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14578] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14576] mkdir("./bus", 0777 [pid 14571] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 409] <... openat resumed>) = 3 [pid 14578] <... openat resumed>) = 8 [pid 14576] <... mkdir resumed>) = 0 [pid 14571] <... openat resumed>) = 3 [pid 409] fstat(3, [pid 14578] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14576] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14571] chdir("./bus" [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14578] <... futex resumed>) = 1 [pid 14571] <... chdir resumed>) = 0 [pid 14552] <... futex resumed>) = 0 [pid 409] getdents64(3, [pid 14578] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14571] ioctl(4, LOOP_CLR_FD [pid 14552] exit_group(0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14578] <... futex resumed>) = ? [pid 14571] <... ioctl resumed>) = 0 [pid 14552] <... exit_group resumed>) = ? [pid 409] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14578] +++ exited with 0 +++ [pid 14571] close(4 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14571] <... close resumed>) = 0 [pid 14566] <... write resumed>) = 1048576 [pid 14553] <... futex resumed>) = ? [pid 409] lstat("./513/binderfs", [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14571] <... futex resumed>) = 1 [pid 14570] <... futex resumed>) = 0 [pid 409] unlink("./513/binderfs" [pid 14571] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... unlink resumed>) = 0 [pid 14571] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14570] <... futex resumed>) = 0 [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14571] chdir("./file0" [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... futex resumed>) = 1 [pid 14563] <... futex resumed>) = 0 [pid 14553] +++ exited with 0 +++ [pid 14552] +++ exited with 0 +++ [pid 14571] <... chdir resumed>) = 0 [pid 14566] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14570] <... futex resumed>) = 0 [pid 14566] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14563] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14552, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14571] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14571] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14570] <... futex resumed>) = 0 [pid 14571] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 257.769205][T14576] loop4: detected capacity change from 0 to 2048 [ 257.779711][T14554] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.815541][T14554] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14554] <... openat resumed>) = 7 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 14550] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14550] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14554] <... futex resumed>) = 1 [pid 14554] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14554] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14550] <... futex resumed>) = 0 [pid 14550] exit_group(0) = ? [pid 14554] <... futex resumed>) = ? [pid 14554] +++ exited with 0 +++ [pid 14550] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14550, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] fstat(3, [pid 14571] <... open resumed>) = 4 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] getdents64(3, [pid 14571] <... futex resumed>) = 1 [pid 14571] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14570] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./518/binderfs", [pid 14571] <... futex resumed>) = 0 [pid 14570] <... futex resumed>) = 1 [pid 412] fstat(3, [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14571] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14571] <... openat resumed>) = 5 [pid 412] lstat("./515/binderfs", [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] unlink("./518/binderfs" [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./515/binderfs") = 0 [pid 412] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14571] <... futex resumed>) = 1 [pid 14570] <... futex resumed>) = 0 [pid 408] <... unlink resumed>) = 0 [pid 14571] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14571] <... write resumed>) = 196608 [pid 14570] <... futex resumed>) = 0 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... openat resumed>) = 7 [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14566] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14571] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14570] <... futex resumed>) = 0 [pid 14563] <... futex resumed>) = 0 [pid 14563] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14563] <... futex resumed>) = 1 [pid 14570] <... futex resumed>) = 1 [pid 14571] <... futex resumed>) = 0 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14563] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14566] <... futex resumed>) = 0 [pid 14566] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14571] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14566] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14571] <... mount resumed>) = 0 [pid 408] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14566] <... futex resumed>) = 1 [pid 412] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14576] <... mount resumed>) = 0 [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14563] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14576] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14571] <... futex resumed>) = 1 [pid 14570] <... futex resumed>) = 0 [pid 14563] exit_group(0 [pid 412] lstat("./515/bus", [pid 408] lstat("./518/bus", [pid 14576] <... openat resumed>) = 3 [pid 14571] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14566] <... futex resumed>) = ? [pid 14563] <... exit_group resumed>) = ? [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14571] <... open resumed>) = 6 [pid 412] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14571] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./515/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./518/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14576] chdir("./bus" [pid 14571] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... openat resumed>) = 4 [pid 408] <... openat resumed>) = 4 [pid 14576] <... chdir resumed>) = 0 [pid 412] fstat(4, [pid 408] fstat(4, [pid 14576] ioctl(4, LOOP_CLR_FD [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14576] <... ioctl resumed>) = 0 [pid 14566] +++ exited with 0 +++ [pid 412] getdents64(4, [pid 408] getdents64(4, [pid 14576] close(4 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14576] <... close resumed>) = 0 [pid 14570] <... futex resumed>) = 1 [pid 14563] +++ exited with 0 +++ [pid 412] getdents64(4, [pid 408] getdents64(4, [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14563, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14570] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14571] <... futex resumed>) = 0 [pid 14571] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14576] <... futex resumed>) = 1 [pid 14574] <... futex resumed>) = 0 [pid 412] close(4 [pid 408] close(4 [pid 14576] chdir("./file0" [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14576] <... chdir resumed>) = 0 [pid 14574] <... futex resumed>) = 0 [pid 412] rmdir("./515/bus" [pid 408] rmdir("./518/bus" [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... rmdir resumed>) = 0 [pid 409] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... rmdir resumed>) = 0 [pid 14576] <... futex resumed>) = 0 [pid 14574] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] getdents64(3, [pid 408] getdents64(3, [pid 14576] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14574] <... futex resumed>) = 0 [pid 412] close(3 [pid 409] lstat("./513/bus", [pid 408] close(3 [pid 14576] <... open resumed>) = 4 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14571] <... write resumed>) = 1048576 [pid 412] <... close resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... close resumed>) = 0 [pid 407] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] rmdir("./515" [pid 409] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] rmdir("./518" [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14576] <... futex resumed>) = 1 [pid 14574] <... futex resumed>) = 0 [pid 14571] <... futex resumed>) = 1 [pid 14570] <... futex resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... rmdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14576] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14571] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] mkdir("./516", 0777 [pid 409] openat(AT_FDCWD, "./513/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] mkdir("./519", 0777 [pid 407] <... openat resumed>) = 3 [pid 14576] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14574] <... futex resumed>) = 0 [pid 14571] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14570] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 4 [pid 407] fstat(3, [pid 14576] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... mkdir resumed>) = 0 [pid 409] fstat(4, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 257.817108][T14566] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.841297][T14566] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 257.861155][T14576] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/519/bus supports timestamps until 2038 (0x7fffffff) [pid 14576] <... openat resumed>) = 5 [pid 14571] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 407] getdents64(3, [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 3 [pid 409] getdents64(4, [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14576] <... futex resumed>) = 1 [pid 14574] <... futex resumed>) = 0 [pid 412] ioctl(3, LOOP_CLR_FD [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... openat resumed>) = 3 [pid 407] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14576] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] getdents64(4, [pid 408] ioctl(3, LOOP_CLR_FD [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14576] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14574] <... futex resumed>) = 0 [pid 412] close(3 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] lstat("./512/binderfs", [pid 14576] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] close(4 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14576] <... write resumed>) = 196608 [pid 409] <... close resumed>) = 0 [pid 407] unlink("./512/binderfs" [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] rmdir("./513/bus" [pid 407] <... unlink resumed>) = 0 [pid 14576] <... futex resumed>) = 1 [pid 14574] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 407] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14576] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, [pid 14576] <... mount resumed>) = 0 [pid 14574] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] close(3 [pid 14576] <... futex resumed>) = 0 [pid 14574] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... close resumed>) = 0 [pid 14576] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] rmdir("./513" [pid 14576] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14574] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 14576] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] mkdir("./514", 0777 [pid 14576] <... open resumed>) = 6 [pid 409] <... mkdir resumed>) = 0 [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14576] <... futex resumed>) = 1 [pid 14574] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 14576] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] ioctl(3, LOOP_CLR_FD [pid 14576] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14574] <... futex resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14576] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14583 [pid 412] <... close resumed>) = 0 [pid 408] close(3 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14584 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14585 ./strace-static-x86_64: Process 14583 attached [pid 14576] <... write resumed>) = 1048576 [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14574] <... futex resumed>) = 0 [pid 14576] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14576] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14574] <... futex resumed>) = 0 [pid 14576] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14583] set_robust_list(0x555555f755e0, 24 [pid 14571] <... openat resumed>) = 7 [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14570] <... futex resumed>) = 0 [pid 14570] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14570] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14583] <... set_robust_list resumed>) = 0 [pid 14571] <... futex resumed>) = 1 [pid 14571] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14583] chdir("./514" [pid 14571] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14570] <... futex resumed>) = 0 [pid 14570] exit_group(0) = ? [pid 14583] <... chdir resumed>) = 0 [pid 14571] <... futex resumed>) = ? [pid 14583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14583] setpgid(0, 0) = 0 [pid 14583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14583] write(3, "1000", 4) = 4 [pid 14571] +++ exited with 0 +++ [pid 14570] +++ exited with 0 +++ [pid 14583] close(3 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14570, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14583] <... close resumed>) = 0 [pid 14583] symlink("/dev/binderfs", "./binderfs") = 0 [pid 410] umount2("./522", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14583] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14583] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] <... openat resumed>) = 3 [pid 14583] <... mmap resumed>) = 0x7f1c32416000 [pid 410] fstat(3, [pid 14583] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14583] <... mprotect resumed>) = 0 [pid 410] getdents64(3, [pid 14583] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 ./strace-static-x86_64: Process 14585 attached [pid 410] umount2("./522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14585] set_robust_list(0x555555f755e0, 24 [pid 14583] <... clone resumed>, parent_tid=[14586], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14586 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14585] <... set_robust_list resumed>) = 0 [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./522/binderfs", ./strace-static-x86_64: Process 14584 attached [pid 14585] chdir("./519" [pid 14583] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14585] <... chdir resumed>) = 0 [pid 14584] set_robust_list(0x555555f755e0, 24 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] unlink("./522/binderfs" [pid 14585] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14584] <... set_robust_list resumed>) = 0 [pid 410] <... unlink resumed>) = 0 [pid 14585] <... prctl resumed>) = 0 [pid 14584] chdir("./516" [pid 410] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14585] setpgid(0, 0 [pid 14584] <... chdir resumed>) = 0 [pid 14585] <... setpgid resumed>) = 0 [pid 14584] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14584] <... prctl resumed>) = 0 [ 257.906203][T14571] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 257.922811][T14571] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 257.936417][T14576] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14585] <... openat resumed>) = 3 [pid 14584] setpgid(0, 0./strace-static-x86_64: Process 14586 attached [pid 14585] write(3, "1000", 4 [pid 14584] <... setpgid resumed>) = 0 [pid 14586] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14586] memfd_create("syzkaller", 0) = 3 [pid 14586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14586] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14586] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14586] ioctl(4, LOOP_SET_FD, 3 [pid 14585] <... write resumed>) = 4 [pid 14584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14585] close(3) = 0 [pid 14585] symlink("/dev/binderfs", "./binderfs" [pid 14584] <... openat resumed>) = 3 [pid 14586] <... ioctl resumed>) = 0 [pid 14586] close(3) = 0 [pid 14585] <... symlink resumed>) = 0 [pid 14584] write(3, "1000", 4 [pid 14586] mkdir("./bus", 0777 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] <... write resumed>) = 4 [pid 14585] <... futex resumed>) = 0 [pid 14585] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14584] close(3 [pid 14585] <... mmap resumed>) = 0x7f1c32416000 [pid 14585] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14584] <... close resumed>) = 0 [pid 14585] <... mprotect resumed>) = 0 [pid 14584] symlink("/dev/binderfs", "./binderfs" [pid 14586] <... mkdir resumed>) = 0 [pid 14586] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14585] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14584] <... symlink resumed>) = 0 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14587 attached [pid 14585] <... clone resumed>, parent_tid=[14587], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14587 [pid 14584] <... futex resumed>) = 0 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14585] <... futex resumed>) = 0 [pid 14584] <... mmap resumed>) = 0x7f1c32416000 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14584] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14587] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14584] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14587] memfd_create("syzkaller", 0) = 3 [pid 14587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14584] <... clone resumed>, parent_tid=[14588], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14588 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14587] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14587] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14587] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14588 attached [pid 14588] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14588] memfd_create("syzkaller", 0) = 3 [pid 14588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14576] <... openat resumed>) = 7 [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14574] <... futex resumed>) = 0 [pid 14576] <... futex resumed>) = 1 [pid 14574] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14576] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14574] <... futex resumed>) = 0 [pid 14588] <... mmap resumed>) = 0x7f1c2a016000 [pid 14574] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14576] <... openat resumed>) = 8 [pid 14576] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14574] <... futex resumed>) = 0 [pid 14574] exit_group(0 [pid 14576] <... futex resumed>) = ? [pid 14574] <... exit_group resumed>) = ? [pid 14576] +++ exited with 0 +++ [pid 14574] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14574, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 14588] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14588] munmap(0x7f1c2a016000, 1048576) = 0 [pid 411] <... restart_syscall resumed>) = 0 [pid 14588] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 411] umount2("./519", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14588] <... openat resumed>) = 4 [pid 411] openat(AT_FDCWD, "./519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14588] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... openat resumed>) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14588] <... ioctl resumed>) = 0 [pid 14588] close(3) = 0 [pid 14588] mkdir("./bus", 0777) = 0 [pid 14588] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14587] <... ioctl resumed>) = 0 [pid 14587] close(3) = 0 [pid 14587] mkdir("./bus", 0777 [pid 411] getdents64(3, [pid 407] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14587] <... mkdir resumed>) = 0 [pid 14587] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] lstat("./512/bus", [pid 411] umount2("./519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./512/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./512/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] lstat("./519/binderfs", [pid 407] <... openat resumed>) = 4 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] fstat(4, [pid 411] unlink("./519/binderfs" [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... unlink resumed>) = 0 [pid 407] getdents64(4, [pid 411] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./512/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./512") = 0 [pid 407] mkdir("./513", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14591 [ 257.951472][T14576] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 257.959010][T14586] loop2: detected capacity change from 0 to 2048 [ 257.983033][T14587] loop1: detected capacity change from 0 to 2048 [ 257.990315][T14588] loop5: detected capacity change from 0 to 2048 [pid 14586] <... mount resumed>) = 0 [pid 14586] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14586] chdir("./bus") = 0 [pid 14586] ioctl(4, LOOP_CLR_FD) = 0 [pid 14586] close(4 [pid 410] <... umount2 resumed>) = 0 [pid 14586] <... close resumed>) = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14583] <... futex resumed>) = 0 [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] chdir("./file0") = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14586] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14591 attached [pid 14591] set_robust_list(0x555555f755e0, 24) = 0 [pid 14591] chdir("./513") = 0 [pid 14591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14591] setpgid(0, 0) = 0 [pid 14591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14591] write(3, "1000", 4 [pid 14583] <... futex resumed>) = 1 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14591] <... write resumed>) = 4 [pid 14591] close(3) = 0 [pid 14591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14591] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14591] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14592], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14592 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14592 attached [pid 14592] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14592] memfd_create("syzkaller", 0) = 3 [pid 410] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./522/bus", [pid 14586] <... futex resumed>) = 0 [pid 14592] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14586] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14586] <... open resumed>) = 4 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14592] <... write resumed>) = 1048576 [pid 14592] munmap(0x7f1c2a016000, 1048576 [pid 410] openat(AT_FDCWD, "./522/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] rmdir("./522/bus") = 0 [pid 14583] <... futex resumed>) = 0 [pid 14586] <... futex resumed>) = 1 [pid 410] getdents64(3, [pid 14586] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] close(3) = 0 [pid 14586] <... openat resumed>) = 5 [pid 410] rmdir("./522") = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14592] <... munmap resumed>) = 0 [pid 14592] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 258.001396][T14586] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/514/bus supports timestamps until 2038 (0x7fffffff) [ 258.043944][T14588] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/516/bus supports timestamps until 2038 (0x7fffffff) [pid 14592] ioctl(4, LOOP_SET_FD, 3 [pid 14586] <... futex resumed>) = 1 [pid 14583] <... futex resumed>) = 0 [pid 410] mkdir("./523", 0777 [pid 14586] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14583] <... futex resumed>) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14592] <... ioctl resumed>) = 0 [pid 14592] close(3) = 0 [pid 14592] mkdir("./bus", 0777) = 0 [pid 410] <... openat resumed>) = 3 [pid 14586] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 14592] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14588] <... mount resumed>) = 0 [pid 14588] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14588] chdir("./bus") = 0 [pid 14588] ioctl(4, LOOP_CLR_FD) = 0 [pid 14588] close(4) = 0 [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14584] <... futex resumed>) = 0 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] close(3 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... close resumed>) = 0 [pid 14588] chdir("./file0") = 0 [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14588] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14586] <... write resumed>) = 196608 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14586] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14597 [pid 14583] <... futex resumed>) = 0 [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] <... futex resumed>) = 0 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14583] <... futex resumed>) = 1 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14586] <... futex resumed>) = 0 [pid 14584] <... futex resumed>) = 1 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14586] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14588] <... futex resumed>) = 0 [pid 14588] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14587] <... mount resumed>) = 0 [pid 14587] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14587] chdir("./bus") = 0 [pid 14587] ioctl(4, LOOP_CLR_FD) = 0 [pid 14587] close(4) = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14587] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14597 attached [pid 14597] set_robust_list(0x555555f755e0, 24) = 0 [pid 14597] chdir("./523") = 0 [pid 14597] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14585] <... futex resumed>) = 0 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14587] <... futex resumed>) = 0 [pid 14587] chdir("./file0" [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14588] <... open resumed>) = 4 [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] <... futex resumed>) = 1 [pid 14583] <... futex resumed>) = 0 [pid 14587] <... chdir resumed>) = 0 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14587] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14597] setpgid(0, 0) = 0 [pid 14597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14597] write(3, "1000", 4) = 4 [pid 14597] close(3) = 0 [pid 14597] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14597] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14597] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14597] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14600], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14600 [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14600 attached [pid 14600] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14600] memfd_create("syzkaller", 0) = 3 [pid 14600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14585] <... futex resumed>) = 0 [pid 14588] <... futex resumed>) = 1 [pid 14584] <... futex resumed>) = 0 [pid 14583] <... futex resumed>) = 0 [pid 14588] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14586] <... open resumed>) = 6 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14588] <... openat resumed>) = 5 [pid 14587] <... futex resumed>) = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14585] <... futex resumed>) = 1 [pid 14584] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14587] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14586] <... futex resumed>) = 1 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14583] <... futex resumed>) = 0 [pid 411] lstat("./519/bus", [pid 14584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14583] <... futex resumed>) = 0 [pid 14588] <... futex resumed>) = 0 [pid 14586] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14584] <... futex resumed>) = 0 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14587] <... open resumed>) = 4 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14600] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14588] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14587] <... futex resumed>) = 1 [pid 14585] <... futex resumed>) = 0 [pid 14600] <... write resumed>) = 1048576 [pid 14600] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14600] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 258.044823][T14592] loop0: detected capacity change from 0 to 2048 [ 258.071642][T14587] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/519/bus supports timestamps until 2038 (0x7fffffff) [ 258.091336][T14592] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/513/bus supports timestamps until 2038 (0x7fffffff) [pid 14600] ioctl(4, LOOP_SET_FD, 3 [pid 14588] <... write resumed>) = 196608 [pid 14587] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14587] <... openat resumed>) = 5 [pid 14585] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14588] <... futex resumed>) = 1 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14584] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "./519/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14588] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14587] <... futex resumed>) = 0 [pid 14585] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14588] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14587] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 14588] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14587] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14585] <... futex resumed>) = 0 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] fstat(4, [pid 14587] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14588] <... mount resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14600] <... ioctl resumed>) = 0 [pid 14600] close(3) = 0 [pid 14600] mkdir("./bus", 0777) = 0 [pid 14600] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14587] <... write resumed>) = 196608 [pid 14592] <... mount resumed>) = 0 [pid 411] getdents64(4, [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14592] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14588] <... futex resumed>) = 1 [pid 14584] <... futex resumed>) = 0 [pid 14585] <... futex resumed>) = 0 [pid 14588] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14587] <... futex resumed>) = 1 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(4, [pid 14588] <... open resumed>) = 6 [pid 14585] <... futex resumed>) = 0 [pid 14584] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14587] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] chdir("./bus") = 0 [pid 14592] ioctl(4, LOOP_CLR_FD) = 0 [pid 14592] close(4) = 0 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(4 [pid 14584] <... futex resumed>) = 0 [pid 14588] <... futex resumed>) = 1 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 411] <... close resumed>) = 0 [pid 14588] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14587] <... mount resumed>) = 0 [pid 411] rmdir("./519/bus" [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] <... futex resumed>) = 1 [pid 14592] chdir("./file0") = 0 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] <... futex resumed>) = 1 [pid 14592] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 14587] <... futex resumed>) = 1 [pid 14585] <... futex resumed>) = 0 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 14587] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14592] <... open resumed>) = 4 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14587] <... open resumed>) = 6 [pid 411] close(3 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 14585] <... futex resumed>) = 0 [pid 411] rmdir("./519" [pid 14587] <... futex resumed>) = 1 [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14587] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./520", 0777 [pid 14592] <... futex resumed>) = 1 [pid 14592] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] <... futex resumed>) = 1 [pid 411] <... mkdir resumed>) = 0 [pid 14592] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14602 [pid 14592] <... write resumed>) = 196608 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] <... futex resumed>) = 1 [pid 14592] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14586] <... write resumed>) = 1048576 [pid 14592] <... futex resumed>) = 1 [pid 14592] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14592] <... futex resumed>) = 1 [pid 14591] <... futex resumed>) = 0 [pid 14592] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] <... futex resumed>) = 1 [pid 14583] <... futex resumed>) = 0 [pid 14591] <... futex resumed>) = 0 [pid 14583] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14586] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14583] <... futex resumed>) = 0 [pid 14583] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14602 attached [pid 14592] <... write resumed>) = 1048576 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14591] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] <... futex resumed>) = 1 [ 258.111783][T14600] loop3: detected capacity change from 0 to 2048 [pid 14592] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14602] set_robust_list(0x555555f755e0, 24 [pid 14584] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14585] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14585] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14585] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14585] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14585] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14604], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14604 [pid 14585] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14585] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14602] <... set_robust_list resumed>) = 0 [pid 14602] chdir("./520") = 0 [pid 14602] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14602] setpgid(0, 0) = 0 [pid 14602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14602] write(3, "1000", 4) = 4 [pid 14602] close(3) = 0 [pid 14602] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14602] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14602] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14602] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14605], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14605 [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14605 attached [pid 14605] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14605] memfd_create("syzkaller", 0) = 3 [pid 14605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14584] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14605] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14605] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14605] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 258.159812][T14586] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.160914][T14592] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.182642][T14600] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/523/bus supports timestamps until 2038 (0x7fffffff) [pid 14605] ioctl(4, LOOP_SET_FD, 3 [pid 14583] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14591] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14591] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14591] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14591] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14606], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14606 [pid 14591] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14591] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14605] <... ioctl resumed>) = 0 [pid 14605] close(3) = 0 [pid 14605] mkdir("./bus", 0777) = 0 [pid 14605] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14600] <... mount resumed>) = 0 [pid 14600] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14600] chdir("./bus") = 0 [pid 14600] ioctl(4, LOOP_CLR_FD) = 0 [pid 14600] close(4) = 0 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14597] <... futex resumed>) = 0 [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14600] <... futex resumed>) = 1 [pid 14600] chdir("./file0") = 0 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14597] <... futex resumed>) = 0 [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14600] <... futex resumed>) = 1 [pid 14600] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 14604 attached [pid 14604] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14604] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14600] <... open resumed>) = 4 [pid 14588] <... write resumed>) = 1048576 [pid 14587] <... write resumed>) = 1048576 [pid 14584] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14583] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14606 attached [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14586] <... openat resumed>) = 7 [pid 14584] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14583] <... futex resumed>) = 0 [pid 14606] set_robust_list(0x7f1c2a1159e0, 24 [pid 14600] <... futex resumed>) = 1 [pid 14597] <... futex resumed>) = 0 [pid 14592] <... openat resumed>) = 7 [pid 14588] <... futex resumed>) = 0 [pid 14587] <... futex resumed>) = 0 [pid 14586] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] <... mprotect resumed>) = 0 [pid 14583] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14606] <... set_robust_list resumed>) = 0 [pid 14600] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14592] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14588] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14587] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14586] <... futex resumed>) = 0 [pid 14584] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14583] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14606] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14585] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14585] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14585] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14597] <... futex resumed>) = 0 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14592] <... futex resumed>) = 0 [pid 14592] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14587] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14587] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14586] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14584] <... clone resumed>, parent_tid=[14607], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14607 [pid 14584] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14584] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14607 attached [pid 14607] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 258.207393][T14605] loop4: detected capacity change from 0 to 2048 [ 258.211186][T14592] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 258.222415][T14586] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 258.229144][T14604] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.245568][T14604] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14607] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14606] <... openat resumed>) = 8 [pid 14604] <... openat resumed>) = 7 [pid 14600] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14587] <... openat resumed>) = 8 [pid 14583] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14606] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14600] <... openat resumed>) = 5 [pid 14587] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14583] <... mprotect resumed>) = 0 [pid 14606] <... futex resumed>) = 1 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14591] <... futex resumed>) = 0 [pid 14587] <... futex resumed>) = 1 [pid 14585] <... futex resumed>) = 0 [pid 14583] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14606] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14600] <... futex resumed>) = 1 [pid 14591] exit_group(0 [pid 14587] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14606] <... futex resumed>) = ? [pid 14600] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14592] <... futex resumed>) = ? [pid 14591] <... exit_group resumed>) = ? [pid 14583] <... clone resumed>, parent_tid=[14608], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14608 [pid 14606] +++ exited with 0 +++ [pid 14592] +++ exited with 0 +++ [pid 14591] +++ exited with 0 +++ [pid 14583] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14591, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14583] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./513/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./513/binderfs") = 0 [pid 407] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14604] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14604] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14608 attached [pid 14608] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14608] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14585] exit_group(0 [pid 14587] <... futex resumed>) = ? [pid 14585] <... exit_group resumed>) = ? [pid 14587] +++ exited with 0 +++ [pid 14604] <... futex resumed>) = ? [pid 14597] <... futex resumed>) = 0 [pid 14608] <... openat resumed>) = 8 [pid 14608] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14604] +++ exited with 0 +++ [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14585] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14585, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14607] <... openat resumed>) = 7 [pid 14607] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14584] <... futex resumed>) = 0 [pid 14584] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14588] <... futex resumed>) = 0 [pid 14584] <... futex resumed>) = 1 [pid 14588] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14584] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14588] <... openat resumed>) = 8 [pid 14588] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14584] <... futex resumed>) = 0 [pid 14588] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14584] exit_group(0 [pid 14588] <... futex resumed>) = ? [pid 14584] <... exit_group resumed>) = ? [pid 14588] +++ exited with 0 +++ [pid 14607] <... futex resumed>) = ? [pid 408] umount2("./519", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, [pid 14608] <... futex resumed>) = 1 [pid 14600] <... futex resumed>) = 0 [pid 14597] <... futex resumed>) = 1 [pid 14583] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14600] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14583] exit_group(0 [pid 408] umount2("./519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14600] <... write resumed>) = 196608 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14586] <... futex resumed>) = ? [pid 14583] <... exit_group resumed>) = ? [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14607] +++ exited with 0 +++ [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14597] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14586] +++ exited with 0 +++ [pid 14584] +++ exited with 0 +++ [pid 408] lstat("./519/binderfs", [pid 14600] <... futex resumed>) = 0 [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14600] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14584, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] unlink("./519/binderfs" [pid 14600] <... mount resumed>) = 0 [pid 14597] <... futex resumed>) = 0 [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 408] <... unlink resumed>) = 0 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... restart_syscall resumed>) = 0 [pid 14608] +++ exited with 0 +++ [pid 14600] <... futex resumed>) = 0 [pid 14583] +++ exited with 0 +++ [pid 408] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14600] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14597] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14583, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... openat resumed>) = 3 [pid 409] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] fstat(3, [pid 409] <... openat resumed>) = 3 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] fstat(3, [pid 412] getdents64(3, [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] getdents64(3, [pid 412] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] lstat("./516/binderfs", [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] lstat("./514/binderfs", [pid 412] unlink("./516/binderfs" [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] <... unlink resumed>) = 0 [pid 409] unlink("./514/binderfs" [pid 412] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14600] <... futex resumed>) = 0 [pid 14597] <... futex resumed>) = 1 [pid 14600] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14600] <... open resumed>) = 6 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14597] <... futex resumed>) = 0 [pid 14600] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14597] <... futex resumed>) = 0 [pid 14600] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14605] <... mount resumed>) = 0 [pid 14605] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14605] chdir("./bus") = 0 [pid 14605] ioctl(4, LOOP_CLR_FD) = 0 [pid 14605] close(4 [pid 14600] <... write resumed>) = 1048576 [pid 14605] <... close resumed>) = 0 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14597] <... futex resumed>) = 0 [pid 14600] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14600] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 258.249823][T14607] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.270191][T14607] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 258.293663][T14605] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/520/bus supports timestamps until 2038 (0x7fffffff) [pid 14605] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14602] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./513/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./513/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./513/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./513/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./513") = 0 [pid 407] mkdir("./514", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14611 [pid 14605] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14611 attached [pid 14605] chdir("./file0" [pid 14611] set_robust_list(0x555555f755e0, 24 [pid 14605] <... chdir resumed>) = 0 [pid 14611] <... set_robust_list resumed>) = 0 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] chdir("./514" [pid 14605] <... futex resumed>) = 1 [pid 14602] <... futex resumed>) = 0 [pid 14611] <... chdir resumed>) = 0 [pid 14605] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14605] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14602] <... futex resumed>) = 0 [pid 14611] <... prctl resumed>) = 0 [pid 14611] setpgid(0, 0) = 0 [pid 14611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14611] write(3, "1000", 4) = 4 [pid 14611] close(3) = 0 [pid 14611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14611] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14611] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14612], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14612 [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14605] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14612 attached [pid 14605] <... open resumed>) = 4 [pid 14600] <... openat resumed>) = 7 [pid 14612] set_robust_list(0x7f1c324369e0, 24 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14612] <... set_robust_list resumed>) = 0 [pid 14605] <... futex resumed>) = 1 [pid 14602] <... futex resumed>) = 0 [pid 14600] <... futex resumed>) = 1 [pid 14597] <... futex resumed>) = 0 [pid 14612] memfd_create("syzkaller", 0 [pid 14605] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14597] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14612] <... memfd_create resumed>) = 3 [pid 14605] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14602] <... futex resumed>) = 0 [pid 14600] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14597] <... futex resumed>) = 0 [pid 14612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14605] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14597] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14612] <... mmap resumed>) = 0x7f1c2a016000 [pid 14605] <... openat resumed>) = 5 [pid 14600] <... openat resumed>) = 8 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14602] <... futex resumed>) = 0 [pid 14605] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14605] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14602] <... futex resumed>) = 0 [pid 14605] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14605] <... write resumed>) = 196608 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14602] <... futex resumed>) = 0 [pid 14605] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14605] <... mount resumed>) = 0 [pid 14602] <... futex resumed>) = 0 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14605] <... futex resumed>) = 0 [pid 14602] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14605] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14605] <... open resumed>) = 6 [pid 14602] <... futex resumed>) = 0 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14600] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14605] <... futex resumed>) = 1 [pid 14602] <... futex resumed>) = 0 [pid 14605] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14600] <... futex resumed>) = 1 [pid 14597] <... futex resumed>) = 0 [pid 14597] exit_group(0) = ? [pid 14600] +++ exited with 0 +++ [pid 14597] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14597, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 14612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... restart_syscall resumed>) = 0 [pid 410] umount2("./523", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./523/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 258.316663][T14600] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.344461][T14600] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 410] unlink("./523/binderfs" [pid 14612] <... write resumed>) = 1048576 [pid 410] <... unlink resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 410] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14612] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14612] ioctl(4, LOOP_SET_FD, 3 [pid 408] <... umount2 resumed>) = 0 [pid 14612] <... ioctl resumed>) = 0 [pid 14612] close(3) = 0 [pid 14612] mkdir("./bus", 0777) = 0 [pid 14612] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./516/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./516/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./516/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./516") = 0 [pid 412] mkdir("./517", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14613 ./strace-static-x86_64: Process 14613 attached [pid 14613] set_robust_list(0x555555f755e0, 24) = 0 [pid 14613] chdir("./517") = 0 [pid 14613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14613] setpgid(0, 0) = 0 [pid 14613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14613] write(3, "1000", 4) = 4 [pid 14613] close(3) = 0 [pid 14613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14613] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14613] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14614], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14614 [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14614 attached [pid 14614] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14614] memfd_create("syzkaller", 0) = 3 [pid 14614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 409] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./514/bus", [pid 408] lstat("./519/bus", [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] openat(AT_FDCWD, "./514/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... openat resumed>) = 4 [pid 408] openat(AT_FDCWD, "./519/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... openat resumed>) = 4 [pid 14614] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 409] getdents64(4, [pid 408] fstat(4, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] getdents64(4, [pid 409] close(4 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... close resumed>) = 0 [pid 408] getdents64(4, [pid 409] rmdir("./514/bus" [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 408] close(4 [pid 409] getdents64(3, [pid 408] <... close resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] rmdir("./519/bus") = 0 [pid 409] close(3) = 0 [pid 408] getdents64(3, [pid 409] rmdir("./514" [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./515", 0777 [pid 408] close(3 [pid 409] <... mkdir resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./519" [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 408] <... rmdir resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 408] mkdir("./520", 0777 [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] <... mkdir resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 409] close(3 [pid 14614] <... write resumed>) = 1048576 [pid 14614] munmap(0x7f1c2a016000, 1048576 [pid 408] <... openat resumed>) = 3 [pid 409] <... close resumed>) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14614] <... munmap resumed>) = 0 [pid 14614] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14614] ioctl(4, LOOP_SET_FD, 3 [pid 408] close(3) = 0 ./strace-static-x86_64: Process 14615 attached [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14615 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14602] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14602] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14602] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14616 [pid 14602] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14602] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14602] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14617], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14617 [pid 14602] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14602] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14614] <... ioctl resumed>) = 0 [pid 14614] close(3) = 0 [pid 14614] mkdir("./bus", 0777) = 0 [pid 14614] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14615] set_robust_list(0x555555f755e0, 24) = 0 [pid 14615] chdir("./515") = 0 [pid 14615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14615] setpgid(0, 0) = 0 [pid 14615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14615] write(3, "1000", 4) = 4 [pid 14615] close(3) = 0 [pid 14615] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14615] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14615] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14618], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14618 [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14618 attached [pid 14618] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14618] memfd_create("syzkaller", 0) = 3 [pid 14618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14605] <... write resumed>) = 1048576 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14605] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14616 attached [pid 14616] set_robust_list(0x555555f755e0, 24) = 0 [pid 14616] chdir("./520") = 0 [pid 14616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14616] setpgid(0, 0 [pid 14618] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14616] <... setpgid resumed>) = 0 [pid 14616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14616] write(3, "1000", 4) = 4 [pid 14616] close(3) = 0 [pid 14616] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14616] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14616] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14616] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14621], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14621 ./strace-static-x86_64: Process 14617 attached [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14617] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14616] <... futex resumed>) = 0 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [ 258.374119][T14612] loop0: detected capacity change from 0 to 2048 [ 258.405930][T14614] loop5: detected capacity change from 0 to 2048 [pid 14617] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14618] <... write resumed>) = 1048576 [pid 14618] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14618] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14618] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14621 attached ) = 0 [pid 14618] close(3) = 0 [pid 14618] mkdir("./bus", 0777) = 0 [pid 14618] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14621] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14621] memfd_create("syzkaller", 0) = 3 [pid 14621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14602] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14602] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14602] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14602] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14621] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14621] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14621] ioctl(4, LOOP_SET_FD, 3 [pid 410] <... umount2 resumed>) = 0 [pid 14621] <... ioctl resumed>) = 0 [pid 14621] close(3) = 0 [pid 14621] mkdir("./bus", 0777) = 0 [ 258.436090][T14617] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.437491][T14618] loop2: detected capacity change from 0 to 2048 [ 258.451874][T14614] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/517/bus supports timestamps until 2038 (0x7fffffff) [ 258.469017][T14617] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 258.471205][T14621] loop1: detected capacity change from 0 to 2048 [pid 14621] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14614] <... mount resumed>) = 0 [pid 14614] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14605] <... futex resumed>) = 0 [pid 14605] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14614] <... openat resumed>) = 3 [pid 14614] chdir("./bus") = 0 [pid 14614] ioctl(4, LOOP_CLR_FD) = 0 [pid 14614] close(4) = 0 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] <... futex resumed>) = 0 [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14614] <... futex resumed>) = 1 [pid 14614] chdir("./file0") = 0 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] <... futex resumed>) = 0 [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14614] <... futex resumed>) = 1 [pid 14614] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14612] <... mount resumed>) = 0 [pid 14612] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14612] chdir("./bus") = 0 [pid 14612] ioctl(4, LOOP_CLR_FD) = 0 [pid 14612] close(4) = 0 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] <... futex resumed>) = 0 [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14612] <... futex resumed>) = 1 [pid 14612] chdir("./file0" [pid 410] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./523/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14617] <... openat resumed>) = 7 [pid 14614] <... open resumed>) = 4 [pid 14617] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14617] <... futex resumed>) = 0 [pid 14614] <... futex resumed>) = 1 [pid 14613] <... futex resumed>) = 0 [pid 14605] <... openat resumed>) = 8 [pid 410] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./523/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14617] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14614] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14613] <... futex resumed>) = 0 [pid 14605] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14614] <... openat resumed>) = 5 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14605] <... futex resumed>) = 1 [pid 14602] <... futex resumed>) = 0 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14605] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14602] exit_group(0 [pid 14614] <... futex resumed>) = 0 [pid 14617] <... futex resumed>) = 0 [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14602] <... exit_group resumed>) = ? [pid 14617] +++ exited with 0 +++ [pid 14614] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14605] <... futex resumed>) = ? [pid 14613] <... futex resumed>) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./523/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./523" [pid 14614] <... write resumed>) = 196608 [pid 14605] +++ exited with 0 +++ [pid 14602] +++ exited with 0 +++ [pid 410] <... rmdir resumed>) = 0 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14602, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] mkdir("./524", 0777) = 0 [pid 411] umount2("./520", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 3 [pid 411] openat(AT_FDCWD, "./520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] ioctl(3, LOOP_CLR_FD [pid 411] <... openat resumed>) = 3 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] fstat(3, [pid 410] close(3 [pid 14614] <... futex resumed>) = 1 [pid 14613] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 14613] <... futex resumed>) = 0 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] <... close resumed>) = 0 [pid 411] umount2("./520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] lstat("./520/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./520/binderfs" [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14624 [pid 411] <... unlink resumed>) = 0 [pid 411] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14612] <... chdir resumed>) = 0 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14611] <... futex resumed>) = 0 [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14614] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14614] <... mount resumed>) = 0 [pid 14612] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14613] <... futex resumed>) = 0 [pid 14614] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14614] <... open resumed>) = 6 [pid 14613] <... futex resumed>) = 0 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14614] <... futex resumed>) = 0 [pid 14613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14612] <... open resumed>) = 4 [pid 14614] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14613] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] <... futex resumed>) = 0 [pid 14613] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14624 attached [pid 14624] set_robust_list(0x555555f755e0, 24) = 0 [pid 14624] chdir("./524") = 0 [pid 14624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14624] setpgid(0, 0) = 0 [pid 14611] <... futex resumed>) = 0 [pid 14612] <... futex resumed>) = 1 [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14612] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14611] <... futex resumed>) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14612] <... openat resumed>) = 5 [pid 14624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14624] write(3, "1000", 4) = 4 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14611] <... futex resumed>) = 0 [pid 14612] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14624] close(3) = 0 [pid 14624] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14624] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14624] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14626], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14626 [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14612] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14612] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14626 attached [pid 14626] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14626] memfd_create("syzkaller", 0) = 3 [pid 14626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 258.482242][T14612] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/514/bus supports timestamps until 2038 (0x7fffffff) [pid 14626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./520/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14626] <... write resumed>) = 1048576 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./520/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 14612] <... write resumed>) = 196608 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 14612] <... futex resumed>) = 1 [pid 14611] <... futex resumed>) = 0 [pid 411] rmdir("./520/bus" [pid 14612] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14612] <... mount resumed>) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... rmdir resumed>) = 0 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 14612] <... futex resumed>) = 1 [pid 14611] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14612] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 14611] <... futex resumed>) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... close resumed>) = 0 [pid 14612] <... open resumed>) = 6 [pid 411] rmdir("./520" [pid 14626] munmap(0x7f1c2a016000, 1048576 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 14612] <... futex resumed>) = 1 [pid 14611] <... futex resumed>) = 0 [pid 411] mkdir("./521", 0777 [pid 14612] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 14626] <... munmap resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 14626] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14626] ioctl(4, LOOP_SET_FD, 3 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14629 [pid 14626] <... ioctl resumed>) = 0 [pid 14626] close(3) = 0 [pid 14626] mkdir("./bus", 0777) = 0 [pid 14626] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14629 attached [pid 14629] set_robust_list(0x555555f755e0, 24) = 0 [pid 14629] chdir("./521") = 0 [pid 14629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14629] setpgid(0, 0) = 0 [pid 14629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14629] write(3, "1000", 4) = 4 [pid 14629] close(3) = 0 [pid 14629] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14629] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14629] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14630], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14630 [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14630 attached [pid 14630] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14630] memfd_create("syzkaller", 0) = 3 [pid 14630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14613] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14613] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14612] <... write resumed>) = 1048576 [pid 14613] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14613] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14632], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14632 [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] <... futex resumed>) = 0 [pid 14613] <... futex resumed>) = 0 [pid 14612] <... futex resumed>) = 1 [pid 14611] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14612] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14611] <... futex resumed>) = 0 [pid 14611] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14630] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14630] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14630] close(3) = 0 [pid 14630] mkdir("./bus", 0777) = 0 [pid 14630] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14621] <... mount resumed>) = 0 [pid 14621] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14621] chdir("./bus") = 0 [pid 14621] ioctl(4, LOOP_CLR_FD) = 0 [pid 14621] close(4) = 0 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14616] <... futex resumed>) = 0 [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] chdir("./file0") = 0 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14616] <... futex resumed>) = 0 [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14621] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14632 attached [pid 14632] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 258.562783][T14626] loop3: detected capacity change from 0 to 2048 [ 258.578755][T14621] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/520/bus supports timestamps until 2038 (0x7fffffff) [ 258.592926][T14612] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.599648][T14630] loop4: detected capacity change from 0 to 2048 [pid 14632] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14621] <... open resumed>) = 4 [pid 14613] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14611] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] <... futex resumed>) = 1 [pid 14616] <... futex resumed>) = 0 [pid 14613] <... futex resumed>) = 0 [pid 14611] <... futex resumed>) = 0 [pid 14621] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14616] <... futex resumed>) = 0 [pid 14613] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 14611] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14621] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14613] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 14611] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14621] <... openat resumed>) = 5 [pid 14613] <... mprotect resumed>) = 0 [pid 14611] <... mprotect resumed>) = 0 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14611] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14621] <... futex resumed>) = 1 [pid 14616] <... futex resumed>) = 0 [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14616] <... futex resumed>) = 0 [pid 14613] <... clone resumed>, parent_tid=[14634], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 14634 [pid 14611] <... clone resumed>, parent_tid=[14635], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14635 [pid 14618] <... mount resumed>) = 0 [pid 14618] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14621] <... write resumed>) = 196608 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14611] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14635 attached ./strace-static-x86_64: Process 14634 attached [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14618] <... openat resumed>) = 3 [pid 14614] <... write resumed>) = 1048576 [pid 14613] <... futex resumed>) = 0 [pid 14612] <... openat resumed>) = 7 [ 258.621999][T14618] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/515/bus supports timestamps until 2038 (0x7fffffff) [ 258.622025][T14632] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.652139][T14612] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 258.652184][T14632] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14611] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14635] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14635] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14635] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14635] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14634] set_robust_list(0x7f1c2a0f49e0, 24) = 0 [pid 14634] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14621] <... futex resumed>) = 1 [pid 14621] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14618] chdir("./bus") = 0 [pid 14618] ioctl(4, LOOP_CLR_FD) = 0 [pid 14618] close(4) = 0 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14615] <... futex resumed>) = 0 [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14618] chdir("./file0" [pid 14630] <... mount resumed>) = 0 [pid 14616] <... futex resumed>) = 0 [pid 14614] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14612] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14614] <... futex resumed>) = 0 [pid 14612] <... futex resumed>) = 0 [pid 14614] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14612] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14630] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14630] chdir("./bus") = 0 [pid 14630] ioctl(4, LOOP_CLR_FD) = 0 [pid 14630] close(4) = 0 [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14630] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14618] <... chdir resumed>) = 0 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14618] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14632] <... openat resumed>) = 7 [pid 14632] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14632] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14629] <... futex resumed>) = 0 [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14611] exit_group(0 [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14615] <... futex resumed>) = 0 [pid 14611] <... exit_group resumed>) = ? [pid 14616] <... futex resumed>) = 1 [pid 14612] <... futex resumed>) = ? [pid 14629] <... futex resumed>) = 1 [pid 14621] <... futex resumed>) = 0 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14612] +++ exited with 0 +++ [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14615] <... futex resumed>) = 1 [pid 14618] <... futex resumed>) = 0 [pid 14630] <... futex resumed>) = 0 [pid 14621] <... mount resumed>) = 0 [pid 14618] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14630] chdir("./file0" [pid 14635] <... futex resumed>) = ? [pid 14634] <... openat resumed>) = 8 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] <... futex resumed>) = 1 [pid 14616] <... futex resumed>) = 0 [pid 14618] <... open resumed>) = 4 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14630] <... chdir resumed>) = 0 [pid 14621] <... open resumed>) = 6 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14634] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] <... futex resumed>) = 1 [pid 14618] <... futex resumed>) = 1 [pid 14616] <... futex resumed>) = 0 [pid 14615] <... futex resumed>) = 0 [pid 14634] <... futex resumed>) = 1 [pid 14630] <... futex resumed>) = 1 [pid 14629] <... futex resumed>) = 0 [pid 14621] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14618] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14613] <... futex resumed>) = 0 [pid 14634] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14630] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14618] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14616] <... futex resumed>) = 0 [pid 14615] <... futex resumed>) = 0 [pid 14630] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14629] <... futex resumed>) = 0 [pid 14621] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14618] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14613] exit_group(0 [pid 14630] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14626] <... mount resumed>) = 0 [pid 14626] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14626] chdir("./bus") = 0 [pid 14626] ioctl(4, LOOP_CLR_FD) = 0 [pid 14626] close(4) = 0 [pid 14613] <... exit_group resumed>) = ? [pid 14632] <... futex resumed>) = ? [pid 14632] +++ exited with 0 +++ [pid 14614] <... futex resumed>) = ? [pid 14614] +++ exited with 0 +++ [pid 14618] <... openat resumed>) = 5 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14618] <... futex resumed>) = 1 [pid 14615] <... futex resumed>) = 0 [pid 14618] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14626] <... futex resumed>) = 1 [pid 14626] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14635] +++ exited with 0 +++ [pid 14611] +++ exited with 0 +++ [pid 14618] <... write resumed>) = 196608 [pid 14624] <... futex resumed>) = 0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14611, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14630] <... open resumed>) = 4 [pid 407] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] fstat(3, [pid 14634] <... futex resumed>) = ? [pid 14630] <... futex resumed>) = 1 [pid 14629] <... futex resumed>) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14630] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14618] <... futex resumed>) = 1 [pid 14615] <... futex resumed>) = 0 [pid 14629] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 14630] <... openat resumed>) = 5 [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14615] <... futex resumed>) = 0 [pid 14630] <... futex resumed>) = 1 [pid 14629] <... futex resumed>) = 0 [pid 407] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14630] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14618] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14629] <... futex resumed>) = 0 [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14626] <... futex resumed>) = 0 [pid 407] lstat("./514/binderfs", [pid 14626] chdir("./file0") = 0 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14626] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./514/binderfs") = 0 [pid 14618] <... mount resumed>) = 0 [pid 407] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14626] <... open resumed>) = 4 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14626] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14626] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14634] +++ exited with 0 +++ [pid 14630] <... write resumed>) = 196608 [pid 14618] <... futex resumed>) = 1 [pid 14615] <... futex resumed>) = 0 [pid 14613] +++ exited with 0 +++ [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14613, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14615] <... futex resumed>) = 0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14630] <... futex resumed>) = 1 [pid 14629] <... futex resumed>) = 0 [pid 14618] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14630] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14618] <... open resumed>) = 6 [pid 412] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14630] <... mount resumed>) = 0 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14618] <... futex resumed>) = 1 [pid 14615] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 14630] <... futex resumed>) = 1 [pid 14629] <... futex resumed>) = 0 [pid 14618] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] fstat(3, [pid 14630] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14615] <... futex resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14629] <... futex resumed>) = 0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(3, [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./517/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./517/binderfs" [pid 14626] <... write resumed>) = 196608 [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14626] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 258.670443][T14630] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/521/bus supports timestamps until 2038 (0x7fffffff) [ 258.681266][T14626] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/524/bus supports timestamps until 2038 (0x7fffffff) [pid 407] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./514/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14630] <... open resumed>) = 6 [pid 407] umount2("./514/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14629] <... futex resumed>) = 0 [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14630] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./514/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./514/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./514") = 0 [pid 14626] <... futex resumed>) = 0 [pid 407] mkdir("./515", 0777 [pid 14626] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 407] <... mkdir resumed>) = 0 [pid 14626] <... mount resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = 0 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] close(3 [pid 14626] <... futex resumed>) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14626] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] <... write resumed>) = 1048576 [pid 407] <... close resumed>) = 0 [pid 14624] <... futex resumed>) = 0 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14626] <... open resumed>) = 6 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] <... futex resumed>) = 1 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14618] <... write resumed>) = 1048576 [pid 14616] <... futex resumed>) = 0 [pid 14626] <... futex resumed>) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14639 attached [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14621] <... futex resumed>) = 0 [pid 14616] <... futex resumed>) = 1 [pid 14626] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14624] <... futex resumed>) = 0 [pid 14621] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14618] <... futex resumed>) = 1 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14615] <... futex resumed>) = 0 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14639 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14618] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14639] set_robust_list(0x555555f755e0, 24 [pid 14618] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14615] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 14639] <... set_robust_list resumed>) = 0 [pid 14618] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14639] chdir("./515") = 0 [pid 14639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14639] setpgid(0, 0) = 0 [pid 14639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14639] write(3, "1000", 4) = 4 [pid 14639] close(3) = 0 [pid 14639] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14639] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14639] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14640], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14640 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14640 attached [pid 14640] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14640] memfd_create("syzkaller", 0) = 3 [pid 14640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14640] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14640] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14640] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14629] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./517/bus", [pid 14629] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14630] <... write resumed>) = 1048576 [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14630] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./517/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./517/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./517") = 0 [pid 412] mkdir("./518", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14641 [ 258.754820][T14621] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.775923][T14618] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.795416][T14621] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem ./strace-static-x86_64: Process 14641 attached [pid 14629] <... futex resumed>) = 0 [pid 14626] <... write resumed>) = 1048576 [pid 14621] <... openat resumed>) = 7 [pid 14629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14629] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14626] <... futex resumed>) = 1 [pid 14624] <... futex resumed>) = 0 [pid 14629] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14626] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14624] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14641] set_robust_list(0x555555f755e0, 24 [pid 14629] <... mprotect resumed>) = 0 [pid 14624] <... futex resumed>) = 0 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14629] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14642], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14642 [pid 14629] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14629] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14621] <... futex resumed>) = 1 [pid 14621] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14641] <... set_robust_list resumed>) = 0 [pid 14641] chdir("./518") = 0 [pid 14641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14641] setpgid(0, 0) = 0 [pid 14641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14641] write(3, "1000", 4) = 4 [pid 14641] close(3) = 0 [pid 14641] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14641] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14641] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14641] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14643], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14643 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14643 attached [pid 14643] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14643] memfd_create("syzkaller", 0) = 3 [pid 14643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14643] munmap(0x7f1c2a016000, 1048576 [pid 14616] <... futex resumed>) = 0 [pid 14624] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14618] <... openat resumed>) = 7 [pid 14616] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14640] <... openat resumed>) = 4 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14640] ioctl(4, LOOP_SET_FD, 3 [pid 14618] <... futex resumed>) = 1 ./strace-static-x86_64: Process 14642 attached [pid 14621] <... futex resumed>) = 0 [pid 14618] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14616] <... futex resumed>) = 1 [pid 14615] <... futex resumed>) = 0 [pid 14621] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14621] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14621] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14643] <... munmap resumed>) = 0 [pid 14643] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14643] ioctl(4, LOOP_SET_FD, 3 [pid 14642] set_robust_list(0x7f1c2a1159e0, 24 [pid 14616] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14615] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14640] <... ioctl resumed>) = 0 [pid 14640] close(3) = 0 [pid 14640] mkdir("./bus", 0777) = 0 [pid 14640] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14642] <... set_robust_list resumed>) = 0 [pid 14618] <... futex resumed>) = 0 [pid 14616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14615] <... futex resumed>) = 1 [pid 14618] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14616] exit_group(0 [pid 14615] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14642] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14618] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 258.799678][T14618] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 258.806096][T14626] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.827884][T14640] loop0: detected capacity change from 0 to 2048 [ 258.830275][T14626] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 258.836240][T14643] loop5: detected capacity change from 0 to 2048 [pid 14618] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14629] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14621] <... futex resumed>) = ? [pid 14616] <... exit_group resumed>) = ? [pid 14615] <... futex resumed>) = 0 [pid 14621] +++ exited with 0 +++ [pid 14615] exit_group(0 [pid 14629] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14630] <... futex resumed>) = 0 [pid 14629] <... futex resumed>) = 1 [pid 14630] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14616] +++ exited with 0 +++ [pid 14615] <... exit_group resumed>) = ? [pid 14618] <... futex resumed>) = ? [pid 14618] +++ exited with 0 +++ [pid 14629] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14643] <... ioctl resumed>) = 0 [pid 14643] close(3) = 0 [pid 14643] mkdir("./bus", 0777) = 0 [pid 14643] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14615] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14616, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14615, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 409] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./520", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... openat resumed>) = 3 [pid 408] <... openat resumed>) = 3 [pid 409] fstat(3, [pid 408] fstat(3, [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, [pid 408] getdents64(3, [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./515/binderfs", [pid 408] lstat("./520/binderfs", [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./515/binderfs" [pid 408] unlink("./520/binderfs" [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14624] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14624] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14624] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14624] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14645], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14645 [pid 14624] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14624] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14645 attached [pid 409] <... umount2 resumed>) = 0 [pid 14645] set_robust_list(0x7f1c2a1159e0, 24 [pid 409] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14645] <... set_robust_list resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14645] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] lstat("./515/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./515/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 14645] <... openat resumed>) = 8 [pid 14626] <... openat resumed>) = 7 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14645] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14626] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(4, [pid 14645] <... futex resumed>) = 1 [pid 14626] <... futex resumed>) = 0 [pid 14624] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14645] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14626] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14624] exit_group(0 [pid 409] close(4 [pid 14624] <... exit_group resumed>) = ? [pid 14626] <... futex resumed>) = ? [pid 409] <... close resumed>) = 0 [pid 14645] <... futex resumed>) = ? [pid 14626] +++ exited with 0 +++ [ 258.852131][T14642] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.889943][T14642] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 409] rmdir("./515/bus" [pid 14645] +++ exited with 0 +++ [pid 14624] +++ exited with 0 +++ [pid 409] <... rmdir resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14624, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3 [pid 410] umount2("./524", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] rmdir("./515" [pid 410] openat(AT_FDCWD, "./524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... rmdir resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 409] mkdir("./516", 0777 [pid 410] fstat(3, [pid 409] <... mkdir resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./524/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./524/binderfs") = 0 [pid 410] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14642] <... openat resumed>) = 7 [pid 14642] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14642] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14630] <... openat resumed>) = 8 [pid 14630] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14640] <... mount resumed>) = 0 [pid 14630] <... futex resumed>) = 1 [pid 14629] <... futex resumed>) = 0 [pid 14640] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14630] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14629] exit_group(0 [pid 14642] <... futex resumed>) = ? [pid 14630] <... futex resumed>) = ? [pid 14629] <... exit_group resumed>) = ? [pid 14640] <... openat resumed>) = 3 [pid 14640] chdir("./bus") = 0 [pid 14640] ioctl(4, LOOP_CLR_FD) = 0 [pid 14640] close(4 [pid 14642] +++ exited with 0 +++ [pid 14640] <... close resumed>) = 0 [pid 14630] +++ exited with 0 +++ [pid 14629] +++ exited with 0 +++ [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14639] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14640] <... futex resumed>) = 1 [pid 14640] chdir("./file0") = 0 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14639] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14640] <... futex resumed>) = 1 [pid 14640] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14639] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14640] <... futex resumed>) = 1 [pid 14640] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14639] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14640] <... futex resumed>) = 1 [pid 14640] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 409] <... openat resumed>) = 3 [pid 408] <... umount2 resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14629, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 411] umount2("./521", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... close resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] openat(AT_FDCWD, "./521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14650 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./521/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./521/binderfs") = 0 [pid 411] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./520/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./520/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./520/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./520") = 0 [pid 408] mkdir("./521", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14651 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14639] <... futex resumed>) = 0 [pid 14640] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14640] <... mount resumed>) = 0 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14639] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14640] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14639] <... futex resumed>) = 0 [pid 14640] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14650 attached [pid 14650] set_robust_list(0x555555f755e0, 24./strace-static-x86_64: Process 14651 attached ) = 0 [pid 14650] chdir("./516" [pid 14651] set_robust_list(0x555555f755e0, 24 [pid 14650] <... chdir resumed>) = 0 [pid 14651] <... set_robust_list resumed>) = 0 [pid 14650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14651] chdir("./521" [pid 14650] setpgid(0, 0 [pid 14643] <... mount resumed>) = 0 [pid 14651] <... chdir resumed>) = 0 [pid 14650] <... setpgid resumed>) = 0 [pid 14643] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14643] <... openat resumed>) = 3 [pid 14651] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14650] <... openat resumed>) = 3 [pid 14643] chdir("./bus") = 0 [pid 14643] ioctl(4, LOOP_CLR_FD) = 0 [pid 14651] <... prctl resumed>) = 0 [pid 14650] write(3, "1000", 4) = 4 [pid 14651] setpgid(0, 0) = 0 [pid 14650] close(3 [pid 14643] close(4) = 0 [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14643] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14641] <... futex resumed>) = 0 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14651] write(3, "1000", 4) = 4 [pid 14651] close(3) = 0 [pid 14651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14651] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14651] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14652], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14652 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14652 attached [pid 14652] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14650] <... close resumed>) = 0 [pid 14650] symlink("/dev/binderfs", "./binderfs" [pid 14652] memfd_create("syzkaller", 0 [pid 14650] <... symlink resumed>) = 0 [pid 14652] <... memfd_create resumed>) = 3 [pid 14652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14650] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14650] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14643] <... futex resumed>) = 0 [pid 14650] <... mprotect resumed>) = 0 [pid 14643] chdir("./file0" [pid 14650] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14643] <... chdir resumed>) = 0 [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] <... clone resumed>, parent_tid=[14653], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14653 ./strace-static-x86_64: Process 14653 attached [pid 14643] <... futex resumed>) = 1 [pid 14641] <... futex resumed>) = 0 [pid 14640] <... write resumed>) = 1048576 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14653] set_robust_list(0x7f1c324369e0, 24 [pid 14643] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] <... futex resumed>) = 0 [pid 14641] <... futex resumed>) = 0 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14643] <... open resumed>) = 4 [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14653] <... set_robust_list resumed>) = 0 [pid 14640] <... futex resumed>) = 1 [pid 14639] <... futex resumed>) = 0 [pid 14643] <... futex resumed>) = 1 [pid 14641] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14653] memfd_create("syzkaller", 0 [pid 14643] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14640] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14639] <... futex resumed>) = 0 [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14641] <... futex resumed>) = 0 [pid 14643] <... openat resumed>) = 5 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14641] <... futex resumed>) = 0 [pid 14643] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14643] <... write resumed>) = 196608 [pid 14641] <... futex resumed>) = 0 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14641] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14643] <... futex resumed>) = 0 [pid 14641] <... futex resumed>) = 0 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 258.901144][T14640] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/515/bus supports timestamps until 2038 (0x7fffffff) [ 258.920514][T14643] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/518/bus supports timestamps until 2038 (0x7fffffff) [pid 14643] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./524/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./524/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./524/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./524") = 0 [pid 410] mkdir("./525", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14654 [pid 14652] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14652] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14652] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14652] ioctl(4, LOOP_SET_FD, 3 [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14652] <... ioctl resumed>) = 0 [pid 14652] close(3) = 0 [pid 14652] mkdir("./bus", 0777) = 0 [pid 14652] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14653] <... memfd_create resumed>) = 3 [pid 14653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] <... umount2 resumed>) = 0 [pid 14653] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./521/bus", [pid 14643] <... futex resumed>) = 1 [pid 14641] <... futex resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./521/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./521/bus") = 0 [pid 14643] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 411] getdents64(3, [pid 14643] <... open resumed>) = 6 [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14641] <... futex resumed>) = 0 [pid 411] close(3 [pid 14643] <... futex resumed>) = 1 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14643] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14641] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] rmdir("./521" [pid 14653] <... write resumed>) = 1048576 [pid 14653] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14653] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14653] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./522", 0777) = 0 [pid 14653] <... ioctl resumed>) = 0 [pid 14653] close(3) = 0 [pid 14653] mkdir("./bus", 0777 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14639] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14639] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14639] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14639] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14639] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14655 [pid 14639] <... clone resumed>, parent_tid=[14656], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14656 [pid 14639] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14639] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14653] <... mkdir resumed>) = 0 [ 258.969420][T14640] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 258.982106][T14652] loop1: detected capacity change from 0 to 2048 [ 259.006435][T14653] loop2: detected capacity change from 0 to 2048 [pid 14653] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14654 attached [pid 14654] set_robust_list(0x555555f755e0, 24) = 0 [pid 14654] chdir("./525") = 0 [pid 14654] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14654] setpgid(0, 0) = 0 [pid 14654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14654] write(3, "1000", 4) = 4 [pid 14654] close(3) = 0 [pid 14654] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14654] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14654] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14658], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14658 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14658 attached [pid 14658] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14658] memfd_create("syzkaller", 0) = 3 [pid 14658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14658] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14658] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14658] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14658] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14655 attached [pid 14655] set_robust_list(0x555555f755e0, 24) = 0 [pid 14658] <... ioctl resumed>) = 0 [pid 14658] close(3 [pid 14655] chdir("./522") = 0 [pid 14658] <... close resumed>) = 0 [pid 14655] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 14656 attached ) = 0 [pid 14656] set_robust_list(0x7f1c2a1159e0, 24 [pid 14655] setpgid(0, 0 [pid 14658] mkdir("./bus", 0777 [pid 14655] <... setpgid resumed>) = 0 [pid 14658] <... mkdir resumed>) = 0 [pid 14658] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14640] <... openat resumed>) = 7 [pid 14640] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14640] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14656] <... set_robust_list resumed>) = 0 [pid 14656] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14656] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14639] <... futex resumed>) = 0 [pid 14639] exit_group(0) = ? [pid 14640] <... futex resumed>) = ? [pid 14640] +++ exited with 0 +++ [pid 14656] <... futex resumed>) = ? [pid 14656] +++ exited with 0 +++ [pid 14639] +++ exited with 0 +++ [pid 14655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14655] write(3, "1000", 4) = 4 [pid 14655] close(3) = 0 [pid 14655] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14655] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14655] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14655] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14662], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14662 [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14662 attached [pid 14662] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14662] memfd_create("syzkaller", 0) = 3 [pid 14662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14662] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14662] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14662] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14662] ioctl(4, LOOP_SET_FD, 3 [pid 14641] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 259.021247][T14640] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 259.033412][T14658] loop3: detected capacity change from 0 to 2048 [ 259.052159][T14652] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/521/bus supports timestamps until 2038 (0x7fffffff) [ 259.062769][T14662] loop4: detected capacity change from 0 to 2048 [pid 14643] <... write resumed>) = 1048576 [pid 14641] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14639, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14662] <... ioctl resumed>) = 0 [pid 14662] close(3) = 0 [pid 14662] mkdir("./bus", 0777) = 0 [pid 14662] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14652] <... mount resumed>) = 0 [pid 14652] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14652] chdir("./bus") = 0 [pid 14652] ioctl(4, LOOP_CLR_FD) = 0 [pid 14652] close(4) = 0 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14652] <... futex resumed>) = 1 [pid 14652] chdir("./file0") = 0 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14652] <... futex resumed>) = 1 [pid 14652] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14652] <... futex resumed>) = 1 [pid 14652] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14652] <... futex resumed>) = 1 [pid 14652] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14652] <... futex resumed>) = 1 [pid 14652] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14652] <... futex resumed>) = 1 [pid 14652] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14641] <... futex resumed>) = 0 [pid 407] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14641] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14641] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 407] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14641] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 407] <... openat resumed>) = 3 [pid 14641] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] fstat(3, [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14641] <... clone resumed>, parent_tid=[14664], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14664 [pid 407] getdents64(3, [pid 14641] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14641] <... futex resumed>) = 0 [pid 407] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14641] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./515/binderfs", [pid 14643] <... futex resumed>) = 0 [pid 14643] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14664 attached [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./515/binderfs" [pid 14664] set_robust_list(0x7f1c2a1159e0, 24 [pid 407] <... unlink resumed>) = 0 [pid 407] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14664] <... set_robust_list resumed>) = 0 [pid 14664] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14653] <... mount resumed>) = 0 [pid 14652] <... futex resumed>) = 1 [pid 14652] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14653] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14653] chdir("./bus") = 0 [pid 14653] ioctl(4, LOOP_CLR_FD) = 0 [pid 14653] close(4) = 0 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14650] <... futex resumed>) = 0 [pid 14653] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14653] <... futex resumed>) = 0 [pid 14653] chdir("./file0") = 0 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14650] <... futex resumed>) = 0 [pid 14653] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14664] <... openat resumed>) = 7 [pid 14664] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14641] <... futex resumed>) = 0 [pid 14641] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14641] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14664] <... futex resumed>) = 1 [ 259.071310][T14653] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/516/bus supports timestamps until 2038 (0x7fffffff) [ 259.087413][T14664] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.109266][T14664] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14664] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14652] <... write resumed>) = 1048576 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14652] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14658] <... mount resumed>) = 0 [pid 14653] <... open resumed>) = 4 [pid 14651] <... futex resumed>) = 0 [pid 14643] <... futex resumed>) = 0 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14643] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14653] <... futex resumed>) = 1 [pid 14651] <... futex resumed>) = 1 [pid 14650] <... futex resumed>) = 0 [pid 14643] <... openat resumed>) = 8 [pid 14653] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14643] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14653] <... openat resumed>) = 5 [pid 14650] <... futex resumed>) = 0 [pid 14643] <... futex resumed>) = 1 [pid 14641] <... futex resumed>) = 0 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14643] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14641] exit_group(0 [pid 14653] <... futex resumed>) = 0 [pid 14650] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14643] <... futex resumed>) = ? [pid 14641] <... exit_group resumed>) = ? [pid 14653] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14643] +++ exited with 0 +++ [pid 14653] <... write resumed>) = 196608 [pid 14650] <... futex resumed>) = 0 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] <... futex resumed>) = 0 [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14653] <... futex resumed>) = 1 [pid 14653] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] <... futex resumed>) = 0 [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14653] <... futex resumed>) = 1 [pid 14653] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14650] <... futex resumed>) = 0 [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14653] <... futex resumed>) = 1 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14653] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14664] <... futex resumed>) = ? [pid 14664] +++ exited with 0 +++ [pid 14641] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14641, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 14658] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 412] <... restart_syscall resumed>) = 0 [pid 412] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./518/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./518/binderfs") = 0 [pid 412] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14658] <... openat resumed>) = 3 [pid 14652] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 14652] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14658] chdir("./bus") = 0 [pid 14658] ioctl(4, LOOP_CLR_FD) = 0 [pid 14658] close(4) = 0 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14654] <... futex resumed>) = 0 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14658] <... futex resumed>) = 1 [pid 14658] chdir("./file0") = 0 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14654] <... futex resumed>) = 0 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14658] <... futex resumed>) = 1 [pid 14658] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14654] <... futex resumed>) = 0 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14658] <... futex resumed>) = 1 [pid 14658] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14654] <... futex resumed>) = 0 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14658] <... futex resumed>) = 1 [pid 14658] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 407] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14662] <... mount resumed>) = 0 [pid 14653] <... write resumed>) = 1048576 [ 259.119946][T14658] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/525/bus supports timestamps until 2038 (0x7fffffff) [ 259.124373][T14662] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/522/bus supports timestamps until 2038 (0x7fffffff) [ 259.150682][T14652] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] lstat("./515/bus", [pid 14653] <... futex resumed>) = 1 [pid 14650] <... futex resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14653] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14650] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./515/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14653] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14650] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14653] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14650] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "./515/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14662] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14662] <... openat resumed>) = 3 [pid 14658] <... futex resumed>) = 1 [pid 14662] chdir("./bus" [pid 14658] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14662] <... chdir resumed>) = 0 [pid 14662] ioctl(4, LOOP_CLR_FD) = 0 [pid 14662] close(4) = 0 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14662] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14652] <... openat resumed>) = 7 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14652] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 407] <... openat resumed>) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./515/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./515") = 0 [pid 407] mkdir("./516", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14668 [pid 14654] <... futex resumed>) = 0 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14658] <... futex resumed>) = 0 [pid 14654] <... futex resumed>) = 1 [pid 14658] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14658] <... mount resumed>) = 0 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14654] <... futex resumed>) = 0 [pid 14658] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14658] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14654] <... futex resumed>) = 0 [pid 14658] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14658] <... open resumed>) = 6 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14654] <... futex resumed>) = 0 [pid 14658] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14658] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14654] <... futex resumed>) = 0 [pid 14658] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14668 attached [pid 14655] <... futex resumed>) = 0 [pid 14651] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 14668] set_robust_list(0x555555f755e0, 24 [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14651] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14668] <... set_robust_list resumed>) = 0 [pid 14668] chdir("./516") = 0 [pid 14668] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14668] setpgid(0, 0) = 0 [pid 14668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14668] write(3, "1000", 4) = 4 [pid 14668] close(3) = 0 [pid 14668] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14668] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14668] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14668] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14669], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14669 [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14669 attached [pid 14669] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14669] memfd_create("syzkaller", 0) = 3 [pid 14669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14655] <... futex resumed>) = 1 [pid 14662] <... futex resumed>) = 0 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14651] <... futex resumed>) = 1 [pid 14662] chdir("./file0" [pid 14652] <... futex resumed>) = 0 [pid 14651] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14662] <... chdir resumed>) = 0 [pid 14652] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14655] <... futex resumed>) = 0 [pid 14652] <... openat resumed>) = 8 [pid 14652] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14662] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14655] <... futex resumed>) = 0 [pid 14652] <... futex resumed>) = 1 [pid 14651] <... futex resumed>) = 0 [pid 14652] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14651] exit_group(0 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14651] <... exit_group resumed>) = ? [pid 14662] <... open resumed>) = 4 [pid 14652] <... futex resumed>) = ? [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14652] +++ exited with 0 +++ [pid 14651] +++ exited with 0 +++ [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14651, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 408] umount2("./521", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./521/binderfs", [pid 14662] <... futex resumed>) = 1 [pid 14655] <... futex resumed>) = 0 [pid 412] lstat("./518/bus", [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14662] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] unlink("./521/binderfs" [pid 14662] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14655] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14662] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14662] <... openat resumed>) = 5 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... unlink resumed>) = 0 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14662] <... futex resumed>) = 1 [pid 14655] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./518/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14662] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14662] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14662] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14655] <... futex resumed>) = 0 [pid 14662] <... futex resumed>) = 1 [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14662] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14655] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 4 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14662] <... mount resumed>) = 0 [pid 412] fstat(4, [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14662] <... futex resumed>) = 1 [pid 14655] <... futex resumed>) = 0 [pid 14662] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(4, [pid 14662] <... open resumed>) = 6 [pid 14655] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14662] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 14655] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14662] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14662] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14655] <... futex resumed>) = 0 [pid 412] close(4 [pid 14662] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./518/bus" [pid 14650] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14650] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 14650] <... futex resumed>) = 0 [pid 14650] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14650] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14650] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] close(3 [pid 14650] <... clone resumed>, parent_tid=[14670], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14670 [pid 14650] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14650] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14670 attached [pid 14669] <... write resumed>) = 1048576 [pid 14662] <... write resumed>) = 1048576 [pid 14658] <... write resumed>) = 1048576 [pid 14653] <... openat resumed>) = 7 [pid 412] <... close resumed>) = 0 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] rmdir("./518" [pid 14658] <... futex resumed>) = 1 [pid 14654] <... futex resumed>) = 0 [pid 14669] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14669] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 259.167144][T14652] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 259.176674][T14653] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.199379][T14653] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14669] ioctl(4, LOOP_SET_FD, 3 [pid 14670] set_robust_list(0x7f1c2a1159e0, 24 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14658] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14654] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14653] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14669] <... ioctl resumed>) = 0 [pid 14670] <... set_robust_list resumed>) = 0 [pid 14669] close(3 [pid 14662] <... futex resumed>) = 1 [pid 14654] <... futex resumed>) = 0 [pid 14653] <... futex resumed>) = 0 [pid 412] mkdir("./519", 0777 [pid 408] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14654] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14670] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14670] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14650] <... futex resumed>) = 0 [pid 14650] exit_group(0) = ? [pid 14670] +++ exited with 0 +++ [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14671 [pid 14653] +++ exited with 0 +++ [pid 14650] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14650, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] lstat("./521/bus", [pid 409] getdents64(3, [pid 14655] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./516/binderfs", [pid 408] openat(AT_FDCWD, "./521/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... openat resumed>) = 4 [pid 409] unlink("./516/binderfs") = 0 [pid 408] fstat(4, [pid 409] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(4, [pid 14655] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./521/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./521") = 0 [pid 408] mkdir("./522", 0777 [ 259.241715][T14669] loop0: detected capacity change from 0 to 2048 [ 259.248707][T14658] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.270526][T14662] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14662] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 14671 attached [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14671] set_robust_list(0x555555f755e0, 24 [pid 408] <... openat resumed>) = 3 [pid 14671] <... set_robust_list resumed>) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 14671] chdir("./519" [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14671] <... chdir resumed>) = 0 [pid 408] close(3 [pid 14671] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 408] <... close resumed>) = 0 [pid 14671] <... prctl resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14671] setpgid(0, 0) = 0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14672 [pid 14671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14671] write(3, "1000", 4) = 4 [pid 14671] close(3) = 0 [pid 14671] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14671] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14671] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14671] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14673], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14673 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14669] <... close resumed>) = 0 [pid 14669] mkdir("./bus", 0777) = 0 [pid 14669] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14654] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14654] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14654] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14654] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14674], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14674 [pid 14654] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14654] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14672 attached [pid 14672] set_robust_list(0x555555f755e0, 24./strace-static-x86_64: Process 14673 attached [pid 14673] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14662] <... openat resumed>) = 7 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14655] <... futex resumed>) = 0 [pid 14662] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14673] memfd_create("syzkaller", 0 [pid 14655] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14673] <... memfd_create resumed>) = 3 [pid 14673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14655] <... futex resumed>) = 1 [pid 14662] <... futex resumed>) = 0 [pid 14662] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14655] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14672] <... set_robust_list resumed>) = 0 [pid 14673] <... mmap resumed>) = 0x7f1c2a016000 [pid 14662] <... openat resumed>) = 8 [pid 14662] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14655] <... futex resumed>) = 0 [pid 14655] exit_group(0 [pid 14662] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 (errno 18446744073709551414) [pid 14655] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 14674 attached [pid 14673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14672] chdir("./522" [pid 14662] +++ exited with 0 +++ [pid 14658] <... openat resumed>) = 7 [pid 14655] +++ exited with 0 +++ [pid 14674] set_robust_list(0x7f1c2a1159e0, 24 [pid 14672] <... chdir resumed>) = 0 [pid 14674] <... set_robust_list resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14655, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14674] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14672] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14674] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./522", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14674] <... futex resumed>) = 1 [pid 14654] <... futex resumed>) = 0 [pid 14674] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14672] <... prctl resumed>) = 0 [pid 14658] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 14672] setpgid(0, 0 [pid 14658] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 14672] <... setpgid resumed>) = 0 [pid 14658] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] getdents64(3, [pid 14672] <... openat resumed>) = 3 [pid 14654] exit_group(0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14654] <... exit_group resumed>) = ? [pid 411] umount2("./522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14674] <... futex resumed>) = ? [pid 14674] +++ exited with 0 +++ [pid 14672] write(3, "1000", 4 [pid 14658] <... futex resumed>) = ? [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./522/binderfs", [pid 14673] <... write resumed>) = 1048576 [pid 14672] <... write resumed>) = 4 [pid 14658] +++ exited with 0 +++ [pid 14654] +++ exited with 0 +++ [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./522/binderfs" [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14654, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 14672] close(3 [pid 411] <... unlink resumed>) = 0 [pid 14672] <... close resumed>) = 0 [pid 411] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 14673] munmap(0x7f1c2a016000, 1048576 [pid 14672] symlink("/dev/binderfs", "./binderfs" [pid 410] <... restart_syscall resumed>) = 0 [pid 410] umount2("./525", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./525/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./525/binderfs") = 0 [pid 410] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14673] <... munmap resumed>) = 0 [pid 14673] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14673] ioctl(4, LOOP_SET_FD, 3 [pid 14672] <... symlink resumed>) = 0 [pid 14669] <... mount resumed>) = 0 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14672] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14672] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14677], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14677 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14669] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14669] chdir("./bus") = 0 [pid 14669] ioctl(4, LOOP_CLR_FD) = 0 [pid 14669] close(4) = 0 [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14669] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14677 attached [pid 14673] <... ioctl resumed>) = 0 [pid 14668] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 14677] set_robust_list(0x7f1c324369e0, 24 [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14677] <... set_robust_list resumed>) = 0 [pid 14673] close(3 [pid 14668] <... futex resumed>) = 1 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14677] memfd_create("syzkaller", 0 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... memfd_create resumed>) = 3 [pid 409] lstat("./516/bus", [pid 14677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14673] <... close resumed>) = 0 [pid 14673] mkdir("./bus", 0777) = 0 [pid 14673] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14669] <... futex resumed>) = 0 [pid 14677] <... mmap resumed>) = 0x7f1c2a016000 [pid 409] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14669] chdir("./file0" [pid 14677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14669] <... chdir resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = 0 [pid 409] openat(AT_FDCWD, "./516/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... openat resumed>) = 4 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] fstat(4, [pid 410] lstat("./525/bus", [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14669] <... futex resumed>) = 1 [pid 14668] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] getdents64(4, [pid 14669] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] openat(AT_FDCWD, "./525/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14668] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 4 [pid 409] close(4 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] fstat(4, [pid 409] <... close resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] rmdir("./516/bus" [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... rmdir resumed>) = 0 [pid 410] getdents64(4, [pid 409] getdents64(3, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(4 [pid 409] close(3 [pid 410] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 410] rmdir("./525/bus" [pid 409] rmdir("./516" [pid 410] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 410] getdents64(3, [pid 14669] <... open resumed>) = 4 [pid 409] mkdir("./517", 0777 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(3 [pid 409] <... mkdir resumed>) = 0 [pid 14669] <... futex resumed>) = 1 [pid 14668] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14669] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] rmdir("./525" [pid 409] <... openat resumed>) = 3 [pid 14668] <... futex resumed>) = 0 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... rmdir resumed>) = 0 [pid 409] ioctl(3, LOOP_CLR_FD [pid 14669] <... openat resumed>) = 5 [pid 410] mkdir("./526", 0777 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14677] <... write resumed>) = 1048576 [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... mkdir resumed>) = 0 [pid 409] close(3) = 0 [pid 14677] munmap(0x7f1c2a016000, 1048576) = 0 [ 259.284475][T14662] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 259.293325][T14658] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 259.316769][T14669] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/516/bus supports timestamps until 2038 (0x7fffffff) [ 259.318596][T14673] loop5: detected capacity change from 0 to 2048 [pid 14677] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14677] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14669] <... futex resumed>) = 1 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14677] close(3 [pid 14669] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14677] <... close resumed>) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14680 [pid 14677] mkdir("./bus", 0777) = 0 [pid 14677] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14668] <... futex resumed>) = 0 [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14669] <... futex resumed>) = 0 [pid 14668] <... futex resumed>) = 1 [pid 411] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14669] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14681 [pid 14673] <... mount resumed>) = 0 [pid 14673] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14673] chdir("./bus") = 0 [pid 14673] ioctl(4, LOOP_CLR_FD [pid 14669] <... write resumed>) = 196608 [pid 14673] <... ioctl resumed>) = 0 [pid 14673] close(4) = 0 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14671] <... futex resumed>) = 0 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14673] chdir("./file0") = 0 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./522/bus", [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14669] <... futex resumed>) = 1 [pid 14668] <... futex resumed>) = 0 [pid 14669] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14669] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14668] <... futex resumed>) = 0 [pid 14669] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14669] <... mount resumed>) = 0 [pid 411] openat(AT_FDCWD, "./522/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 4 [pid 14673] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 14680 attached [pid 14669] <... futex resumed>) = 1 [pid 14668] <... futex resumed>) = 0 [pid 411] fstat(4, [pid 14669] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14669] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14668] <... futex resumed>) = 0 [pid 14669] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(4, [pid 14669] <... open resumed>) = 6 [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14669] <... futex resumed>) = 1 [pid 14668] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 14669] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14669] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14668] <... futex resumed>) = 0 [pid 411] close(4 [pid 14669] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... close resumed>) = 0 [pid 14680] set_robust_list(0x555555f755e0, 24) = 0 [pid 14680] chdir("./517") = 0 [pid 14680] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14680] setpgid(0, 0) = 0 [pid 14680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14680] write(3, "1000", 4) = 4 [pid 14680] close(3) = 0 [pid 14680] symlink("/dev/binderfs", "./binderfs" [pid 411] rmdir("./522/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./522") = 0 [pid 411] mkdir("./523", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14682 ./strace-static-x86_64: Process 14681 attached [pid 14681] set_robust_list(0x555555f755e0, 24) = 0 [pid 14681] chdir("./526" [pid 14680] <... symlink resumed>) = 0 [pid 14673] <... open resumed>) = 4 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14681] <... chdir resumed>) = 0 [pid 14681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14681] setpgid(0, 0 [pid 14680] <... futex resumed>) = 0 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14680] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14671] <... futex resumed>) = 0 [pid 14673] <... futex resumed>) = 1 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14680] <... mmap resumed>) = 0x7f1c32416000 [pid 14673] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14671] <... futex resumed>) = 0 [pid 14680] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14673] <... openat resumed>) = 5 [pid 14680] <... mprotect resumed>) = 0 [pid 14681] <... setpgid resumed>) = 0 [pid 14681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14680] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14680] <... clone resumed>, parent_tid=[14683], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14683 [pid 14673] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14681] <... openat resumed>) = 3 [pid 14681] write(3, "1000", 4) = 4 [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14681] close(3) = 0 [pid 14681] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14680] <... futex resumed>) = 0 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14681] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14681] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 ./strace-static-x86_64: Process 14682 attached [pid 14681] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14682] set_robust_list(0x555555f755e0, 24) = 0 [pid 14682] chdir("./523") = 0 [pid 14682] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14681] <... clone resumed>, parent_tid=[14685], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14685 [pid 14682] <... prctl resumed>) = 0 [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14683 attached [pid 14682] setpgid(0, 0 [pid 14683] set_robust_list(0x7f1c324369e0, 24 [pid 14682] <... setpgid resumed>) = 0 [pid 14683] <... set_robust_list resumed>) = 0 [pid 14682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14683] memfd_create("syzkaller", 0 [pid 14682] write(3, "1000", 4 [pid 14673] <... write resumed>) = 196608 [pid 14683] <... memfd_create resumed>) = 3 [pid 14682] <... write resumed>) = 4 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] close(3 [pid 14683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14673] <... futex resumed>) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14682] <... close resumed>) = 0 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... mmap resumed>) = 0x7f1c2a016000 [pid 14673] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14682] symlink("/dev/binderfs", "./binderfs" [pid 14671] <... futex resumed>) = 0 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14682] <... symlink resumed>) = 0 [pid 14673] <... mount resumed>) = 0 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14673] <... futex resumed>) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14682] <... mmap resumed>) = 0x7f1c32416000 [pid 14673] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14673] <... open resumed>) = 6 [pid 14671] <... futex resumed>) = 0 [pid 14682] <... mprotect resumed>) = 0 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14682] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14673] <... futex resumed>) = 0 [pid 14671] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14673] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] <... clone resumed>, parent_tid=[14686], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14686 [pid 14671] <... futex resumed>) = 0 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14682] <... futex resumed>) = 0 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14685 attached [pid 14685] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14685] memfd_create("syzkaller", 0) = 3 [pid 14685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 259.365847][T14677] loop1: detected capacity change from 0 to 2048 [ 259.367207][T14673] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/519/bus supports timestamps until 2038 (0x7fffffff) ./strace-static-x86_64: Process 14686 attached [pid 14686] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14686] memfd_create("syzkaller", 0) = 3 [pid 14686] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14686] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14669] <... write resumed>) = 1048576 [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14668] <... futex resumed>) = 0 [pid 14668] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14669] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14668] <... futex resumed>) = 0 [pid 14668] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... write resumed>) = 1048576 [pid 14686] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14686] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14686] ioctl(4, LOOP_SET_FD, 3 [pid 14685] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14686] <... ioctl resumed>) = 0 [pid 14686] close(3) = 0 [pid 14686] mkdir("./bus", 0777) = 0 [pid 14686] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14685] <... write resumed>) = 1048576 [pid 14685] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14685] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14685] ioctl(4, LOOP_SET_FD, 3 [pid 14671] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14671] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14685] <... ioctl resumed>) = 0 [pid 14685] close(3) = 0 [pid 14685] mkdir("./bus", 0777) = 0 [pid 14685] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14671] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14668] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14668] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14671] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14668] <... futex resumed>) = 0 [pid 14668] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14671] <... mprotect resumed>) = 0 [pid 14668] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14671] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14668] <... mprotect resumed>) = 0 [pid 14668] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14671] <... clone resumed>, parent_tid=[14688], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14688 [pid 14671] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14668] <... clone resumed>, parent_tid=[14689], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14689 [pid 14671] <... futex resumed>) = 0 [pid 14668] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14671] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14668] <... futex resumed>) = 0 [pid 14668] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... write resumed>) = 1048576 [pid 14683] munmap(0x7f1c2a016000, 1048576) = 0 [ 259.443286][T14669] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.447631][T14686] loop4: detected capacity change from 0 to 2048 [ 259.460564][T14677] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/522/bus supports timestamps until 2038 (0x7fffffff) [ 259.471981][T14685] loop3: detected capacity change from 0 to 2048 [ 259.478098][T14669] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14683] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14683] ioctl(4, LOOP_SET_FD, 3 [pid 14673] <... write resumed>) = 1048576 [pid 14669] <... openat resumed>) = 7 ./strace-static-x86_64: Process 14689 attached [pid 14689] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14689] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14689] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14668] <... futex resumed>) = 0 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14669] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14668] exit_group(0) = ? [pid 14689] +++ exited with 0 +++ [pid 14673] <... futex resumed>) = 0 [pid 14683] <... ioctl resumed>) = 0 [pid 14683] close(3) = 0 [pid 14683] mkdir("./bus", 0777) = 0 [pid 14683] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14677] <... mount resumed>) = 0 [pid 14677] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14677] chdir("./bus") = 0 [pid 14677] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 14688 attached [pid 14673] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14688] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14688] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14669] <... futex resumed>) = ? [pid 14677] <... ioctl resumed>) = 0 [pid 14669] +++ exited with 0 +++ [pid 14668] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14668, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14677] close(4 [pid 407] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14677] <... close resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./516/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./516/binderfs") = 0 [pid 407] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14672] <... futex resumed>) = 0 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... futex resumed>) = 1 [pid 14677] chdir("./file0") = 0 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14672] <... futex resumed>) = 0 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... futex resumed>) = 1 [pid 14677] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14688] <... openat resumed>) = 7 [pid 14688] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... open resumed>) = 4 [pid 14688] <... futex resumed>) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14688] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14671] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... futex resumed>) = 1 [pid 14673] <... futex resumed>) = 0 [pid 14672] <... futex resumed>) = 0 [pid 14671] <... futex resumed>) = 1 [pid 14677] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14673] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14671] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14673] <... openat resumed>) = 8 [pid 14672] <... futex resumed>) = 0 [pid 14677] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14673] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14673] <... futex resumed>) = 1 [pid 14671] <... futex resumed>) = 0 [pid 14673] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14677] <... openat resumed>) = 5 [pid 14671] exit_group(0) = ? [pid 14673] <... futex resumed>) = ? [pid 14688] <... futex resumed>) = ? [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14673] +++ exited with 0 +++ [pid 14688] +++ exited with 0 +++ [pid 14677] <... futex resumed>) = 1 [pid 14672] <... futex resumed>) = 0 [pid 14671] +++ exited with 0 +++ [pid 14677] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14672] <... futex resumed>) = 0 [pid 14677] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14671, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] umount2("./519", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14677] <... write resumed>) = 196608 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./519/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./519/binderfs") = 0 [pid 412] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14677] <... futex resumed>) = 1 [pid 14672] <... futex resumed>) = 0 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14672] <... futex resumed>) = 0 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... mount resumed>) = 0 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14672] <... futex resumed>) = 0 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 412] <... umount2 resumed>) = 0 [ 259.497765][T14683] loop2: detected capacity change from 0 to 2048 [ 259.513254][T14688] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.528227][T14688] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14677] <... open resumed>) = 6 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14677] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14683] <... mount resumed>) = 0 [pid 14683] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14683] chdir("./bus") = 0 [pid 14683] ioctl(4, LOOP_CLR_FD) = 0 [pid 14683] close(4) = 0 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./519/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./519/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./519/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./519") = 0 [pid 412] mkdir("./520", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14672] <... futex resumed>) = 0 [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... futex resumed>) = 0 [pid 14672] <... futex resumed>) = 1 [pid 14677] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14685] <... mount resumed>) = 0 [pid 14680] <... futex resumed>) = 0 [pid 14677] <... write resumed>) = 1048576 [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = 0 [pid 14680] <... futex resumed>) = 1 [pid 14677] <... futex resumed>) = 1 [pid 14672] <... futex resumed>) = 0 [pid 14683] chdir("./file0" [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... chdir resumed>) = 0 [pid 14677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14672] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... futex resumed>) = 1 [pid 14680] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14680] <... futex resumed>) = 0 [pid 14683] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... open resumed>) = 4 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14680] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14680] <... futex resumed>) = 0 [pid 14683] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... openat resumed>) = 5 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14680] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14680] <... futex resumed>) = 0 [pid 14683] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... write resumed>) = 196608 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14680] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14680] <... futex resumed>) = 0 [pid 14683] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... mount resumed>) = 0 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14680] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14680] <... futex resumed>) = 0 [pid 14683] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14683] <... open resumed>) = 6 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14680] <... futex resumed>) = 0 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 259.555396][T14683] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/517/bus supports timestamps until 2038 (0x7fffffff) [ 259.567405][T14685] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/526/bus supports timestamps until 2038 (0x7fffffff) [ 259.579515][T14686] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/523/bus supports timestamps until 2038 (0x7fffffff) [pid 14680] <... futex resumed>) = 0 [pid 14683] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... mount resumed>) = 0 [pid 14685] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 407] <... umount2 resumed>) = 0 [pid 14686] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14685] <... openat resumed>) = 3 [pid 412] <... openat resumed>) = 3 [pid 407] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14686] <... openat resumed>) = 3 [pid 14685] chdir("./bus" [pid 412] ioctl(3, LOOP_CLR_FD [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14686] chdir("./bus" [pid 14685] <... chdir resumed>) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] lstat("./516/bus", [pid 14686] <... chdir resumed>) = 0 [pid 14685] ioctl(4, LOOP_CLR_FD [pid 412] close(3 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14686] ioctl(4, LOOP_CLR_FD [pid 14685] <... ioctl resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 407] umount2("./516/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14686] <... ioctl resumed>) = 0 [pid 14685] close(4 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14686] close(4 [pid 14685] <... close resumed>) = 0 [pid 407] openat(AT_FDCWD, "./516/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14686] <... close resumed>) = 0 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14696 [pid 407] <... openat resumed>) = 4 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = 1 [pid 14681] <... futex resumed>) = 0 [pid 407] fstat(4, [pid 14686] <... futex resumed>) = 1 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... futex resumed>) = 0 [pid 407] getdents64(4, [pid 14685] chdir("./file0" [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./516/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./516") = 0 [pid 407] mkdir("./517", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14697 [pid 14685] <... chdir resumed>) = 0 [pid 14682] <... futex resumed>) = 0 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14686] <... futex resumed>) = 0 [pid 14685] <... futex resumed>) = 1 [pid 14682] <... futex resumed>) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14686] chdir("./file0" [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14686] <... chdir resumed>) = 0 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... futex resumed>) = 0 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... futex resumed>) = 1 [pid 14685] <... open resumed>) = 4 [pid 14682] <... futex resumed>) = 0 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14686] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14685] <... futex resumed>) = 1 [pid 14682] <... futex resumed>) = 0 [pid 14681] <... futex resumed>) = 0 [pid 14686] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... futex resumed>) = 0 [pid 14685] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14685] <... openat resumed>) = 5 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14686] <... open resumed>) = 4 [pid 14685] <... futex resumed>) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14686] <... futex resumed>) = 1 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14682] <... futex resumed>) = 0 [pid 14681] <... futex resumed>) = 0 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14685] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14685] <... write resumed>) = 196608 [pid 14682] <... futex resumed>) = 0 [pid 14686] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... openat resumed>) = 5 [pid 14685] <... futex resumed>) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14686] <... futex resumed>) = 1 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14682] <... futex resumed>) = 0 [pid 14681] <... futex resumed>) = 0 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14685] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14685] <... mount resumed>) = 0 [pid 14682] <... futex resumed>) = 0 [pid 14686] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14685] <... futex resumed>) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... futex resumed>) = 0 [pid 14685] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14685] <... open resumed>) = 6 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... futex resumed>) = 0 [pid 14685] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... write resumed>) = 196608 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14697 attached ./strace-static-x86_64: Process 14696 attached ) = 1 [pid 14682] <... futex resumed>) = 0 [pid 14697] set_robust_list(0x555555f755e0, 24 [pid 14696] set_robust_list(0x555555f755e0, 24 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14685] <... write resumed>) = 1048576 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... openat resumed>) = 7 [pid 14697] <... set_robust_list resumed>) = 0 [pid 14696] <... set_robust_list resumed>) = 0 [pid 14686] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14683] <... write resumed>) = 1048576 [pid 14682] <... futex resumed>) = 0 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] chdir("./517" [pid 14696] chdir("./520" [pid 14686] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14685] <... futex resumed>) = 1 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14681] <... futex resumed>) = 0 [pid 14677] <... futex resumed>) = 1 [pid 14672] <... futex resumed>) = 0 [pid 14697] <... chdir resumed>) = 0 [pid 14696] <... chdir resumed>) = 0 [pid 14686] <... mount resumed>) = 0 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14683] <... futex resumed>) = 1 [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14680] <... futex resumed>) = 0 [pid 14677] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14672] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14696] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14683] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14681] <... futex resumed>) = 0 [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14672] <... futex resumed>) = 0 [pid 14697] <... prctl resumed>) = 0 [pid 14696] <... prctl resumed>) = 0 [ 259.594087][T14677] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.619201][T14677] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14686] <... futex resumed>) = 1 [pid 14685] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14682] <... futex resumed>) = 0 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14680] <... futex resumed>) = 0 [pid 14677] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14672] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14697] setpgid(0, 0 [pid 14696] setpgid(0, 0 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14697] <... setpgid resumed>) = 0 [pid 14696] <... setpgid resumed>) = 0 [pid 14697] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14697] <... openat resumed>) = 3 [pid 14696] <... openat resumed>) = 3 [pid 14697] write(3, "1000", 4 [pid 14696] write(3, "1000", 4 [pid 14697] <... write resumed>) = 4 [pid 14696] <... write resumed>) = 4 [pid 14697] close(3 [pid 14696] close(3 [pid 14697] <... close resumed>) = 0 [pid 14696] <... close resumed>) = 0 [pid 14697] symlink("/dev/binderfs", "./binderfs" [pid 14696] symlink("/dev/binderfs", "./binderfs" [pid 14697] <... symlink resumed>) = 0 [pid 14696] <... symlink resumed>) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14696] <... futex resumed>) = 0 [pid 14697] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14696] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14697] <... mmap resumed>) = 0x7f1c32416000 [pid 14696] <... mmap resumed>) = 0x7f1c32416000 [pid 14697] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14696] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14697] <... mprotect resumed>) = 0 [pid 14696] <... mprotect resumed>) = 0 [pid 14697] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14696] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14697] <... clone resumed>, parent_tid=[14698], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14698 [pid 14696] <... clone resumed>, parent_tid=[14699], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14699 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14696] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14699 attached ./strace-static-x86_64: Process 14698 attached [pid 14686] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... openat resumed>) = 8 [pid 14699] set_robust_list(0x7f1c324369e0, 24 [pid 14698] set_robust_list(0x7f1c324369e0, 24 [pid 14686] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14682] <... futex resumed>) = 0 [pid 14677] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14699] <... set_robust_list resumed>) = 0 [pid 14698] <... set_robust_list resumed>) = 0 [pid 14686] <... open resumed>) = 6 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14677] <... futex resumed>) = 1 [pid 14672] <... futex resumed>) = 0 [pid 14699] memfd_create("syzkaller", 0 [pid 14698] memfd_create("syzkaller", 0 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14677] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14672] exit_group(0 [pid 14699] <... memfd_create resumed>) = 3 [pid 14698] <... memfd_create resumed>) = 3 [pid 14686] <... futex resumed>) = 0 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14677] <... futex resumed>) = ? [pid 14672] <... exit_group resumed>) = ? [pid 14699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14686] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14682] <... futex resumed>) = 0 [pid 14677] +++ exited with 0 +++ [pid 14672] +++ exited with 0 +++ [pid 14699] <... mmap resumed>) = 0x7f1c2a016000 [pid 14698] <... mmap resumed>) = 0x7f1c2a016000 [pid 14685] <... openat resumed>) = 7 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14681] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... futex resumed>) = 0 [pid 14685] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14681] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14685] <... openat resumed>) = 8 [pid 14685] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14681] <... futex resumed>) = 0 [pid 14699] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14686] <... write resumed>) = 1048576 [pid 14685] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14683] <... openat resumed>) = 7 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14681] exit_group(0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14672, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14685] <... futex resumed>) = ? [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14682] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14681] <... exit_group resumed>) = ? [pid 14698] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14686] <... futex resumed>) = 0 [pid 14685] +++ exited with 0 +++ [pid 14683] <... futex resumed>) = 1 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14681] +++ exited with 0 +++ [pid 14680] <... futex resumed>) = 0 [pid 14686] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 259.649703][T14683] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.650642][T14685] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.664137][T14683] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 259.683561][T14685] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14682] <... futex resumed>) = 0 [pid 14680] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14699] <... write resumed>) = 1048576 [pid 14698] <... write resumed>) = 1048576 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14680] <... futex resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14681, si_uid=0, si_status=0, si_utime=0, si_stime=10} --- [pid 408] umount2("./522", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14699] munmap(0x7f1c2a016000, 1048576 [pid 14698] munmap(0x7f1c2a016000, 1048576 [pid 14680] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14699] <... munmap resumed>) = 0 [pid 14698] <... munmap resumed>) = 0 [pid 410] <... restart_syscall resumed>) = 0 [pid 408] openat(AT_FDCWD, "./522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14699] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14698] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 408] <... openat resumed>) = 3 [pid 14699] <... openat resumed>) = 4 [pid 14698] <... openat resumed>) = 4 [pid 408] fstat(3, [pid 14699] ioctl(4, LOOP_SET_FD, 3 [pid 14698] ioctl(4, LOOP_SET_FD, 3 [pid 410] umount2("./526", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14683] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14683] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14683] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14683] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14698] <... ioctl resumed>) = 0 [pid 14698] close(3) = 0 [pid 14698] mkdir("./bus", 0777) = 0 [pid 14698] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14686] <... openat resumed>) = 7 [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./522/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./522/binderfs") = 0 [pid 408] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "./526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 14682] <... futex resumed>) = 0 [pid 14680] <... futex resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14682] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14680] exit_group(0 [pid 14686] <... futex resumed>) = 0 [pid 14682] <... futex resumed>) = 1 [pid 14680] <... exit_group resumed>) = ? [pid 14686] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14682] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14686] <... openat resumed>) = 8 [pid 14683] <... futex resumed>) = ? [pid 410] umount2("./526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14686] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14683] +++ exited with 0 +++ [pid 14682] <... futex resumed>) = 0 [pid 14680] +++ exited with 0 +++ [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./526/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./526/binderfs") = 0 [pid 410] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14699] <... ioctl resumed>) = 0 [pid 14699] close(3) = 0 [pid 14699] mkdir("./bus", 0777) = 0 [pid 14699] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14686] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14682] exit_group(0 [pid 14686] <... futex resumed>) = ? [pid 14682] <... exit_group resumed>) = ? [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14680, si_uid=0, si_status=0, si_utime=2, si_stime=5} --- [pid 14686] +++ exited with 0 +++ [pid 14682] +++ exited with 0 +++ [pid 409] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14682, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 409] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... restart_syscall resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 411] umount2("./523", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] fstat(3, [pid 411] lstat("./523/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] unlink("./523/binderfs") = 0 [pid 409] getdents64(3, [pid 411] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./517/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./517/binderfs") = 0 [ 259.712763][T14686] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.722039][T14698] loop0: detected capacity change from 0 to 2048 [ 259.727064][T14686] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 259.733386][T14699] loop5: detected capacity change from 0 to 2048 [pid 409] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14698] <... mount resumed>) = 0 [pid 14698] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14698] chdir("./bus") = 0 [pid 14698] ioctl(4, LOOP_CLR_FD) = 0 [pid 14698] close(4) = 0 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 1 [pid 14698] chdir("./file0") = 0 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 1 [pid 14698] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 1 [pid 14698] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 1 [pid 14698] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14699] <... mount resumed>) = 0 [pid 14699] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14699] chdir("./bus") = 0 [pid 14699] ioctl(4, LOOP_CLR_FD [pid 14698] <... write resumed>) = 196608 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14698] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14699] <... ioctl resumed>) = 0 [pid 14699] close(4) = 0 [pid 14697] <... futex resumed>) = 0 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... futex resumed>) = 1 [pid 14699] chdir("./file0" [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 0 [pid 14698] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 1 [pid 14698] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14698] <... futex resumed>) = 1 [pid 14698] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14699] <... chdir resumed>) = 0 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... futex resumed>) = 1 [pid 14699] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... futex resumed>) = 1 [pid 14699] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... futex resumed>) = 1 [pid 14699] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... futex resumed>) = 1 [pid 14699] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... futex resumed>) = 1 [pid 14699] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14699] <... futex resumed>) = 1 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14698] <... write resumed>) = 1048576 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14697] <... futex resumed>) = 0 [pid 14697] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 259.781380][T14698] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/517/bus supports timestamps until 2038 (0x7fffffff) [ 259.781488][T14699] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/520/bus supports timestamps until 2038 (0x7fffffff) [pid 14698] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 411] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 410] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./526/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./526/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] fstat(4, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 411] lstat("./523/bus", [pid 409] lstat("./517/bus", [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./523/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] lstat("./522/bus", [pid 409] openat(AT_FDCWD, "./517/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 4 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 409] <... openat resumed>) = 4 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] close(4 [pid 411] fstat(4, [pid 409] fstat(4, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... close resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 410] rmdir("./526/bus" [pid 409] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] <... rmdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] openat(AT_FDCWD, "./522/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] getdents64(4, [pid 409] getdents64(4, [pid 408] <... openat resumed>) = 4 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] getdents64(3, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] fstat(4, [pid 411] close(4 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... close resumed>) = 0 [pid 410] close(3 [pid 409] close(4 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] rmdir("./523/bus" [pid 410] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 408] getdents64(4, [pid 411] <... rmdir resumed>) = 0 [pid 410] rmdir("./526" [pid 409] rmdir("./517/bus" [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(3, [pid 410] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 408] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] mkdir("./527", 0777 [pid 409] getdents64(3, [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(3 [pid 410] <... mkdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(4 [pid 411] <... close resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] close(3 [pid 408] <... close resumed>) = 0 [pid 411] rmdir("./523" [pid 410] <... openat resumed>) = 3 [pid 409] <... close resumed>) = 0 [pid 408] rmdir("./522/bus" [pid 411] <... rmdir resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] rmdir("./517" [pid 408] <... rmdir resumed>) = 0 [pid 411] mkdir("./524", 0777 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... rmdir resumed>) = 0 [pid 408] getdents64(3, [pid 411] <... mkdir resumed>) = 0 [pid 410] close(3 [pid 409] mkdir("./518", 0777 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] <... close resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 408] close(3 [pid 411] <... openat resumed>) = 3 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 408] <... close resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 409] <... openat resumed>) = 3 [pid 408] rmdir("./522" [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14704 [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] <... rmdir resumed>) = 0 [pid 411] close(3 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] mkdir("./523", 0777 [pid 411] <... close resumed>) = 0 [pid 409] close(3 [pid 408] <... mkdir resumed>) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... close resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... openat resumed>) = 3 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14705 [pid 408] ioctl(3, LOOP_CLR_FD [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14706 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14707 ./strace-static-x86_64: Process 14704 attached [pid 14704] set_robust_list(0x555555f755e0, 24) = 0 [pid 14704] chdir("./527") = 0 [pid 14704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14704] setpgid(0, 0) = 0 [pid 14704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14704] write(3, "1000", 4) = 4 [pid 14704] close(3) = 0 [pid 14704] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14704] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14704] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14708], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14708 [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14708 attached [pid 14708] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14708] memfd_create("syzkaller", 0) = 3 [pid 14708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14708] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14708] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14708] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 259.825320][T14698] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.858107][T14698] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14708] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14706 attached ./strace-static-x86_64: Process 14705 attached [pid 14696] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14697] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14697] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] set_robust_list(0x555555f755e0, 24 [pid 14696] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] set_robust_list(0x555555f755e0, 24 [pid 14697] <... futex resumed>) = 0 [pid 14697] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14696] <... futex resumed>) = 0 [pid 14706] <... set_robust_list resumed>) = 0 [pid 14705] <... set_robust_list resumed>) = 0 [pid 14697] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14696] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14697] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14696] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14697] <... mprotect resumed>) = 0 [pid 14697] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14696] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14706] chdir("./518" [pid 14705] chdir("./524" [pid 14696] <... mprotect resumed>) = 0 [pid 14697] <... clone resumed>, parent_tid=[14709], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14709 [pid 14697] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14697] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14696] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14706] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 14707 attached [pid 14707] set_robust_list(0x555555f755e0, 24) = 0 [pid 14707] chdir("./523") = 0 [pid 14707] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14696] <... clone resumed>, parent_tid=[14710], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14710 [pid 14707] setpgid(0, 0) = 0 [pid 14707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14706] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14696] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14707] <... openat resumed>) = 3 [pid 14706] <... prctl resumed>) = 0 [pid 14696] <... futex resumed>) = 0 [pid 14707] write(3, "1000", 4 [pid 14706] setpgid(0, 0 [pid 14696] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14707] <... write resumed>) = 4 [pid 14707] close(3) = 0 [pid 14707] symlink("/dev/binderfs", "./binderfs" [pid 14706] <... setpgid resumed>) = 0 [pid 14705] <... chdir resumed>) = 0 [pid 14706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14705] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14707] <... symlink resumed>) = 0 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14707] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14707] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14706] <... openat resumed>) = 3 [pid 14705] <... prctl resumed>) = 0 [pid 14698] <... openat resumed>) = 7 [pid 14707] <... mprotect resumed>) = 0 [pid 14707] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14706] write(3, "1000", 4) = 4 [pid 14698] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] close(3 [pid 14705] setpgid(0, 0 [pid 14698] <... futex resumed>) = 0 [pid 14707] <... clone resumed>, parent_tid=[14711], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14711 [pid 14706] <... close resumed>) = 0 [pid 14705] <... setpgid resumed>) = 0 [pid 14698] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14710 attached [pid 14710] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14710] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14706] symlink("/dev/binderfs", "./binderfs" [pid 14705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14706] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 14711 attached ./strace-static-x86_64: Process 14709 attached [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] <... openat resumed>) = 3 [pid 14699] <... write resumed>) = 1048576 [pid 14706] <... futex resumed>) = 0 [pid 14705] write(3, "1000", 4 [pid 14706] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14708] <... ioctl resumed>) = 0 [pid 14711] set_robust_list(0x7f1c324369e0, 24 [pid 14709] set_robust_list(0x7f1c2a1159e0, 24 [pid 14708] close(3 [pid 14706] <... mmap resumed>) = 0x7f1c32416000 [pid 14705] <... write resumed>) = 4 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] <... set_robust_list resumed>) = 0 [pid 14709] <... set_robust_list resumed>) = 0 [pid 14706] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14705] close(3 [pid 14699] <... futex resumed>) = 0 [pid 14711] memfd_create("syzkaller", 0 [pid 14709] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14706] <... mprotect resumed>) = 0 [pid 14705] <... close resumed>) = 0 [pid 14699] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] <... memfd_create resumed>) = 3 [pid 14709] <... openat resumed>) = 8 [pid 14706] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14705] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 14713 attached [pid 14711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14710] <... openat resumed>) = 7 [pid 14709] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14708] <... close resumed>) = 0 [pid 14705] <... symlink resumed>) = 0 [pid 14711] <... mmap resumed>) = 0x7f1c2a016000 [pid 14709] <... futex resumed>) = 1 [pid 14706] <... clone resumed>, parent_tid=[14713], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14713 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14697] <... futex resumed>) = 0 [pid 14708] mkdir("./bus", 0777 [pid 14709] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] <... futex resumed>) = 0 [pid 14697] exit_group(0 [pid 14709] <... futex resumed>) = ? [pid 14706] <... futex resumed>) = 0 [pid 14705] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14698] <... futex resumed>) = ? [pid 14697] <... exit_group resumed>) = ? [pid 14709] +++ exited with 0 +++ [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14705] <... mmap resumed>) = 0x7f1c32416000 [pid 14698] +++ exited with 0 +++ [pid 14697] +++ exited with 0 +++ [pid 14705] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14697, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14705] <... mprotect resumed>) = 0 [pid 14705] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14714], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14714 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14705] <... futex resumed>) = 0 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14710] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14696] <... futex resumed>) = 0 [pid 14696] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14699] <... futex resumed>) = 0 [pid 14696] <... futex resumed>) = 1 [pid 14699] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14696] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14699] <... openat resumed>) = 8 [pid 14699] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14696] <... futex resumed>) = 0 [pid 14699] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14696] exit_group(0 [pid 14699] <... futex resumed>) = ? [pid 14696] <... exit_group resumed>) = ? [pid 14708] <... mkdir resumed>) = 0 [pid 14699] +++ exited with 0 +++ [pid 14708] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14710] <... futex resumed>) = ? [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [ 259.871043][T14708] loop3: detected capacity change from 0 to 2048 [ 259.886307][T14710] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 259.900878][T14710] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 407] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14714 attached [pid 14713] set_robust_list(0x7f1c324369e0, 24 [pid 14711] <... write resumed>) = 1048576 [pid 14710] +++ exited with 0 +++ [pid 14696] +++ exited with 0 +++ [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14696, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] lstat("./517/binderfs", [pid 14714] set_robust_list(0x7f1c324369e0, 24 [pid 14713] <... set_robust_list resumed>) = 0 [pid 14711] munmap(0x7f1c2a016000, 1048576 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14714] <... set_robust_list resumed>) = 0 [pid 407] unlink("./517/binderfs" [pid 14713] memfd_create("syzkaller", 0 [pid 14711] <... munmap resumed>) = 0 [pid 412] umount2("./520", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... unlink resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14713] <... memfd_create resumed>) = 3 [pid 412] openat(AT_FDCWD, "./520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14714] memfd_create("syzkaller", 0 [pid 14711] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14711] <... openat resumed>) = 4 [pid 412] <... openat resumed>) = 3 [pid 14713] <... mmap resumed>) = 0x7f1c2a016000 [pid 14711] ioctl(4, LOOP_SET_FD, 3 [pid 14714] <... memfd_create resumed>) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./520/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./520/binderfs") = 0 [pid 412] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14714] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14713] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14711] <... ioctl resumed>) = 0 [pid 14713] <... write resumed>) = 1048576 [pid 14711] close(3) = 0 [pid 14711] mkdir("./bus", 0777) = 0 [pid 14711] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14713] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14713] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14713] ioctl(4, LOOP_SET_FD, 3 [pid 14714] munmap(0x7f1c2a016000, 1048576 [pid 14708] <... mount resumed>) = 0 [pid 14714] <... munmap resumed>) = 0 [pid 14714] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14714] ioctl(4, LOOP_SET_FD, 3 [pid 14713] <... ioctl resumed>) = 0 [pid 14708] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14708] chdir("./bus" [pid 14713] close(3 [pid 14708] <... chdir resumed>) = 0 [pid 14713] <... close resumed>) = 0 [pid 14713] mkdir("./bus", 0777) = 0 [pid 14708] ioctl(4, LOOP_CLR_FD) = 0 [pid 14708] close(4) = 0 [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14704] <... futex resumed>) = 0 [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14708] <... futex resumed>) = 1 [pid 14708] chdir("./file0" [pid 14713] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... umount2 resumed>) = 0 [pid 14714] <... ioctl resumed>) = 0 [pid 14714] close(3) = 0 [pid 14714] mkdir("./bus", 0777) = 0 [pid 14714] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14708] <... chdir resumed>) = 0 [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14704] <... futex resumed>) = 0 [pid 407] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14708] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14708] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14704] <... futex resumed>) = 0 [pid 14708] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14708] <... open resumed>) = 4 [pid 407] lstat("./517/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./517/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./517/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./517/bus" [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14708] <... futex resumed>) = 1 [pid 14704] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14708] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14704] <... futex resumed>) = 0 [pid 407] close(3) = 0 [pid 14708] <... openat resumed>) = 5 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] rmdir("./517" [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14708] <... futex resumed>) = 1 [pid 407] mkdir("./518", 0777 [pid 14704] <... futex resumed>) = 0 [pid 14708] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14717 ./strace-static-x86_64: Process 14717 attached [pid 14717] set_robust_list(0x555555f755e0, 24) = 0 [pid 14717] chdir("./518") = 0 [pid 14717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14717] setpgid(0, 0) = 0 [pid 14717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14717] write(3, "1000", 4) = 4 [pid 14717] close(3) = 0 [pid 14717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14708] <... write resumed>) = 196608 [pid 14704] <... futex resumed>) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14717] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14717] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14717] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14718], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14718 [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14708] <... futex resumed>) = 0 [pid 14708] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14718 attached [pid 14704] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 14704] <... futex resumed>) = 1 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14708] <... futex resumed>) = 0 [pid 14708] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14708] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14718] memfd_create("syzkaller", 0) = 3 [pid 14718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14704] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14708] <... futex resumed>) = 0 [pid 14704] <... futex resumed>) = 1 [pid 412] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14708] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14708] <... open resumed>) = 6 [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14708] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14704] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] lstat("./520/bus", [pid 14708] <... futex resumed>) = 0 [pid 14704] <... futex resumed>) = 1 [pid 14708] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 259.929195][T14711] loop1: detected capacity change from 0 to 2048 [ 259.949656][T14708] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/527/bus supports timestamps until 2038 (0x7fffffff) [ 259.949699][T14713] loop2: detected capacity change from 0 to 2048 [ 259.963402][T14714] loop4: detected capacity change from 0 to 2048 [pid 412] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./520/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14708] <... write resumed>) = 1048576 [pid 412] getdents64(4, [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14708] <... futex resumed>) = 1 [pid 14704] <... futex resumed>) = 0 [pid 14708] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14704] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14708] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14704] <... futex resumed>) = 0 [pid 14708] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] close(4) = 0 [pid 412] rmdir("./520/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./520") = 0 [pid 412] mkdir("./521", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14725 [pid 14718] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14725 attached [pid 14725] set_robust_list(0x555555f755e0, 24) = 0 [pid 14725] chdir("./521") = 0 [pid 14725] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14725] setpgid(0, 0) = 0 [pid 14725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14725] write(3, "1000", 4) = 4 [pid 14725] close(3) = 0 [pid 14725] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14725] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14725] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14725] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14726], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14726 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14704] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14704] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14704] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 ./strace-static-x86_64: Process 14726 attached [pid 14713] <... mount resumed>) = 0 [pid 14711] <... mount resumed>) = 0 [pid 14704] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [ 260.014599][T14708] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.016936][T14714] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/524/bus supports timestamps until 2038 (0x7fffffff) [ 260.029267][T14711] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/523/bus supports timestamps until 2038 (0x7fffffff) [ 260.052189][T14713] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/518/bus supports timestamps until 2038 (0x7fffffff) [pid 14704] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14727], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14727 [pid 14704] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14704] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] <... write resumed>) = 1048576 [pid 14718] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14718] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14727 attached [pid 14726] set_robust_list(0x7f1c324369e0, 24 [pid 14714] <... mount resumed>) = 0 [pid 14713] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14711] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14708] <... openat resumed>) = 7 [pid 14727] set_robust_list(0x7f1c2a1159e0, 24 [pid 14726] <... set_robust_list resumed>) = 0 [pid 14713] <... openat resumed>) = 3 [pid 14711] <... openat resumed>) = 3 [pid 14708] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14727] <... set_robust_list resumed>) = 0 [pid 14726] memfd_create("syzkaller", 0 [pid 14713] chdir("./bus" [pid 14711] chdir("./bus" [pid 14708] <... futex resumed>) = 0 [pid 14727] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14726] <... memfd_create resumed>) = 3 [pid 14713] <... chdir resumed>) = 0 [pid 14711] <... chdir resumed>) = 0 [pid 14708] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14727] <... openat resumed>) = 8 [pid 14726] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14713] ioctl(4, LOOP_CLR_FD [pid 14711] ioctl(4, LOOP_CLR_FD [pid 14727] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... mmap resumed>) = 0x7f1c2a016000 [pid 14713] <... ioctl resumed>) = 0 [pid 14711] <... ioctl resumed>) = 0 [pid 14727] <... futex resumed>) = 1 [pid 14726] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14713] close(4 [pid 14711] close(4 [pid 14704] <... futex resumed>) = 0 [pid 14727] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14713] <... close resumed>) = 0 [pid 14711] <... close resumed>) = 0 [pid 14704] exit_group(0 [pid 14727] <... futex resumed>) = ? [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14708] <... futex resumed>) = ? [pid 14704] <... exit_group resumed>) = ? [pid 14727] +++ exited with 0 +++ [pid 14718] <... ioctl resumed>) = 0 [pid 14714] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14713] <... futex resumed>) = 1 [pid 14711] <... futex resumed>) = 1 [pid 14708] +++ exited with 0 +++ [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 14704] +++ exited with 0 +++ [pid 14726] <... write resumed>) = 1048576 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14711] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14704, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14713] chdir("./file0" [pid 14711] chdir("./file0" [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 14726] munmap(0x7f1c2a016000, 1048576 [pid 14718] close(3 [pid 14714] <... openat resumed>) = 3 [pid 14713] <... chdir resumed>) = 0 [pid 14711] <... chdir resumed>) = 0 [pid 14718] <... close resumed>) = 0 [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... restart_syscall resumed>) = 0 [pid 14713] <... futex resumed>) = 1 [pid 14711] <... futex resumed>) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 14718] mkdir("./bus", 0777 [pid 14714] chdir("./bus" [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... munmap resumed>) = 0 [pid 14713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14711] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 410] umount2("./527", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14726] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14718] <... mkdir resumed>) = 0 [pid 14714] <... chdir resumed>) = 0 [pid 14713] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14711] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14726] <... openat resumed>) = 4 [pid 14718] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14714] ioctl(4, LOOP_CLR_FD [pid 14726] ioctl(4, LOOP_SET_FD, 3 [pid 14714] <... ioctl resumed>) = 0 [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14714] close(4 [pid 14713] <... open resumed>) = 4 [pid 14711] <... open resumed>) = 4 [pid 410] openat(AT_FDCWD, "./527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14714] <... close resumed>) = 0 [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] <... futex resumed>) = 1 [pid 14711] <... futex resumed>) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 410] fstat(3, [pid 14714] <... futex resumed>) = 1 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] <... futex resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14714] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14711] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(3, [pid 14714] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14713] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14711] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] <... futex resumed>) = 0 [pid 14714] chdir("./file0" [pid 14713] <... openat resumed>) = 5 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14714] <... chdir resumed>) = 0 [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] <... openat resumed>) = 5 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] <... futex resumed>) = 1 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] <... futex resumed>) = 0 [pid 14705] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14714] <... futex resumed>) = 0 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] <... futex resumed>) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./527/binderfs", [pid 14714] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14711] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] <... futex resumed>) = 0 [pid 14705] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14714] <... open resumed>) = 4 [pid 14713] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14711] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14707] <... futex resumed>) = 0 [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] unlink("./527/binderfs" [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14714] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14726] <... ioctl resumed>) = 0 [pid 14726] close(3) = 0 [pid 14726] mkdir("./bus", 0777) = 0 [pid 14726] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14713] <... write resumed>) = 196608 [pid 14711] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] <... write resumed>) = 196608 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... unlink resumed>) = 0 [pid 14714] <... futex resumed>) = 0 [pid 14713] <... futex resumed>) = 1 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] <... futex resumed>) = 0 [pid 14705] <... futex resumed>) = 1 [pid 410] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14714] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] <... futex resumed>) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] <... openat resumed>) = 5 [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] <... futex resumed>) = 0 [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14707] <... futex resumed>) = 0 [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] <... futex resumed>) = 1 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] <... futex resumed>) = 0 [pid 14714] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14705] <... futex resumed>) = 0 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14713] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14711] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14713] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14711] <... mount resumed>) = 0 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14707] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 1 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] <... write resumed>) = 196608 [pid 14713] <... futex resumed>) = 0 [pid 14711] <... open resumed>) = 6 [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14714] <... futex resumed>) = 1 [pid 14705] <... futex resumed>) = 0 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14714] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14713] <... open resumed>) = 6 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... mount resumed>) = 0 [pid 14713] <... futex resumed>) = 1 [pid 14706] <... futex resumed>) = 0 [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... futex resumed>) = 1 [pid 14705] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 0 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] <... futex resumed>) = 0 [pid 14714] <... open resumed>) = 6 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] <... futex resumed>) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14705] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14714] <... futex resumed>) = 0 [pid 14711] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14711] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14707] <... futex resumed>) = 0 [pid 14705] <... futex resumed>) = 0 [pid 14711] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14711] <... write resumed>) = 1048576 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14707] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 260.063981][T14708] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 260.070538][T14718] loop0: detected capacity change from 0 to 2048 [ 260.095265][T14726] loop5: detected capacity change from 0 to 2048 [pid 14707] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 260.139779][T14711] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.157576][T14718] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/518/bus supports timestamps until 2038 (0x7fffffff) [ 260.157599][T14726] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/521/bus supports timestamps until 2038 (0x7fffffff) [pid 14711] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14718] <... mount resumed>) = 0 [pid 14714] <... write resumed>) = 1048576 [pid 14713] <... write resumed>) = 1048576 [pid 14706] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14706] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14706] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14706] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14706] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14732], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14732 [pid 14706] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14706] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] <... futex resumed>) = 0 [pid 14714] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14713] <... futex resumed>) = 0 [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14705] <... futex resumed>) = 0 [pid 14707] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14707] <... futex resumed>) = 0 [pid 14707] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14707] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14707] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14733], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14733 [pid 14707] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14707] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14718] chdir("./bus") = 0 [pid 14718] ioctl(4, LOOP_CLR_FD) = 0 [pid 14718] close(4./strace-static-x86_64: Process 14733 attached ./strace-static-x86_64: Process 14732 attached [pid 14711] <... openat resumed>) = 7 [pid 410] <... umount2 resumed>) = 0 [pid 14733] set_robust_list(0x7f1c2a1159e0, 24 [pid 14732] set_robust_list(0x7f1c2a1159e0, 24 [pid 14711] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14733] <... set_robust_list resumed>) = 0 [pid 14732] <... set_robust_list resumed>) = 0 [pid 14726] <... mount resumed>) = 0 [pid 14718] <... close resumed>) = 0 [pid 14714] <... openat resumed>) = 7 [pid 14711] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14733] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14732] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14711] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] lstat("./527/bus", [pid 14733] <... openat resumed>) = 8 [pid 14726] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... openat resumed>) = 3 [pid 14717] <... futex resumed>) = 0 [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] <... futex resumed>) = 1 [pid 14718] chdir("./file0" [pid 14726] chdir("./bus" [pid 14718] <... chdir resumed>) = 0 [pid 14726] <... chdir resumed>) = 0 [pid 14726] ioctl(4, LOOP_CLR_FD) = 0 [pid 14726] close(4 [pid 14706] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14706] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] <... futex resumed>) = 0 [pid 14706] <... futex resumed>) = 1 [pid 14713] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14706] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14714] <... futex resumed>) = 1 [pid 14705] <... futex resumed>) = 0 [pid 14726] <... close resumed>) = 0 [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14705] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14733] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14705] <... futex resumed>) = 0 [pid 410] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14733] <... futex resumed>) = 1 [pid 14707] <... futex resumed>) = 0 [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] <... futex resumed>) = 1 [pid 14717] <... futex resumed>) = 0 [pid 14714] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14733] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14707] exit_group(0 [pid 14705] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14733] <... futex resumed>) = ? [pid 14726] <... futex resumed>) = 1 [pid 14725] <... futex resumed>) = 0 [pid 14718] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... openat resumed>) = 8 [pid 14711] <... futex resumed>) = ? [pid 14707] <... exit_group resumed>) = ? [pid 410] openat(AT_FDCWD, "./527/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14733] +++ exited with 0 +++ [pid 14726] chdir("./file0" [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] <... open resumed>) = 4 [pid 14717] <... futex resumed>) = 0 [pid 14714] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... chdir resumed>) = 0 [pid 14725] <... futex resumed>) = 0 [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... futex resumed>) = 1 [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] <... futex resumed>) = 0 [pid 14714] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14726] <... futex resumed>) = 0 [pid 14725] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14718] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14726] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14711] +++ exited with 0 +++ [pid 14707] +++ exited with 0 +++ [pid 410] <... openat resumed>) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./527/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./527") = 0 [pid 410] mkdir("./528", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14734 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14707, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14705] <... futex resumed>) = 0 [ 260.177309][T14714] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.180976][T14711] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 260.205792][T14714] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 260.216122][T14732] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.231700][T14732] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 408] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 14734 attached ) = 0 [pid 408] umount2("./523", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./523/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./523/binderfs") = 0 [pid 408] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14717] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14705] exit_group(0 [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14714] <... futex resumed>) = ? [pid 14705] <... exit_group resumed>) = ? [pid 14726] <... open resumed>) = 4 [pid 14718] <... futex resumed>) = 0 [pid 14717] <... futex resumed>) = 1 [pid 14714] +++ exited with 0 +++ [pid 14732] <... openat resumed>) = 7 [pid 14705] +++ exited with 0 +++ [pid 14718] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14713] <... openat resumed>) = 8 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14705, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 14732] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14732] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... restart_syscall resumed>) = 0 [pid 411] umount2("./524", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14726] <... futex resumed>) = 1 [pid 14725] <... futex resumed>) = 0 [pid 14718] <... openat resumed>) = 5 [pid 14713] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14726] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] <... futex resumed>) = 1 [pid 14706] <... futex resumed>) = 0 [pid 411] lstat("./524/binderfs", [pid 14726] <... openat resumed>) = 5 [pid 14725] <... futex resumed>) = 0 [pid 14718] <... futex resumed>) = 1 [pid 14717] <... futex resumed>) = 0 [pid 14713] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14706] exit_group(0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14732] <... futex resumed>) = ? [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14713] <... futex resumed>) = ? [pid 14706] <... exit_group resumed>) = ? [pid 411] unlink("./524/binderfs" [pid 14732] +++ exited with 0 +++ [pid 411] <... unlink resumed>) = 0 [pid 411] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14725] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14717] <... futex resumed>) = 0 [pid 14726] <... futex resumed>) = 0 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14713] +++ exited with 0 +++ [pid 14706] +++ exited with 0 +++ [pid 14726] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14725] <... futex resumed>) = 0 [pid 14718] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14706, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14726] <... write resumed>) = 196608 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14718] <... write resumed>) = 196608 [pid 409] lstat("./518/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./518/binderfs") = 0 [pid 409] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14734] set_robust_list(0x555555f755e0, 24) = 0 [pid 14734] chdir("./528") = 0 [pid 14734] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14734] setpgid(0, 0) = 0 [pid 14734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14734] write(3, "1000", 4) = 4 [pid 14734] close(3) = 0 [pid 14734] symlink("/dev/binderfs", "./binderfs" [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] <... symlink resumed>) = 0 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14734] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14734] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14734] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14735], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14735 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] <... futex resumed>) = 1 [pid 14717] <... futex resumed>) = 0 [pid 14725] <... futex resumed>) = 0 [pid 14718] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... futex resumed>) = 1 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14717] <... futex resumed>) = 0 [pid 14726] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14725] <... futex resumed>) = 0 [pid 14718] <... mount resumed>) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14726] <... mount resumed>) = 0 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14725] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14726] <... futex resumed>) = 0 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] <... futex resumed>) = 1 [pid 14717] <... futex resumed>) = 0 [pid 14726] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14725] <... futex resumed>) = 0 [pid 14718] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... open resumed>) = 6 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14717] <... futex resumed>) = 0 [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14725] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14726] <... futex resumed>) = 0 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14725] <... futex resumed>) = 0 [pid 14718] <... open resumed>) = 6 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14735 attached [pid 14735] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14718] <... futex resumed>) = 1 [pid 14717] <... futex resumed>) = 0 [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14717] <... futex resumed>) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14735] memfd_create("syzkaller", 0) = 3 [pid 14735] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14735] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14735] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14735] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14735] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14735] close(3) = 0 [pid 14735] mkdir("./bus", 0777) = 0 [pid 14735] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14726] <... write resumed>) = 1048576 [pid 14735] <... mount resumed>) = 0 [pid 14718] <... write resumed>) = 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 411] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./524/bus", [pid 409] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] lstat("./523/bus", [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./524/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./523/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 4 [pid 408] <... openat resumed>) = 4 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] fstat(4, [pid 408] fstat(4, [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 408] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] lstat("./518/bus", [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 408] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 408] close(4 [pid 411] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14725] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] rmdir("./524/bus" [pid 408] rmdir("./523/bus" [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 409] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... rmdir resumed>) = 0 [pid 14725] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] getdents64(3, [pid 408] getdents64(3, [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14725] <... futex resumed>) = 0 [pid 411] close(3 [pid 14717] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] close(3 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 14717] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] rmdir("./524" [pid 408] rmdir("./523" [pid 14726] <... futex resumed>) = 1 [pid 14725] <... futex resumed>) = 0 [pid 14718] <... futex resumed>) = 1 [pid 14717] <... futex resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... rmdir resumed>) = 0 [pid 411] mkdir("./525", 0777 [pid 408] mkdir("./524", 0777 [pid 14726] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 14718] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 411] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "./518/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 411] <... openat resumed>) = 3 [pid 408] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 408] ioctl(3, LOOP_CLR_FD [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 408] close(3 [pid 411] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14738 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14739 [pid 14735] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14735] chdir("./bus") = 0 [pid 14735] ioctl(4, LOOP_CLR_FD) = 0 [pid 14735] close(4) = 0 [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 260.284839][T14735] loop3: detected capacity change from 0 to 2048 [ 260.302497][T14735] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/528/bus supports timestamps until 2038 (0x7fffffff) [pid 14735] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14739 attached ./strace-static-x86_64: Process 14738 attached [pid 14734] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 4 [pid 14739] set_robust_list(0x555555f755e0, 24 [pid 14738] set_robust_list(0x555555f755e0, 24 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14726] <... openat resumed>) = 7 [pid 409] fstat(4, [pid 14738] <... set_robust_list resumed>) = 0 [pid 14735] <... futex resumed>) = 0 [pid 14734] <... futex resumed>) = 1 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14738] chdir("./525" [pid 14735] chdir("./file0" [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] getdents64(4, [pid 14738] <... chdir resumed>) = 0 [pid 14735] <... chdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14738] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(4, [pid 14738] <... prctl resumed>) = 0 [pid 14735] <... futex resumed>) = 1 [pid 14734] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14738] setpgid(0, 0 [pid 14735] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] close(4 [pid 14738] <... setpgid resumed>) = 0 [pid 14735] <... open resumed>) = 4 [pid 14734] <... futex resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] rmdir("./518/bus" [pid 14738] <... openat resumed>) = 3 [pid 14735] <... futex resumed>) = 0 [pid 14734] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... rmdir resumed>) = 0 [pid 14738] write(3, "1000", 4 [pid 14735] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, [pid 14738] <... write resumed>) = 4 [pid 14735] <... openat resumed>) = 5 [pid 14734] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14738] close(3 [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] close(3 [pid 14738] <... close resumed>) = 0 [pid 14735] <... futex resumed>) = 0 [pid 14734] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... close resumed>) = 0 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14738] symlink("/dev/binderfs", "./binderfs" [pid 14735] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 409] rmdir("./518" [pid 14739] <... set_robust_list resumed>) = 0 [pid 14738] <... symlink resumed>) = 0 [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... rmdir resumed>) = 0 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] mkdir("./519", 0777 [pid 14739] chdir("./524" [pid 14738] <... futex resumed>) = 0 [pid 14735] <... write resumed>) = 196608 [pid 14726] <... futex resumed>) = 1 [pid 14725] <... futex resumed>) = 0 [pid 14718] <... openat resumed>) = 7 [pid 14725] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... mkdir resumed>) = 0 [pid 14738] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14725] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14735] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14718] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14726] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14717] <... futex resumed>) = 0 [pid 14725] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14734] <... futex resumed>) = 0 [pid 14717] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14738] <... mmap resumed>) = 0x7f1c32416000 [pid 14739] <... chdir resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 14738] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14717] <... futex resumed>) = 1 [pid 14718] <... futex resumed>) = 0 [pid 14717] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14738] <... mprotect resumed>) = 0 [pid 14734] <... futex resumed>) = 1 [pid 409] ioctl(3, LOOP_CLR_FD [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14718] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14738] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14718] <... openat resumed>) = 8 [pid 409] close(3 [pid 14738] <... clone resumed>, parent_tid=[14740], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14740 [pid 14718] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14717] <... futex resumed>) = 0 [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14718] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... close resumed>) = 0 [pid 14739] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14739] setpgid(0, 0 [pid 14726] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14739] <... setpgid resumed>) = 0 [pid 14726] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14739] write(3, "1000", 4) = 4 [pid 14739] close(3) = 0 [pid 14739] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14739] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14739] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14741], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14741 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14741 attached [pid 14741] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14741] memfd_create("syzkaller", 0) = 3 [pid 14741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14725] <... futex resumed>) = 0 [pid 14717] exit_group(0 [pid 14725] exit_group(0 [pid 14726] <... futex resumed>) = ? [pid 14725] <... exit_group resumed>) = ? [pid 14717] <... exit_group resumed>) = ? [pid 14738] <... futex resumed>) = 0 [pid 14726] +++ exited with 0 +++ [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14718] <... futex resumed>) = ? [pid 14718] +++ exited with 0 +++ [pid 14725] +++ exited with 0 +++ [pid 14717] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14717, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14725, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./521", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14742 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] openat(AT_FDCWD, "./521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... openat resumed>) = 3 [pid 412] <... openat resumed>) = 3 [pid 407] fstat(3, [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 407] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 260.323027][T14726] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.327415][T14718] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.344056][T14726] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 260.351085][T14718] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./521/binderfs", [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] lstat("./518/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./521/binderfs" [pid 407] unlink("./518/binderfs" [pid 412] <... unlink resumed>) = 0 [pid 407] <... unlink resumed>) = 0 [pid 412] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14741] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14742 attached [pid 14742] set_robust_list(0x555555f755e0, 24) = 0 [pid 14742] chdir("./519") = 0 [pid 14742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14742] setpgid(0, 0) = 0 [pid 14742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14742] write(3, "1000", 4) = 4 [pid 14742] close(3) = 0 [pid 14742] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14742] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14742] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14742] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14743], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14743 [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14741] <... write resumed>) = 1048576 [pid 14741] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14741] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14741] ioctl(4, LOOP_SET_FD, 3 [pid 14735] <... futex resumed>) = 0 [pid 14735] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] <... futex resumed>) = 0 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14735] <... futex resumed>) = 1 [pid 14735] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] <... futex resumed>) = 0 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14735] <... futex resumed>) = 1 [pid 14735] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 14740 attached ./strace-static-x86_64: Process 14743 attached [pid 14741] <... ioctl resumed>) = 0 [pid 14741] close(3 [pid 14740] set_robust_list(0x7f1c324369e0, 24 [pid 14741] <... close resumed>) = 0 [pid 14740] <... set_robust_list resumed>) = 0 [pid 14741] mkdir("./bus", 0777) = 0 [pid 14740] memfd_create("syzkaller", 0 [pid 14741] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14740] <... memfd_create resumed>) = 3 [pid 14740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14740] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14743] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14743] memfd_create("syzkaller", 0) = 3 [pid 14743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14743] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14740] <... write resumed>) = 1048576 [pid 14740] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14740] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14740] ioctl(4, LOOP_SET_FD, 3 [pid 14743] <... write resumed>) = 1048576 [pid 14743] munmap(0x7f1c2a016000, 1048576 [pid 14740] <... ioctl resumed>) = 0 [pid 14743] <... munmap resumed>) = 0 [pid 14740] close(3 [pid 14735] <... write resumed>) = 1048576 [pid 14743] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14743] ioctl(4, LOOP_SET_FD, 3 [pid 14741] <... mount resumed>) = 0 [pid 14740] <... close resumed>) = 0 [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] mkdir("./bus", 0777) = 0 [pid 14740] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14741] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14735] <... futex resumed>) = 1 [pid 14735] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14741] chdir("./bus") = 0 [pid 14741] ioctl(4, LOOP_CLR_FD) = 0 [pid 14741] close(4) = 0 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] <... futex resumed>) = 0 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14741] <... futex resumed>) = 1 [pid 14741] chdir("./file0") = 0 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] <... futex resumed>) = 0 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14741] <... futex resumed>) = 1 [pid 14741] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [ 260.385958][T14741] loop1: detected capacity change from 0 to 2048 [ 260.409920][T14740] loop4: detected capacity change from 0 to 2048 [ 260.418240][T14741] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/524/bus supports timestamps until 2038 (0x7fffffff) [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] <... futex resumed>) = 0 [pid 14743] <... ioctl resumed>) = 0 [pid 14741] <... futex resumed>) = 1 [pid 14739] <... futex resumed>) = 0 [pid 14734] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14734] <... futex resumed>) = 1 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14734] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] close(3) = 0 [pid 14743] mkdir("./bus", 0777 [pid 14741] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14735] <... futex resumed>) = 0 [pid 14735] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14743] <... mkdir resumed>) = 0 [pid 14743] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14741] <... openat resumed>) = 5 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] <... futex resumed>) = 0 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14741] <... futex resumed>) = 1 [pid 14741] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 412] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 412] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./521/bus", [pid 407] lstat("./518/bus", [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./518/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./521/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] openat(AT_FDCWD, "./518/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... openat resumed>) = 4 [pid 407] <... openat resumed>) = 4 [pid 412] fstat(4, [pid 407] fstat(4, [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 407] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, [pid 407] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4 [pid 407] close(4 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 412] rmdir("./521/bus" [pid 407] rmdir("./518/bus" [pid 412] <... rmdir resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 407] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 407] close(3 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 412] rmdir("./521" [pid 407] rmdir("./518" [pid 412] <... rmdir resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 412] mkdir("./522", 0777 [pid 407] mkdir("./519", 0777 [pid 412] <... mkdir resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 412] <... openat resumed>) = 3 [pid 407] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 407] ioctl(3, LOOP_CLR_FD [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 407] close(3 [pid 412] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14746 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14747 [pid 14741] <... write resumed>) = 196608 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] <... futex resumed>) = 0 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14741] <... futex resumed>) = 1 ./strace-static-x86_64: Process 14747 attached [pid 14741] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14747] set_robust_list(0x555555f755e0, 24 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14747] <... set_robust_list resumed>) = 0 [pid 14739] <... futex resumed>) = 0 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14747] chdir("./519" [pid 14741] <... futex resumed>) = 1 [pid 14741] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14747] <... chdir resumed>) = 0 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] <... futex resumed>) = 0 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14747] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14741] <... futex resumed>) = 1 [pid 14741] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14747] <... prctl resumed>) = 0 [pid 14747] setpgid(0, 0) = 0 [pid 14747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 14746 attached [pid 14747] write(3, "1000", 4 [pid 14746] set_robust_list(0x555555f755e0, 24 [pid 14747] <... write resumed>) = 4 [pid 14747] close(3) = 0 [pid 14747] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14746] <... set_robust_list resumed>) = 0 [pid 14746] chdir("./522") = 0 [pid 14746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14746] setpgid(0, 0 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] <... setpgid resumed>) = 0 [pid 14747] <... futex resumed>) = 0 [pid 14747] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14747] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14747] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14746] <... openat resumed>) = 3 [ 260.419840][T14743] loop2: detected capacity change from 0 to 2048 [ 260.439419][T14735] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14746] write(3, "1000", 4./strace-static-x86_64: Process 14751 attached [pid 14747] <... clone resumed>, parent_tid=[14751], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14751 [pid 14751] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] <... futex resumed>) = 0 [pid 14751] memfd_create("syzkaller", 0) = 3 [pid 14747] <... futex resumed>) = 1 [pid 14751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14751] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14734] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14751] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14734] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14751] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14751] ioctl(4, LOOP_SET_FD, 3 [pid 14741] <... write resumed>) = 1048576 [pid 14734] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14751] <... ioctl resumed>) = 0 [pid 14751] close(3) = 0 [pid 14751] mkdir("./bus", 0777) = 0 [pid 14751] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14740] <... mount resumed>) = 0 [pid 14740] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14740] chdir("./bus") = 0 [pid 14740] ioctl(4, LOOP_CLR_FD) = 0 [pid 14740] close(4) = 0 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14740] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14746] <... write resumed>) = 4 [pid 14746] close(3) = 0 [pid 14746] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14746] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14746] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14746] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14753], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14753 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14753 attached [pid 14753] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14753] memfd_create("syzkaller", 0) = 3 [pid 14753] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14753] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14739] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14738] <... futex resumed>) = 0 [pid 14734] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14739] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14739] <... futex resumed>) = 0 [pid 14740] <... futex resumed>) = 0 [pid 14738] <... futex resumed>) = 1 [pid 14739] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14740] chdir("./file0" [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14739] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14740] <... chdir resumed>) = 0 [pid 14739] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14734] <... mprotect resumed>) = 0 [pid 14739] <... mprotect resumed>) = 0 [pid 14734] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14740] <... futex resumed>) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14734] <... clone resumed>, parent_tid=[14755], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14755 [pid 14739] <... clone resumed>, parent_tid=[14754], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14754 [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14738] <... futex resumed>) = 0 [pid 14740] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14739] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14734] <... futex resumed>) = 0 [pid 14741] <... futex resumed>) = 0 [pid 14740] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14739] <... futex resumed>) = 0 [pid 14734] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14741] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14739] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14740] <... open resumed>) = 4 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14740] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14738] <... futex resumed>) = 0 [pid 14740] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14740] <... openat resumed>) = 5 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14740] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14738] <... futex resumed>) = 0 [pid 14740] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 14754 attached [pid 14754] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 260.477962][T14740] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/525/bus supports timestamps until 2038 (0x7fffffff) [ 260.494066][T14751] loop0: detected capacity change from 0 to 2048 [ 260.496601][T14743] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/519/bus supports timestamps until 2038 (0x7fffffff) [pid 14754] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14740] <... write resumed>) = 196608 [pid 14753] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14753] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14753] ioctl(4, LOOP_SET_FD, 3 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14738] <... futex resumed>) = 0 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] <... mount resumed>) = 0 [pid 14743] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14743] chdir("./bus") = 0 [pid 14743] ioctl(4, LOOP_CLR_FD) = 0 [pid 14743] close(4) = 0 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14742] <... futex resumed>) = 0 [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] <... futex resumed>) = 1 [pid 14743] chdir("./file0" [pid 14740] <... mount resumed>) = 0 [pid 14743] <... chdir resumed>) = 0 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14742] <... futex resumed>) = 0 [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] <... futex resumed>) = 1 [pid 14743] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... ioctl resumed>) = 0 [pid 14753] close(3) = 0 [pid 14740] <... futex resumed>) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14753] mkdir("./bus", 0777 [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14740] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 14755 attached [pid 14753] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14755] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14740] <... open resumed>) = 6 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14738] <... futex resumed>) = 0 [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14740] <... futex resumed>) = 1 [pid 14740] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14735] <... openat resumed>) = 7 [pid 14735] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14735] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14755] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14754] <... openat resumed>) = 7 [pid 14755] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14754] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14755] <... futex resumed>) = 1 [pid 14754] <... futex resumed>) = 1 [pid 14755] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [ 260.518112][T14754] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.518513][T14735] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 260.532834][T14753] loop5: detected capacity change from 0 to 2048 [ 260.550722][T14754] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 260.560650][T14751] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/519/bus supports timestamps until 2038 (0x7fffffff) [pid 14754] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14743] <... open resumed>) = 4 [pid 14740] <... write resumed>) = 1048576 [pid 14739] <... futex resumed>) = 0 [pid 14734] <... futex resumed>) = 0 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14739] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14734] exit_group(0 [pid 14755] <... futex resumed>) = ? [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 14741] <... futex resumed>) = 0 [pid 14740] <... futex resumed>) = 1 [pid 14739] <... futex resumed>) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14734] <... exit_group resumed>) = ? [pid 14755] +++ exited with 0 +++ [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14741] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14740] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14739] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [pid 14741] <... openat resumed>) = 8 [pid 14738] <... futex resumed>) = 0 [pid 14735] <... futex resumed>) = ? [pid 14741] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14741] <... futex resumed>) = 1 [pid 14739] <... futex resumed>) = 0 [pid 14741] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14739] exit_group(0 [pid 14754] <... futex resumed>) = ? [pid 14741] <... futex resumed>) = ? [pid 14739] <... exit_group resumed>) = ? [pid 14754] +++ exited with 0 +++ [pid 14741] +++ exited with 0 +++ [pid 14743] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14739] +++ exited with 0 +++ [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14735] +++ exited with 0 +++ [pid 14734] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14739, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 408] umount2("./524", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./524/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./524/binderfs") = 0 [pid 408] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] <... mount resumed>) = 0 [pid 14743] <... openat resumed>) = 5 [pid 14751] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14734, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14751] <... openat resumed>) = 3 [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 14751] chdir("./bus" [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] <... chdir resumed>) = 0 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [pid 410] umount2("./528", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] ioctl(4, LOOP_CLR_FD [pid 14743] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14751] <... ioctl resumed>) = 0 [pid 14743] <... write resumed>) = 196608 [pid 410] openat(AT_FDCWD, "./528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14751] close(4 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 14751] <... close resumed>) = 0 [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 410] fstat(3, [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [pid 410] getdents64(3, [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [pid 14743] <... mount resumed>) = 0 [pid 410] umount2("./528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] chdir("./file0" [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14751] <... chdir resumed>) = 0 [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 410] lstat("./528/binderfs", [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [pid 410] unlink("./528/binderfs" [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... unlink resumed>) = 0 [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [pid 14743] <... open resumed>) = 6 [pid 410] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14742] <... futex resumed>) = 0 [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [ 260.578323][T14740] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.597349][T14740] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14743] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14751] <... open resumed>) = 4 [pid 14743] <... write resumed>) = 1048576 [pid 14740] <... openat resumed>) = 7 [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 14740] <... futex resumed>) = 1 [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [pid 14751] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... mount resumed>) = 0 [pid 14751] <... openat resumed>) = 5 [pid 14738] <... futex resumed>) = 0 [pid 14753] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14738] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... openat resumed>) = 3 [pid 14740] <... futex resumed>) = 0 [pid 14738] <... futex resumed>) = 1 [pid 14753] chdir("./bus" [pid 14740] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14738] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... chdir resumed>) = 0 [pid 14740] <... openat resumed>) = 8 [pid 14753] ioctl(4, LOOP_CLR_FD [pid 14740] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... ioctl resumed>) = 0 [pid 14740] <... futex resumed>) = 1 [pid 14738] <... futex resumed>) = 0 [pid 14753] close(4 [pid 14740] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14738] exit_group(0 [pid 14753] <... close resumed>) = 0 [pid 14740] <... futex resumed>) = ? [pid 14738] <... exit_group resumed>) = ? [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14740] +++ exited with 0 +++ [pid 14738] +++ exited with 0 +++ [pid 14753] <... futex resumed>) = 1 [pid 14746] <... futex resumed>) = 0 [pid 14753] chdir("./file0" [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... chdir resumed>) = 0 [pid 14746] <... futex resumed>) = 0 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... futex resumed>) = 0 [pid 14746] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14753] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... open resumed>) = 4 [pid 14746] <... futex resumed>) = 0 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... futex resumed>) = 0 [pid 14746] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14753] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... openat resumed>) = 5 [pid 14746] <... futex resumed>) = 0 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... futex resumed>) = 0 [pid 14746] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14753] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14753] <... write resumed>) = 196608 [pid 14746] <... futex resumed>) = 0 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] <... futex resumed>) = 0 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... futex resumed>) = 1 [pid 14753] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] <... futex resumed>) = 0 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... futex resumed>) = 1 [pid 14753] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] <... futex resumed>) = 0 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14753] <... futex resumed>) = 1 [pid 14753] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14738, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [pid 411] umount2("./525", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14751] <... write resumed>) = 196608 [pid 411] openat(AT_FDCWD, "./525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 14753] <... write resumed>) = 1048576 [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] <... openat resumed>) = 7 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 14751] <... mount resumed>) = 0 [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14742] <... futex resumed>) = 0 [pid 411] umount2("./525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14743] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14742] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] <... futex resumed>) = 0 [pid 14743] <... openat resumed>) = 8 [pid 411] lstat("./525/binderfs", [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14751] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14746] <... futex resumed>) = 0 [pid 14743] <... futex resumed>) = 1 [pid 14742] <... futex resumed>) = 0 [pid 411] unlink("./525/binderfs" [pid 14753] <... futex resumed>) = 1 [pid 14751] <... open resumed>) = 6 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14743] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14742] exit_group(0 [pid 411] <... unlink resumed>) = 0 [pid 14753] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14743] <... futex resumed>) = ? [pid 14742] <... exit_group resumed>) = ? [pid 411] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14743] +++ exited with 0 +++ [pid 14742] +++ exited with 0 +++ [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14747] <... futex resumed>) = 0 [ 260.619371][T14753] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/522/bus supports timestamps until 2038 (0x7fffffff) [ 260.622744][T14743] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.652190][T14743] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 260.664803][T14753] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14751] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 410] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14742, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... restart_syscall resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./524/bus", [pid 410] lstat("./528/bus", [pid 409] umount2("./519", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] openat(AT_FDCWD, "./519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... openat resumed>) = 3 [pid 410] openat(AT_FDCWD, "./528/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] fstat(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 4 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] openat(AT_FDCWD, "./524/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] fstat(4, [pid 409] getdents64(3, [pid 408] <... openat resumed>) = 4 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] fstat(4, [pid 410] getdents64(4, [pid 409] umount2("./519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] getdents64(4, [pid 409] lstat("./519/binderfs", [pid 408] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] close(4 [pid 409] unlink("./519/binderfs" [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] <... close resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] getdents64(4, [pid 14753] <... openat resumed>) = 7 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14753] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] rmdir("./528/bus" [pid 14746] <... futex resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./528") = 0 [pid 14746] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] mkdir("./529", 0777 [pid 408] close(4 [pid 14746] <... futex resumed>) = 1 [pid 14746] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... mkdir resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 408] rmdir("./524/bus" [pid 410] <... openat resumed>) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14760 [pid 14753] <... futex resumed>) = 0 [pid 14753] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14753] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14746] <... futex resumed>) = 0 [pid 408] getdents64(3, [pid 14753] <... futex resumed>) = 1 [pid 14753] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14760 attached [pid 14760] set_robust_list(0x555555f755e0, 24) = 0 [pid 14760] chdir("./529") = 0 [pid 14746] exit_group(0) = ? [pid 14753] <... futex resumed>) = 230 [pid 14753] +++ exited with 0 +++ [pid 14746] +++ exited with 0 +++ [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14746, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] close(3 [pid 14751] <... write resumed>) = 1048576 [pid 408] <... close resumed>) = 0 [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] rmdir("./524" [pid 14751] <... futex resumed>) = 1 [pid 14747] <... futex resumed>) = 0 [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14751] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] mkdir("./525", 0777) = 0 [pid 14760] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14760] setpgid(0, 0) = 0 [pid 14760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14760] write(3, "1000", 4) = 4 [pid 14760] close(3) = 0 [pid 14760] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14760] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14760] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14760] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14761], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14761 [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14761 attached [pid 14761] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14761] memfd_create("syzkaller", 0) = 3 [pid 14761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14761] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14761] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14761] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14761] ioctl(4, LOOP_SET_FD, 3 [pid 412] umount2("./522", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 412] openat(AT_FDCWD, "./522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... openat resumed>) = 3 [pid 14761] <... ioctl resumed>) = 0 [pid 14761] close(3) = 0 [pid 14761] mkdir("./bus", 0777 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... openat resumed>) = 3 [pid 411] lstat("./525/bus", [pid 408] ioctl(3, LOOP_CLR_FD [pid 412] fstat(3, [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14761] <... mkdir resumed>) = 0 [pid 14761] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] close(3 [pid 412] getdents64(3, [pid 411] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... close resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] umount2("./522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] openat(AT_FDCWD, "./525/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... openat resumed>) = 4 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14762 [pid 412] lstat("./522/binderfs", [pid 411] fstat(4, [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] unlink("./522/binderfs" [ 260.680213][T14753] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 260.706498][T14751] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.720630][T14761] loop3: detected capacity change from 0 to 2048 [pid 411] getdents64(4, [pid 412] <... unlink resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./525/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./525") = 0 [pid 411] mkdir("./526", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14763 [pid 14751] <... openat resumed>) = 7 [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14747] <... futex resumed>) = 0 [pid 14751] <... futex resumed>) = 1 [pid 14747] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14751] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14747] <... futex resumed>) = 0 [pid 14751] <... openat resumed>) = 8 [pid 14747] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14751] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14747] <... futex resumed>) = 0 [pid 14751] <... futex resumed>) = 1 [pid 14747] exit_group(0 [pid 14751] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 14747] <... exit_group resumed>) = ? [pid 14751] +++ exited with 0 +++ [pid 14747] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14747, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] umount2("./519", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./519/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./519/binderfs") = 0 ./strace-static-x86_64: Process 14762 attached [pid 14762] set_robust_list(0x555555f755e0, 24) = 0 [pid 14762] chdir("./525") = 0 [pid 14762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14762] setpgid(0, 0) = 0 [pid 14762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14762] write(3, "1000", 4) = 4 [pid 14762] close(3) = 0 [pid 14762] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 14763 attached [pid 14763] set_robust_list(0x555555f755e0, 24) = 0 [pid 14763] chdir("./526" [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14762] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14763] <... chdir resumed>) = 0 [pid 14762] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14763] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14762] <... mprotect resumed>) = 0 [pid 14763] <... prctl resumed>) = 0 [pid 14763] setpgid(0, 0 [pid 14762] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14763] <... setpgid resumed>) = 0 [pid 14763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14763] write(3, "1000", 4) = 4 [pid 14762] <... clone resumed>, parent_tid=[14766], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14766 [pid 14763] close(3 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14763] <... close resumed>) = 0 [pid 14762] <... futex resumed>) = 0 [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14763] symlink("/dev/binderfs", "./binderfs" [pid 407] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14763] <... symlink resumed>) = 0 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14763] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14763] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14763] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14767], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14767 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14766 attached [pid 14766] set_robust_list(0x7f1c324369e0, 24) = 0 ./strace-static-x86_64: Process 14767 attached [pid 14761] <... mount resumed>) = 0 [pid 14761] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14767] set_robust_list(0x7f1c324369e0, 24 [pid 14761] <... openat resumed>) = 3 [pid 14767] <... set_robust_list resumed>) = 0 [pid 14761] chdir("./bus" [pid 14767] memfd_create("syzkaller", 0 [pid 14761] <... chdir resumed>) = 0 [pid 14761] ioctl(4, LOOP_CLR_FD) = 0 [pid 14767] <... memfd_create resumed>) = 3 [pid 14761] close(4 [pid 14767] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14761] <... close resumed>) = 0 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14760] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14760] <... futex resumed>) = 0 [pid 14761] chdir("./file0" [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14761] <... chdir resumed>) = 0 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14760] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14760] <... futex resumed>) = 0 [pid 14761] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14761] <... open resumed>) = 4 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14760] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14760] <... futex resumed>) = 0 [pid 14761] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14761] <... openat resumed>) = 5 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14760] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14760] <... futex resumed>) = 0 [pid 14761] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14766] memfd_create("syzkaller", 0) = 3 [pid 14766] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14761] <... write resumed>) = 196608 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14760] <... futex resumed>) = 0 [pid 14761] <... futex resumed>) = 1 [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14760] <... futex resumed>) = 0 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14761] <... mount resumed>) = 0 [pid 14767] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14760] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14760] <... futex resumed>) = 0 [pid 14761] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14761] <... open resumed>) = 6 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14760] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14761] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14760] <... futex resumed>) = 0 [pid 14761] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14767] <... write resumed>) = 1048576 [pid 14766] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 14767] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14767] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 260.734140][T14751] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 260.753102][T14761] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/529/bus supports timestamps until 2038 (0x7fffffff) [pid 14767] ioctl(4, LOOP_SET_FD, 3 [pid 412] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] lstat("./519/bus", [pid 412] lstat("./522/bus", [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14767] <... ioctl resumed>) = 0 [pid 14766] <... write resumed>) = 1048576 [pid 14761] <... write resumed>) = 1048576 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14766] munmap(0x7f1c2a016000, 1048576 [pid 409] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] lstat("./519/bus", [pid 14766] <... munmap resumed>) = 0 [pid 14766] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14766] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14767] close(3 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "./522/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] openat(AT_FDCWD, "./519/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... openat resumed>) = 4 [pid 409] <... openat resumed>) = 4 [pid 412] fstat(4, [pid 409] fstat(4, [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 409] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, [pid 409] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4 [pid 409] close(4 [pid 412] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 412] rmdir("./522/bus" [pid 409] rmdir("./519/bus" [pid 412] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 409] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 409] close(3 [pid 412] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 412] rmdir("./522" [pid 409] rmdir("./519" [pid 412] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] mkdir("./523", 0777 [pid 409] mkdir("./520", 0777 [pid 412] <... mkdir resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 412] <... openat resumed>) = 3 [pid 409] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 409] ioctl(3, LOOP_CLR_FD [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 409] close(3 [pid 14767] <... close resumed>) = 0 [pid 14766] <... ioctl resumed>) = 0 [pid 14761] <... futex resumed>) = 1 [pid 14760] <... futex resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 407] umount2("./519/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14760] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14760] <... futex resumed>) = 0 [pid 14760] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14768 [pid 407] openat(AT_FDCWD, "./519/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./519/bus") = 0 [pid 407] getdents64(3, [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14769 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./519") = 0 [pid 407] mkdir("./520", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14770 [pid 14767] mkdir("./bus", 0777) = 0 [pid 14767] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14766] close(3 [pid 14761] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14766] <... close resumed>) = 0 ./strace-static-x86_64: Process 14768 attached [pid 14766] mkdir("./bus", 0777 [pid 14768] set_robust_list(0x555555f755e0, 24 [pid 14766] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 14770 attached [pid 14768] <... set_robust_list resumed>) = 0 [pid 14766] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [ 260.794331][T14767] loop4: detected capacity change from 0 to 2048 [ 260.812996][T14766] loop1: detected capacity change from 0 to 2048 [pid 14768] chdir("./520"./strace-static-x86_64: Process 14769 attached [pid 14770] set_robust_list(0x555555f755e0, 24 [pid 14768] <... chdir resumed>) = 0 [pid 14770] <... set_robust_list resumed>) = 0 [pid 14770] chdir("./520") = 0 [pid 14770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14770] setpgid(0, 0) = 0 [pid 14770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14770] write(3, "1000", 4) = 4 [pid 14770] close(3) = 0 [pid 14770] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14770] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14770] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14770] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14773], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14773 [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14769] set_robust_list(0x555555f755e0, 24) = 0 [pid 14769] chdir("./523") = 0 ./strace-static-x86_64: Process 14773 attached [pid 14769] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14768] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14773] set_robust_list(0x7f1c324369e0, 24 [pid 14768] <... prctl resumed>) = 0 [pid 14773] <... set_robust_list resumed>) = 0 [pid 14768] setpgid(0, 0 [pid 14773] memfd_create("syzkaller", 0 [pid 14768] <... setpgid resumed>) = 0 [pid 14773] <... memfd_create resumed>) = 3 [pid 14768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14773] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14768] <... openat resumed>) = 3 [pid 14773] <... mmap resumed>) = 0x7f1c2a016000 [pid 14768] write(3, "1000", 4) = 4 [pid 14768] close(3) = 0 [pid 14768] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14768] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14768] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14774], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14774 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14773] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14773] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14773] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14773] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14774 attached [pid 14769] <... prctl resumed>) = 0 [pid 14761] <... openat resumed>) = 7 [pid 14760] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14773] <... ioctl resumed>) = 0 [pid 14773] close(3) = 0 [pid 14773] mkdir("./bus", 0777) = 0 [pid 14773] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14767] <... mount resumed>) = 0 [pid 14767] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14767] chdir("./bus") = 0 [pid 14767] ioctl(4, LOOP_CLR_FD) = 0 [pid 14767] close(4 [pid 14769] setpgid(0, 0 [pid 14760] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14760] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14769] <... setpgid resumed>) = 0 [pid 14760] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14769] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14774] set_robust_list(0x7f1c324369e0, 24 [pid 14769] <... openat resumed>) = 3 [pid 14766] <... mount resumed>) = 0 [pid 14761] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14760] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14761] <... futex resumed>) = 0 [pid 14761] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14774] <... set_robust_list resumed>) = 0 [pid 14774] memfd_create("syzkaller", 0) = 3 [pid 14774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14760] <... mprotect resumed>) = 0 [pid 14760] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14766] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14766] chdir("./bus") = 0 [pid 14760] <... clone resumed>, parent_tid=[14778], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14778 [pid 14766] ioctl(4, LOOP_CLR_FD [pid 14760] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14769] write(3, "1000", 4 [pid 14766] <... ioctl resumed>) = 0 [pid 14769] <... write resumed>) = 4 [pid 14760] <... futex resumed>) = 0 [pid 14769] close(3 [pid 14760] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14769] <... close resumed>) = 0 [pid 14769] symlink("/dev/binderfs", "./binderfs" [pid 14766] close(4 [pid 14769] <... symlink resumed>) = 0 [pid 14766] <... close resumed>) = 0 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14762] <... futex resumed>) = 0 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14766] <... futex resumed>) = 1 [pid 14766] chdir("./file0" [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14769] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14769] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14769] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14779], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14779 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14774] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14779 attached [pid 14779] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14779] memfd_create("syzkaller", 0) = 3 [pid 14779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14774] <... write resumed>) = 1048576 [pid 14774] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14774] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 260.833036][T14761] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 260.847114][T14761] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 260.857097][T14767] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/526/bus supports timestamps until 2038 (0x7fffffff) [ 260.867643][T14773] loop0: detected capacity change from 0 to 2048 [ 260.871542][T14766] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/525/bus supports timestamps until 2038 (0x7fffffff) [pid 14774] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14778 attached [pid 14779] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14774] <... ioctl resumed>) = 0 [pid 14767] <... close resumed>) = 0 [pid 14766] <... chdir resumed>) = 0 [pid 14779] <... write resumed>) = 1048576 [pid 14774] close(3 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14774] <... close resumed>) = 0 [pid 14774] mkdir("./bus", 0777) = 0 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] <... futex resumed>) = 1 [pid 14762] <... futex resumed>) = 0 [pid 14774] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14767] <... futex resumed>) = 1 [pid 14766] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14763] <... futex resumed>) = 0 [pid 14762] <... futex resumed>) = 0 [pid 14779] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14779] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14763] <... futex resumed>) = 0 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14767] chdir("./file0" [pid 14779] <... openat resumed>) = 4 [pid 14766] <... open resumed>) = 4 [pid 14779] ioctl(4, LOOP_SET_FD, 3 [pid 14778] set_robust_list(0x7f1c2a1159e0, 24 [pid 14767] <... chdir resumed>) = 0 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14779] <... ioctl resumed>) = 0 [pid 14779] close(3) = 0 [pid 14779] mkdir("./bus", 0777) = 0 [pid 14779] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14778] <... set_robust_list resumed>) = 0 [pid 14778] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14778] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14778] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14767] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14766] <... futex resumed>) = 1 [pid 14766] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14760] <... futex resumed>) = 0 [pid 14763] <... futex resumed>) = 0 [pid 14762] <... futex resumed>) = 0 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14760] exit_group(0 [pid 14763] <... futex resumed>) = 1 [pid 14766] <... futex resumed>) = 0 [pid 14762] <... futex resumed>) = 1 [pid 14767] <... futex resumed>) = 0 [pid 14761] <... futex resumed>) = ? [pid 14760] <... exit_group resumed>) = ? [pid 14778] <... futex resumed>) = ? [pid 14773] <... mount resumed>) = 0 [pid 14767] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14766] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14761] +++ exited with 0 +++ [pid 14778] +++ exited with 0 +++ [pid 14773] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14767] <... open resumed>) = 4 [pid 14766] <... openat resumed>) = 5 [pid 14760] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14760, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] umount2("./529", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 260.911238][T14774] loop2: detected capacity change from 0 to 2048 [ 260.926356][T14779] loop5: detected capacity change from 0 to 2048 [ 260.932673][T14773] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/520/bus supports timestamps until 2038 (0x7fffffff) [pid 410] openat(AT_FDCWD, "./529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14773] <... openat resumed>) = 3 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./529/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./529/binderfs") = 0 [pid 410] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14774] <... mount resumed>) = 0 [pid 14774] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14774] chdir("./bus") = 0 [pid 14774] ioctl(4, LOOP_CLR_FD) = 0 [pid 14774] close(4) = 0 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] chdir("./file0") = 0 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14773] chdir("./bus" [pid 14767] <... futex resumed>) = 1 [pid 14766] <... futex resumed>) = 1 [pid 14763] <... futex resumed>) = 0 [pid 14762] <... futex resumed>) = 0 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14767] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14766] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] <... chdir resumed>) = 0 [pid 14763] <... futex resumed>) = 0 [pid 14762] <... futex resumed>) = 0 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14766] <... write resumed>) = 196608 [pid 14779] <... mount resumed>) = 0 [pid 14773] ioctl(4, LOOP_CLR_FD [pid 14767] <... openat resumed>) = 5 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] <... ioctl resumed>) = 0 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] <... futex resumed>) = 0 [pid 14763] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14762] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14766] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] close(4 [pid 14767] <... futex resumed>) = 0 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] <... close resumed>) = 0 [pid 14767] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14766] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14762] <... futex resumed>) = 0 [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14763] <... futex resumed>) = 0 [pid 14774] <... write resumed>) = 196608 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] <... futex resumed>) = 1 [pid 14770] <... futex resumed>) = 0 [pid 14768] <... futex resumed>) = 0 [pid 14767] <... write resumed>) = 196608 [pid 14766] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] chdir("./file0" [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14766] <... mount resumed>) = 0 [pid 14774] <... futex resumed>) = 1 [pid 14774] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14770] <... futex resumed>) = 0 [pid 14773] <... chdir resumed>) = 0 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14774] <... open resumed>) = 6 [pid 14773] <... futex resumed>) = 0 [pid 14770] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] <... futex resumed>) = 1 [pid 14762] <... futex resumed>) = 0 [pid 14773] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14767] <... futex resumed>) = 1 [pid 14766] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14763] <... futex resumed>) = 0 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14770] <... futex resumed>) = 0 [pid 14767] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14766] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14762] <... futex resumed>) = 0 [pid 14773] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14767] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14766] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14763] <... futex resumed>) = 0 [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14766] <... open resumed>) = 6 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] <... open resumed>) = 4 [pid 14767] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] <... futex resumed>) = 1 [pid 14762] <... futex resumed>) = 0 [pid 14773] <... futex resumed>) = 1 [pid 14770] <... futex resumed>) = 0 [pid 14767] <... mount resumed>) = 0 [pid 14766] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14773] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14770] <... futex resumed>) = 0 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14762] <... futex resumed>) = 0 [pid 14773] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14767] <... futex resumed>) = 1 [pid 14763] <... futex resumed>) = 0 [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] <... openat resumed>) = 5 [pid 14767] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14767] <... open resumed>) = 6 [pid 14763] <... futex resumed>) = 0 [pid 14773] <... futex resumed>) = 1 [pid 14770] <... futex resumed>) = 0 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14767] <... futex resumed>) = 0 [pid 14763] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14773] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14770] <... futex resumed>) = 0 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14767] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14763] <... futex resumed>) = 0 [pid 14773] <... write resumed>) = 196608 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14770] <... futex resumed>) = 0 [pid 14773] <... futex resumed>) = 1 [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14770] <... futex resumed>) = 0 [pid 14773] <... mount resumed>) = 0 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14770] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14773] <... futex resumed>) = 0 [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14770] <... futex resumed>) = 0 [pid 14773] <... open resumed>) = 6 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14770] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14773] <... futex resumed>) = 0 [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14770] <... futex resumed>) = 0 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14779] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14779] chdir("./bus") = 0 [ 260.951244][T14774] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/520/bus supports timestamps until 2038 (0x7fffffff) [ 260.954453][T14779] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/523/bus supports timestamps until 2038 (0x7fffffff) [pid 14779] ioctl(4, LOOP_CLR_FD) = 0 [pid 14779] close(4) = 0 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14769] <... futex resumed>) = 0 [pid 14779] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14774] <... write resumed>) = 1048576 [pid 14779] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14779] chdir("./file0" [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14769] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14779] <... chdir resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] <... futex resumed>) = 0 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] <... futex resumed>) = 1 [pid 14774] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14779] <... futex resumed>) = 1 [pid 14773] <... write resumed>) = 1048576 [pid 14769] <... futex resumed>) = 0 [pid 14767] <... write resumed>) = 1048576 [pid 14766] <... write resumed>) = 1048576 [pid 410] lstat("./529/bus", [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./529/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./529/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./529") = 0 [pid 410] mkdir("./530", 0777) = 0 [pid 14779] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 14779] <... open resumed>) = 4 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14769] <... futex resumed>) = 0 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14779] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14769] <... futex resumed>) = 0 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14779] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14762] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14762] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14762] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14762] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14762] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14787], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14787 [pid 14762] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14762] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14786 ./strace-static-x86_64: Process 14786 attached [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14763] <... futex resumed>) = 0 [pid 14763] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14763] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14773] <... futex resumed>) = 1 [pid 14779] <... futex resumed>) = 1 [pid 14770] <... futex resumed>) = 0 [pid 14769] <... futex resumed>) = 0 [pid 14767] <... futex resumed>) = 1 [pid 14766] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14770] <... futex resumed>) = 0 [pid 14769] <... futex resumed>) = 0 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14787 attached [pid 14786] set_robust_list(0x555555f755e0, 24 [pid 14779] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [ 261.040310][T14774] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 261.056108][T14774] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 261.060217][T14773] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14773] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14767] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14787] set_robust_list(0x7f1c2a1159e0, 24 [pid 14786] <... set_robust_list resumed>) = 0 [pid 14779] <... mount resumed>) = 0 [pid 14774] <... openat resumed>) = 7 [pid 14787] <... set_robust_list resumed>) = 0 [pid 14787] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14786] chdir("./530" [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14773] <... openat resumed>) = 7 [pid 14786] <... chdir resumed>) = 0 [pid 14779] <... futex resumed>) = 1 [pid 14774] <... futex resumed>) = 1 [pid 14786] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14779] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14774] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14786] <... prctl resumed>) = 0 [pid 14786] setpgid(0, 0) = 0 [pid 14786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14786] write(3, "1000", 4) = 4 [pid 14786] close(3) = 0 [pid 14786] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14786] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14786] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14786] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14788], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14788 [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14773] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14788 attached [pid 14770] <... futex resumed>) = 0 [pid 14769] <... futex resumed>) = 0 [pid 14768] <... futex resumed>) = 0 [pid 14763] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14762] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14788] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14788] memfd_create("syzkaller", 0) = 3 [pid 14788] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14788] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14770] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14768] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14763] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14762] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14766] <... futex resumed>) = 0 [pid 14762] <... futex resumed>) = 1 [pid 14768] <... futex resumed>) = 1 [pid 14766] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14763] <... futex resumed>) = 0 [pid 14769] <... futex resumed>) = 1 [pid 14779] <... futex resumed>) = 0 [pid 14773] <... futex resumed>) = 0 [pid 14770] <... futex resumed>) = 1 [pid 14768] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14763] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14762] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14779] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14773] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14770] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14763] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14779] <... open resumed>) = 6 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14774] <... futex resumed>) = 0 [pid 14773] <... openat resumed>) = 8 [pid 14767] <... openat resumed>) = 7 [pid 14763] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14779] <... futex resumed>) = 1 [pid 14773] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14769] <... futex resumed>) = 0 [pid 14767] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14763] <... mprotect resumed>) = 0 [pid 14779] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14773] <... futex resumed>) = 1 [pid 14770] <... futex resumed>) = 0 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14779] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14763] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14779] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14773] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14770] exit_group(0 [pid 14769] <... futex resumed>) = 0 [pid 14767] <... futex resumed>) = 0 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14774] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14774] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14774] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14766] <... openat resumed>) = 8 [pid 14766] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14762] <... futex resumed>) = 0 [pid 14766] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14787] <... openat resumed>) = 7 [pid 14787] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14787] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14762] exit_group(0 [pid 14766] <... futex resumed>) = ? [pid 14762] <... exit_group resumed>) = ? [pid 14766] +++ exited with 0 +++ [pid 14787] <... futex resumed>) = ? [pid 14768] <... futex resumed>) = 0 [pid 14770] <... exit_group resumed>) = ? [pid 14773] <... futex resumed>) = ? [pid 14768] exit_group(0 [pid 14773] +++ exited with 0 +++ [pid 14770] +++ exited with 0 +++ [pid 14787] +++ exited with 0 +++ [pid 14762] +++ exited with 0 +++ [pid 14788] <... write resumed>) = 1048576 [pid 14788] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14788] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 261.066505][T14787] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 261.078736][T14773] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 261.093435][T14767] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 261.109604][T14787] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 261.115512][T14767] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14788] ioctl(4, LOOP_SET_FD, 3 [pid 14768] <... exit_group resumed>) = ? [pid 14763] <... clone resumed>, parent_tid=[14789], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14789 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14762, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14774] <... futex resumed>) = ? [pid 14774] +++ exited with 0 +++ [pid 14788] <... ioctl resumed>) = 0 [pid 14788] close(3) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14770, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 14788] mkdir("./bus", 0777 [pid 14768] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14768, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14763] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] umount2("./520", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14763] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] umount2("./520", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] lstat("./520/binderfs", [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] umount2("./525", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] openat(AT_FDCWD, "./520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... openat resumed>) = 3 [pid 408] openat(AT_FDCWD, "./525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] fstat(3, [pid 407] unlink("./520/binderfs" [pid 408] <... openat resumed>) = 3 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] fstat(3, [pid 409] getdents64(3, [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... unlink resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] getdents64(3, [pid 407] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] lstat("./520/binderfs", [pid 408] umount2("./525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./525/binderfs", [pid 409] unlink("./520/binderfs" [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... unlink resumed>) = 0 [pid 408] unlink("./525/binderfs" [pid 409] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14788] <... mkdir resumed>) = 0 [pid 14788] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14789 attached [pid 14789] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14789] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14789] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14789] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14767] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14763] <... futex resumed>) = 0 [pid 14763] exit_group(0) = ? [pid 14767] <... futex resumed>) = ? [pid 14767] +++ exited with 0 +++ [pid 14789] <... futex resumed>) = ? [pid 14789] +++ exited with 0 +++ [pid 14763] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14763, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./526", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./526/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./526/binderfs") = 0 [pid 411] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./520/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./520/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14779] <... write resumed>) = 1048576 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 4 [pid 14769] <... futex resumed>) = 0 [pid 14779] <... futex resumed>) = 1 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14779] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] fstat(4, [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./520/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./520") = 0 [pid 409] mkdir("./521", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = 0 [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14792 ./strace-static-x86_64: Process 14792 attached [pid 14792] set_robust_list(0x555555f755e0, 24) = 0 [pid 14792] chdir("./521") = 0 [pid 14792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14792] setpgid(0, 0) = 0 [pid 14792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14792] write(3, "1000", 4) = 4 [pid 14792] close(3) = 0 [pid 14792] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./525/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./525/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./525/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./525") = 0 [pid 408] mkdir("./526", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 261.142450][T14788] loop3: detected capacity change from 0 to 2048 [ 261.175548][T14779] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14793 [pid 14792] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14792] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14794], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14794 [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14793 attached [pid 14793] set_robust_list(0x555555f755e0, 24) = 0 [pid 14793] chdir("./526") = 0 [pid 14793] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14793] setpgid(0, 0) = 0 [pid 14793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14793] write(3, "1000", 4) = 4 [pid 14793] close(3) = 0 [pid 14793] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14793] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14793] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14793] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14795], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14795 [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14794 attached [pid 14794] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14794] memfd_create("syzkaller", 0) = 3 [pid 407] <... umount2 resumed>) = 0 [pid 14794] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 14795 attached [pid 14795] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14795] memfd_create("syzkaller", 0) = 3 [pid 14795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 407] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./520/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./520/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./520/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, [pid 14788] <... mount resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14794] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14788] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 407] close(4 [pid 14788] <... openat resumed>) = 3 [pid 14788] chdir("./bus" [pid 407] <... close resumed>) = 0 [pid 14788] <... chdir resumed>) = 0 [pid 14779] <... openat resumed>) = 7 [pid 407] rmdir("./520/bus" [pid 14788] ioctl(4, LOOP_CLR_FD) = 0 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14788] close(4 [pid 14779] <... futex resumed>) = 1 [pid 14769] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 14788] <... close resumed>) = 0 [pid 14779] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14769] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14769] <... futex resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14788] <... futex resumed>) = 1 [pid 14769] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] close(3 [pid 14788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14779] <... openat resumed>) = 8 [pid 407] <... close resumed>) = 0 [pid 14795] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14794] <... write resumed>) = 1048576 [pid 14786] <... futex resumed>) = 0 [pid 14779] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] rmdir("./520") = 0 [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] mkdir("./521", 0777 [pid 14788] <... futex resumed>) = 0 [pid 14786] <... futex resumed>) = 1 [pid 14788] chdir("./file0" [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... mkdir resumed>) = 0 [pid 14788] <... chdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] ioctl(3, LOOP_CLR_FD [pid 14794] munmap(0x7f1c2a016000, 1048576 [pid 14788] <... futex resumed>) = 1 [pid 14786] <... futex resumed>) = 0 [pid 14779] <... futex resumed>) = 1 [pid 14769] <... futex resumed>) = 0 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14794] <... munmap resumed>) = 0 [pid 14788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14779] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14769] exit_group(0 [pid 407] close(3 [pid 14794] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14786] <... futex resumed>) = 0 [pid 14779] <... futex resumed>) = ? [pid 14769] <... exit_group resumed>) = ? [pid 407] <... close resumed>) = 0 [pid 14788] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14788] <... open resumed>) = 4 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14786] <... futex resumed>) = 0 [pid 14788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14786] <... futex resumed>) = 0 [pid 14779] +++ exited with 0 +++ [pid 14769] +++ exited with 0 +++ [pid 14788] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14788] <... openat resumed>) = 5 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14769, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14796 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 14788] <... futex resumed>) = 1 [pid 14786] <... futex resumed>) = 0 [pid 14788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... restart_syscall resumed>) = 0 [pid 14788] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14786] <... futex resumed>) = 0 [pid 14788] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14788] <... write resumed>) = 196608 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14786] <... futex resumed>) = 0 [pid 14788] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14788] <... mount resumed>) = 0 [pid 14786] <... futex resumed>) = 0 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14788] <... futex resumed>) = 0 [pid 14786] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14788] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14788] <... open resumed>) = 6 [pid 14786] <... futex resumed>) = 0 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14788] <... futex resumed>) = 0 [pid 14786] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14788] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14794] <... openat resumed>) = 4 [pid 14786] <... futex resumed>) = 0 [pid 412] umount2("./523", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = 0 [pid 14794] ioctl(4, LOOP_SET_FD, 3 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 261.196816][T14788] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/530/bus supports timestamps until 2038 (0x7fffffff) [ 261.225956][T14779] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 412] openat(AT_FDCWD, "./523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 14796 attached [pid 14796] set_robust_list(0x555555f755e0, 24) = 0 [pid 14795] <... write resumed>) = 1048576 [pid 14794] <... ioctl resumed>) = 0 [pid 14788] <... write resumed>) = 1048576 [pid 412] <... openat resumed>) = 3 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] fstat(3, [pid 411] lstat("./526/bus", [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14795] munmap(0x7f1c2a016000, 1048576 [pid 412] getdents64(3, [pid 14796] chdir("./521" [pid 411] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14796] <... chdir resumed>) = 0 [pid 14796] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14796] setpgid(0, 0 [pid 412] umount2("./523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14796] <... setpgid resumed>) = 0 [pid 14796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] openat(AT_FDCWD, "./526/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./523/binderfs", [pid 411] <... openat resumed>) = 4 [pid 14795] <... munmap resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] fstat(4, [pid 412] unlink("./523/binderfs" [pid 14795] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14794] close(3 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... unlink resumed>) = 0 [pid 411] getdents64(4, [pid 14796] <... openat resumed>) = 3 [pid 14795] <... openat resumed>) = 4 [pid 412] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14794] <... close resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14788] <... futex resumed>) = 1 [pid 14786] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 14786] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14796] write(3, "1000", 4 [pid 14795] ioctl(4, LOOP_SET_FD, 3 [pid 14794] mkdir("./bus", 0777 [pid 14788] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14786] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] close(4) = 0 [pid 411] rmdir("./526/bus") = 0 [pid 14796] <... write resumed>) = 4 [pid 411] getdents64(3, [pid 14796] close(3 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14796] <... close resumed>) = 0 [pid 411] close(3 [pid 14796] symlink("/dev/binderfs", "./binderfs" [pid 411] <... close resumed>) = 0 [pid 14796] <... symlink resumed>) = 0 [pid 411] rmdir("./526" [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 14796] <... futex resumed>) = 0 [pid 411] mkdir("./527", 0777 [pid 14796] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... mkdir resumed>) = 0 [pid 14796] <... mmap resumed>) = 0x7f1c32416000 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14796] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 411] <... openat resumed>) = 3 [pid 14796] <... mprotect resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 14796] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 14796] <... clone resumed>, parent_tid=[14797], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14797 [pid 411] <... close resumed>) = 0 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14796] <... futex resumed>) = 0 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14798 [pid 14794] <... mkdir resumed>) = 0 [pid 14794] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14797 attached [pid 14797] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14797] memfd_create("syzkaller", 0) = 3 [pid 14797] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 261.257748][T14794] loop2: detected capacity change from 0 to 2048 [ 261.282984][T14795] loop1: detected capacity change from 0 to 2048 [ 261.294035][T14788] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14797] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14797] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14797] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14797] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14798 attached [pid 14795] <... ioctl resumed>) = 0 [pid 14795] close(3 [pid 14798] set_robust_list(0x555555f755e0, 24 [pid 14795] <... close resumed>) = 0 [pid 14786] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14786] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14786] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14786] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14798] <... set_robust_list resumed>) = 0 [pid 14795] mkdir("./bus", 0777 [pid 14786] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14797] <... ioctl resumed>) = 0 [pid 14786] <... clone resumed>, parent_tid=[14799], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14799 ./strace-static-x86_64: Process 14799 attached [pid 14798] chdir("./527" [pid 14795] <... mkdir resumed>) = 0 [pid 14788] <... openat resumed>) = 7 [pid 412] <... umount2 resumed>) = 0 [pid 14786] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14786] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] close(3 [pid 14799] set_robust_list(0x7f1c2a1159e0, 24 [pid 14788] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... chdir resumed>) = 0 [pid 14797] <... close resumed>) = 0 [pid 412] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14799] <... set_robust_list resumed>) = 0 [pid 14798] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14797] mkdir("./bus", 0777 [pid 14795] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14794] <... mount resumed>) = 0 [pid 14788] <... futex resumed>) = 0 [pid 14799] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14788] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14797] <... mkdir resumed>) = 0 [pid 14799] <... openat resumed>) = 8 [pid 412] lstat("./523/bus", [pid 14799] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... prctl resumed>) = 0 [pid 14797] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14798] setpgid(0, 0 [pid 14799] <... futex resumed>) = 1 [pid 14786] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14786] exit_group(0 [pid 412] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14798] <... setpgid resumed>) = 0 [pid 14794] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14788] <... futex resumed>) = ? [pid 14786] <... exit_group resumed>) = ? [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14799] +++ exited with 0 +++ [pid 14798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14788] +++ exited with 0 +++ [pid 14798] <... openat resumed>) = 3 [pid 14798] write(3, "1000", 4 [pid 14786] +++ exited with 0 +++ [pid 14798] <... write resumed>) = 4 [pid 14798] close(3) = 0 [pid 14798] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14798] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14798] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14802], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14802 [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] openat(AT_FDCWD, "./523/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14786, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 412] <... openat resumed>) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 410] umount2("./530", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] getdents64(4, [pid 410] openat(AT_FDCWD, "./530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, [pid 412] close(4 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... close resumed>) = 0 [pid 410] getdents64(3, [pid 412] rmdir("./523/bus" [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... rmdir resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] getdents64(3, [pid 410] lstat("./530/binderfs", [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] close(3 [pid 410] unlink("./530/binderfs" [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./523" [pid 410] <... unlink resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 410] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] mkdir("./524", 0777 [pid 14794] <... openat resumed>) = 3 [pid 14794] chdir("./bus") = 0 [pid 14794] ioctl(4, LOOP_CLR_FD) = 0 [pid 14794] close(4) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14792] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14794] <... futex resumed>) = 1 [pid 14794] chdir("./file0") = 0 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14792] <... futex resumed>) = 0 [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14794] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 14802 attached [pid 14802] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14802] memfd_create("syzkaller", 0 [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 14802] <... memfd_create resumed>) = 3 [pid 14802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14805 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./530/bus", [pid 14794] <... open resumed>) = 4 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14792] <... futex resumed>) = 0 [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14794] <... futex resumed>) = 1 [pid 14794] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14792] <... futex resumed>) = 0 [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14805 attached [pid 410] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14794] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14805] set_robust_list(0x555555f755e0, 24 [pid 410] openat(AT_FDCWD, "./530/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14805] <... set_robust_list resumed>) = 0 [pid 410] <... openat resumed>) = 4 [pid 14794] <... write resumed>) = 196608 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14792] <... futex resumed>) = 0 [pid 410] fstat(4, [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] getdents64(4, [pid 14805] chdir("./524") = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14805] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 410] getdents64(4, [pid 14794] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14805] <... prctl resumed>) = 0 [pid 410] close(4 [pid 14792] <... futex resumed>) = 0 [pid 14805] setpgid(0, 0 [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... close resumed>) = 0 [pid 14805] <... setpgid resumed>) = 0 [pid 14792] <... futex resumed>) = 0 [pid 410] rmdir("./530/bus" [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... rmdir resumed>) = 0 [pid 14805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 410] getdents64(3, [pid 14794] <... futex resumed>) = 1 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 14794] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14805] <... openat resumed>) = 3 [pid 410] rmdir("./530" [pid 14794] <... open resumed>) = 6 [pid 14805] write(3, "1000", 4 [pid 410] <... rmdir resumed>) = 0 [pid 14805] <... write resumed>) = 4 [pid 410] mkdir("./531", 0777 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14792] <... futex resumed>) = 0 [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... mkdir resumed>) = 0 [pid 14805] close(3 [pid 14794] <... futex resumed>) = 1 [pid 14794] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 14805] <... close resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 14805] symlink("/dev/binderfs", "./binderfs" [pid 410] <... ioctl resumed>) = 0 [pid 14805] <... symlink resumed>) = 0 [pid 410] close(3 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14805] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14805] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14802] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14805] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14808], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14808 [ 261.312407][T14788] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 261.320653][T14797] loop0: detected capacity change from 0 to 2048 [ 261.335613][T14794] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/521/bus supports timestamps until 2038 (0x7fffffff) [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] <... write resumed>) = 1048576 [pid 14802] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14802] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14802] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14802] close(3) = 0 [pid 14802] mkdir("./bus", 0777) = 0 [pid 14802] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14808 attached [pid 14808] set_robust_list(0x7f1c324369e0, 24 [pid 14794] <... write resumed>) = 1048576 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14792] <... futex resumed>) = 0 [pid 14794] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14792] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14794] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14792] <... futex resumed>) = 0 [pid 14794] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14792] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14808] <... set_robust_list resumed>) = 0 [pid 14808] memfd_create("syzkaller", 0) = 3 [pid 14808] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14808] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14808] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14808] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 261.389371][T14797] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/521/bus supports timestamps until 2038 (0x7fffffff) [ 261.399861][T14802] loop4: detected capacity change from 0 to 2048 [ 261.410345][T14795] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/526/bus supports timestamps until 2038 (0x7fffffff) [ 261.424313][T14794] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14808] ioctl(4, LOOP_SET_FD, 3 [pid 14805] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 14808] <... ioctl resumed>) = 0 [pid 14808] close(3) = 0 [pid 14808] mkdir("./bus", 0777) = 0 [pid 14808] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14797] <... mount resumed>) = 0 [pid 14797] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14797] <... openat resumed>) = 3 [pid 14797] chdir("./bus") = 0 [pid 14797] ioctl(4, LOOP_CLR_FD) = 0 [pid 14797] close(4) = 0 [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14796] <... futex resumed>) = 0 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] <... futex resumed>) = 1 [pid 14797] chdir("./file0") = 0 [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14796] <... futex resumed>) = 0 [pid 14797] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14797] <... open resumed>) = 4 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14796] <... futex resumed>) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14810 ./strace-static-x86_64: Process 14810 attached [pid 14797] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] set_robust_list(0x555555f755e0, 24) = 0 [pid 14797] <... openat resumed>) = 5 [pid 14796] <... futex resumed>) = 0 [pid 14810] chdir("./531" [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] <... futex resumed>) = 0 [pid 14796] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... chdir resumed>) = 0 [pid 14797] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 261.433277][T14808] loop5: detected capacity change from 0 to 2048 [pid 14810] setpgid(0, 0 [pid 14797] <... write resumed>) = 196608 [pid 14796] <... futex resumed>) = 0 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14796] <... futex resumed>) = 0 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] <... futex resumed>) = 1 [pid 14797] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14796] <... futex resumed>) = 0 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] <... futex resumed>) = 1 [pid 14797] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14796] <... futex resumed>) = 0 [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14797] <... futex resumed>) = 1 [pid 14797] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14795] <... mount resumed>) = 0 [pid 14795] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14795] chdir("./bus") = 0 [pid 14795] ioctl(4, LOOP_CLR_FD) = 0 [pid 14795] close(4) = 0 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] <... setpgid resumed>) = 0 [pid 14793] <... futex resumed>) = 0 [pid 14792] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14792] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14795] <... futex resumed>) = 0 [pid 14793] <... futex resumed>) = 1 [pid 14792] <... futex resumed>) = 0 [pid 14795] chdir("./file0" [pid 14792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14795] <... chdir resumed>) = 0 [pid 14792] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14792] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14792] <... mprotect resumed>) = 0 [pid 14795] <... futex resumed>) = 1 [pid 14793] <... futex resumed>) = 0 [pid 14792] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14795] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14793] <... futex resumed>) = 0 [pid 14795] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14792] <... clone resumed>, parent_tid=[14813], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14813 [pid 14810] <... openat resumed>) = 3 [pid 14792] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] write(3, "1000", 4 [pid 14795] <... open resumed>) = 4 [pid 14792] <... futex resumed>) = 0 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14792] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14813 attached [pid 14810] <... write resumed>) = 4 [pid 14802] <... mount resumed>) = 0 [pid 14797] <... write resumed>) = 1048576 [pid 14795] <... futex resumed>) = 1 [pid 14793] <... futex resumed>) = 0 [pid 14813] set_robust_list(0x7f1c2a1159e0, 24 [pid 14810] close(3 [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14813] <... set_robust_list resumed>) = 0 [pid 14810] <... close resumed>) = 0 [pid 14795] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14793] <... futex resumed>) = 0 [pid 14813] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14810] symlink("/dev/binderfs", "./binderfs" [pid 14795] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14810] <... symlink resumed>) = 0 [pid 14795] <... openat resumed>) = 5 [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] <... futex resumed>) = 0 [pid 14795] <... futex resumed>) = 1 [pid 14793] <... futex resumed>) = 0 [pid 14810] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] <... mmap resumed>) = 0x7f1c32416000 [pid 14795] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14793] <... futex resumed>) = 0 [pid 14810] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14795] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14810] <... mprotect resumed>) = 0 [pid 14795] <... write resumed>) = 196608 [pid 14810] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14793] <... futex resumed>) = 0 [pid 14810] <... clone resumed>, parent_tid=[14814], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14814 [pid 14795] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14795] <... mount resumed>) = 0 [pid 14793] <... futex resumed>) = 0 [pid 14810] <... futex resumed>) = 0 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14795] <... futex resumed>) = 0 [pid 14793] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14795] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14795] <... open resumed>) = 6 [pid 14793] <... futex resumed>) = 0 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14795] <... futex resumed>) = 0 [pid 14793] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14795] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14814 attached [pid 14802] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14793] <... futex resumed>) = 0 [pid 14802] <... openat resumed>) = 3 [pid 14797] <... futex resumed>) = 1 [pid 14796] <... futex resumed>) = 0 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14813] <... openat resumed>) = 8 [pid 14802] chdir("./bus" [pid 14797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14796] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14794] <... openat resumed>) = 7 [pid 14813] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] <... chdir resumed>) = 0 [pid 14797] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14796] <... futex resumed>) = 0 [pid 14794] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14813] <... futex resumed>) = 1 [pid 14802] ioctl(4, LOOP_CLR_FD [pid 14797] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 261.463113][T14802] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/527/bus supports timestamps until 2038 (0x7fffffff) [ 261.487900][T14794] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14796] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14792] <... futex resumed>) = 0 [pid 14814] set_robust_list(0x7f1c324369e0, 24 [pid 14813] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14802] <... ioctl resumed>) = 0 [pid 14794] <... futex resumed>) = 0 [pid 14802] close(4) = 0 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14798] <... futex resumed>) = 0 [pid 14802] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14798] <... futex resumed>) = 0 [pid 14802] chdir("./file0" [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... chdir resumed>) = 0 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14798] <... futex resumed>) = 0 [pid 14802] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14798] <... futex resumed>) = 0 [pid 14802] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14792] exit_group(0) = ? [pid 14814] <... set_robust_list resumed>) = 0 [pid 14814] memfd_create("syzkaller", 0) = 3 [pid 14814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14814] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14794] +++ exited with 0 +++ [pid 14813] <... futex resumed>) = ? [pid 14808] <... mount resumed>) = 0 [pid 14808] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14808] chdir("./bus") = 0 [pid 14808] ioctl(4, LOOP_CLR_FD) = 0 [pid 14808] close(4) = 0 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14808] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14805] <... futex resumed>) = 0 [pid 14814] <... write resumed>) = 1048576 [pid 14813] +++ exited with 0 +++ [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] <... open resumed>) = 4 [pid 14795] <... write resumed>) = 1048576 [pid 14792] +++ exited with 0 +++ [pid 14805] <... futex resumed>) = 1 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... futex resumed>) = 1 [pid 14798] <... futex resumed>) = 0 [pid 14802] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14795] <... futex resumed>) = 1 [pid 14793] <... futex resumed>) = 0 [pid 14802] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14798] <... futex resumed>) = 0 [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14795] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14793] <... futex resumed>) = 0 [pid 14802] <... openat resumed>) = 5 [pid 14795] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14792, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./521", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./521/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./521/binderfs") = 0 [pid 409] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14814] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14814] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 261.502015][T14797] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 261.506864][T14808] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/524/bus supports timestamps until 2038 (0x7fffffff) [ 261.534173][T14797] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 261.544961][T14795] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14814] ioctl(4, LOOP_SET_FD, 3 [pid 14808] <... futex resumed>) = 0 [pid 14802] <... futex resumed>) = 1 [pid 14798] <... futex resumed>) = 0 [pid 14797] <... openat resumed>) = 7 [pid 14814] <... ioctl resumed>) = 0 [pid 14814] close(3) = 0 [pid 14814] mkdir("./bus", 0777 [pid 14796] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14796] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14796] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14796] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14796] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14816], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14816 [pid 14796] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14796] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... mkdir resumed>) = 0 [pid 14814] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14808] chdir("./file0") = 0 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14808] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14802] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14802] <... futex resumed>) = 0 [pid 14798] <... futex resumed>) = 1 [pid 14802] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... write resumed>) = 196608 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... futex resumed>) = 0 [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... futex resumed>) = 1 [pid 14802] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... futex resumed>) = 0 [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... futex resumed>) = 1 [pid 14797] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14797] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14816 attached [pid 14816] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14816] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14816] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14805] <... futex resumed>) = 0 [pid 14796] <... futex resumed>) = 0 [pid 14796] exit_group(0 [pid 14797] <... futex resumed>) = ? [pid 14796] <... exit_group resumed>) = ? [pid 14797] +++ exited with 0 +++ [pid 14816] <... futex resumed>) = ? [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14808] <... futex resumed>) = 0 [pid 14805] <... futex resumed>) = 1 [pid 14808] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14816] +++ exited with 0 +++ [pid 14796] +++ exited with 0 +++ [pid 14802] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... futex resumed>) = 0 [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... futex resumed>) = 1 [pid 14802] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14796, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14808] <... open resumed>) = 4 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14805] <... futex resumed>) = 0 [pid 407] umount2("./521", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14808] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14808] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14805] <... futex resumed>) = 0 [pid 407] openat(AT_FDCWD, "./521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14808] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... openat resumed>) = 3 [pid 14808] <... openat resumed>) = 5 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./521/binderfs", [pid 14808] <... futex resumed>) = 1 [pid 14805] <... futex resumed>) = 0 [pid 14808] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14805] <... futex resumed>) = 0 [pid 407] unlink("./521/binderfs" [pid 14795] <... openat resumed>) = 7 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14808] <... write resumed>) = 196608 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14793] <... futex resumed>) = 0 [pid 407] <... unlink resumed>) = 0 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14808] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14793] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14805] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14793] <... futex resumed>) = 1 [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14793] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14795] <... futex resumed>) = 0 [pid 14795] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14795] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14795] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14793] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14805] <... futex resumed>) = 1 [pid 407] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14808] <... futex resumed>) = 0 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14793] exit_group(0) = ? [pid 14808] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14802] <... write resumed>) = 1048576 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... futex resumed>) = 0 [pid 14808] <... mount resumed>) = 0 [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... futex resumed>) = 0 [pid 14808] <... futex resumed>) = 1 [pid 14805] <... futex resumed>) = 0 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14808] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14808] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14805] <... futex resumed>) = 0 [pid 14808] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14808] <... open resumed>) = 6 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14805] <... futex resumed>) = 0 [pid 14808] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14808] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14805] <... futex resumed>) = 0 [pid 14808] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] <... futex resumed>) = 1 [pid 14802] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14795] <... futex resumed>) = ? [pid 14795] +++ exited with 0 +++ [pid 14793] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14793, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./526", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./526/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./526/binderfs") = 0 [ 261.549997][T14814] loop3: detected capacity change from 0 to 2048 [ 261.563964][T14795] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 261.597599][T14802] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 408] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14802] <... openat resumed>) = 7 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14798] <... futex resumed>) = 0 [pid 14798] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14802] <... futex resumed>) = 1 [pid 14798] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14802] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14802] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14798] <... futex resumed>) = 0 [pid 14802] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14798] exit_group(0 [pid 14802] <... futex resumed>) = ? [pid 14798] <... exit_group resumed>) = ? [pid 14802] +++ exited with 0 +++ [pid 14798] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14798, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./527", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./527/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./527/binderfs") = 0 [pid 411] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./521/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./521/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 14814] <... mount resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14814] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14808] <... write resumed>) = 1048576 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./521/bus" [pid 14814] <... openat resumed>) = 3 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... rmdir resumed>) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./521" [pid 14814] chdir("./bus" [pid 14808] <... futex resumed>) = 0 [pid 14805] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 409] <... rmdir resumed>) = 0 [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] mkdir("./522", 0777 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... chdir resumed>) = 0 [pid 14808] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14819 ./strace-static-x86_64: Process 14819 attached [pid 14819] set_robust_list(0x555555f755e0, 24) = 0 [pid 14819] chdir("./522") = 0 [pid 14819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14819] setpgid(0, 0) = 0 [pid 14819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14819] write(3, "1000", 4) = 4 [pid 14819] close(3) = 0 [pid 14819] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14819] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14819] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14820], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14820 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14820 attached [pid 14820] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14820] memfd_create("syzkaller", 0) = 3 [pid 14820] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14820] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14820] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14820] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 261.611982][T14802] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 261.626532][T14814] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/531/bus supports timestamps until 2038 (0x7fffffff) [ 261.649185][T14808] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14820] ioctl(4, LOOP_SET_FD, 3 [pid 14814] ioctl(4, LOOP_CLR_FD [pid 14820] <... ioctl resumed>) = 0 [pid 14820] close(3) = 0 [pid 14820] mkdir("./bus", 0777) = 0 [pid 14820] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14814] <... ioctl resumed>) = 0 [pid 14814] close(4) = 0 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... futex resumed>) = 0 [pid 14814] chdir("./file0" [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... chdir resumed>) = 0 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... futex resumed>) = 0 [pid 14814] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... open resumed>) = 4 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... futex resumed>) = 0 [pid 14814] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... openat resumed>) = 5 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... futex resumed>) = 0 [pid 14814] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... write resumed>) = 196608 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] <... futex resumed>) = 0 [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = 0 [pid 14810] <... futex resumed>) = 1 [pid 14814] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... mount resumed>) = 0 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... futex resumed>) = 0 [pid 14814] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] <... open resumed>) = 6 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] <... futex resumed>) = 0 [pid 14814] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14808] <... openat resumed>) = 7 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14805] <... futex resumed>) = 0 [pid 14805] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14805] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14808] <... futex resumed>) = 1 [pid 14808] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14808] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14805] <... futex resumed>) = 0 [pid 14805] exit_group(0) = ? [pid 14808] <... futex resumed>) = ? [pid 14808] +++ exited with 0 +++ [pid 14805] +++ exited with 0 +++ [pid 411] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14805, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 407] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./524", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] lstat("./521/bus", [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./527/bus", [pid 408] lstat("./526/bus", [pid 407] umount2("./521/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] lstat("./524/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] unlink("./524/binderfs" [pid 411] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 261.660585][T14820] loop2: detected capacity change from 0 to 2048 [ 261.664641][T14808] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 408] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./521/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14814] <... write resumed>) = 1048576 [pid 411] openat(AT_FDCWD, "./527/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14814] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] <... openat resumed>) = 4 [pid 14814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] fstat(4, [pid 411] <... openat resumed>) = 4 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] fstat(4, [pid 408] openat(AT_FDCWD, "./526/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] getdents64(4, [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 408] <... openat resumed>) = 4 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./527/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./527") = 0 [pid 411] mkdir("./528", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] getdents64(4, [pid 408] fstat(4, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./521/bus" [pid 408] getdents64(4, [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14823 [pid 407] <... rmdir resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(3, [pid 408] getdents64(4, [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4 [pid 407] close(3./strace-static-x86_64: Process 14823 attached [pid 14823] set_robust_list(0x555555f755e0, 24) = 0 [pid 14823] chdir("./528") = 0 [pid 14823] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14823] setpgid(0, 0) = 0 [pid 408] <... close resumed>) = 0 [pid 14823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 408] rmdir("./526/bus" [pid 407] <... close resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 407] rmdir("./521") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./526") = 0 [pid 407] mkdir("./522", 0777) = 0 [pid 408] mkdir("./527", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 14814] <... openat resumed>) = 7 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14810] <... futex resumed>) = 0 [pid 14810] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14810] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14814] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14814] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14823] <... openat resumed>) = 3 [pid 14820] <... mount resumed>) = 0 [pid 14814] <... futex resumed>) = 1 [pid 14810] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 407] <... close resumed>) = 0 [pid 412] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./524/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./524/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... openat resumed>) = 3 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... openat resumed>) = 4 [pid 408] ioctl(3, LOOP_CLR_FD [pid 14810] exit_group(0 [pid 412] fstat(4, [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] close(3 [pid 412] getdents64(4, [pid 408] <... close resumed>) = 0 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14824 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14810] <... exit_group resumed>) = ? [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14825 [pid 412] close(4) = 0 [pid 412] rmdir("./524/bus" [pid 14814] +++ exited with 0 +++ [pid 14810] +++ exited with 0 +++ [pid 412] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14810, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 14823] write(3, "1000", 4 [pid 14820] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 412] <... close resumed>) = 0 [pid 410] umount2("./531", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] rmdir("./524" [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... rmdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "./531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] mkdir("./525", 0777 [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 410] getdents64(3, [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] <... openat resumed>) = 3 [pid 410] umount2("./531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] ioctl(3, LOOP_CLR_FD [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./531/binderfs", [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] close(3 [pid 410] unlink("./531/binderfs" [pid 412] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... unlink resumed>) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14826 [pid 410] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14820] <... openat resumed>) = 3 [pid 14820] chdir("./bus") = 0 [pid 14820] ioctl(4, LOOP_CLR_FD) = 0 [pid 14820] close(4 [pid 14823] <... write resumed>) = 4 [pid 14820] <... close resumed>) = 0 [pid 14823] close(3 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14823] <... close resumed>) = 0 [pid 14820] <... futex resumed>) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14823] symlink("/dev/binderfs", "./binderfs" [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14820] chdir("./file0" [pid 14819] <... futex resumed>) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14820] <... chdir resumed>) = 0 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14823] <... symlink resumed>) = 0 [pid 14820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14823] <... futex resumed>) = 0 [pid 14819] <... futex resumed>) = 1 [pid 14823] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14823] <... mmap resumed>) = 0x7f1c32416000 [pid 14823] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14823] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14827], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14827 [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14824 attached [pid 14824] set_robust_list(0x555555f755e0, 24) = 0 [pid 14824] chdir("./522") = 0 [pid 14824] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14824] setpgid(0, 0) = 0 [pid 14824] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14824] write(3, "1000", 4) = 4 [pid 14824] close(3) = 0 [pid 14824] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14824] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14824] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14824] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14828], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14828 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14828 attached [pid 14828] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14828] memfd_create("syzkaller", 0) = 3 [pid 14828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14820] <... futex resumed>) = 0 [pid 14820] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14820] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14828] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14820] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14828] <... write resumed>) = 1048576 [pid 14828] munmap(0x7f1c2a016000, 1048576 [pid 14820] <... futex resumed>) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14828] <... munmap resumed>) = 0 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14828] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14819] <... futex resumed>) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14820] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14828] <... openat resumed>) = 4 [ 261.710473][T14814] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 261.727619][T14814] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 261.740781][T14820] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/522/bus supports timestamps until 2038 (0x7fffffff) [pid 14828] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14827 attached ./strace-static-x86_64: Process 14826 attached ./strace-static-x86_64: Process 14825 attached [pid 14820] <... mount resumed>) = 0 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14820] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14820] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14826] set_robust_list(0x555555f755e0, 24 [pid 14825] set_robust_list(0x555555f755e0, 24) = 0 [pid 14826] <... set_robust_list resumed>) = 0 [pid 14825] chdir("./527" [pid 14826] chdir("./525") = 0 [pid 14825] <... chdir resumed>) = 0 [pid 14826] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14826] setpgid(0, 0 [pid 14825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14828] <... ioctl resumed>) = 0 [pid 14827] set_robust_list(0x7f1c324369e0, 24 [pid 14828] close(3 [pid 14827] <... set_robust_list resumed>) = 0 [pid 14828] <... close resumed>) = 0 [pid 14827] memfd_create("syzkaller", 0 [pid 14826] <... setpgid resumed>) = 0 [pid 14825] setpgid(0, 0 [pid 14828] mkdir("./bus", 0777 [pid 14827] <... memfd_create resumed>) = 3 [pid 14828] <... mkdir resumed>) = 0 [pid 14827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14828] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14827] <... mmap resumed>) = 0x7f1c2a016000 [pid 14826] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14825] <... setpgid resumed>) = 0 [pid 14826] <... openat resumed>) = 3 [pid 14825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14826] write(3, "1000", 4 [pid 14825] <... openat resumed>) = 3 [pid 14826] <... write resumed>) = 4 [pid 14825] write(3, "1000", 4 [pid 14826] close(3 [pid 14825] <... write resumed>) = 4 [pid 14826] <... close resumed>) = 0 [pid 14825] close(3 [pid 14826] symlink("/dev/binderfs", "./binderfs" [pid 14825] <... close resumed>) = 0 [pid 14826] <... symlink resumed>) = 0 [pid 14825] symlink("/dev/binderfs", "./binderfs" [pid 14827] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] <... symlink resumed>) = 0 [pid 14826] <... futex resumed>) = 0 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14825] <... futex resumed>) = 0 [pid 14826] <... mmap resumed>) = 0x7f1c32416000 [pid 14825] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14826] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14825] <... mmap resumed>) = 0x7f1c32416000 [pid 14820] <... write resumed>) = 1048576 [pid 14827] <... write resumed>) = 1048576 [pid 14826] <... mprotect resumed>) = 0 [pid 14825] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14825] <... mprotect resumed>) = 0 [pid 14820] <... futex resumed>) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14820] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14825] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14819] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14830 attached ./strace-static-x86_64: Process 14829 attached [pid 14827] munmap(0x7f1c2a016000, 1048576 [pid 14819] <... futex resumed>) = 0 [pid 14826] <... clone resumed>, parent_tid=[14829], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14829 [pid 14825] <... clone resumed>, parent_tid=[14830], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14830 [pid 14819] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14830] set_robust_list(0x7f1c324369e0, 24 [pid 14826] <... futex resumed>) = 0 [pid 14825] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14830] <... set_robust_list resumed>) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] lstat("./531/bus", [pid 14830] memfd_create("syzkaller", 0 [pid 14827] <... munmap resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14830] <... memfd_create resumed>) = 3 [pid 14827] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14829] set_robust_list(0x7f1c324369e0, 24 [pid 14827] <... openat resumed>) = 4 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14830] <... mmap resumed>) = 0x7f1c2a016000 [pid 14829] <... set_robust_list resumed>) = 0 [pid 14827] ioctl(4, LOOP_SET_FD, 3 [pid 410] openat(AT_FDCWD, "./531/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, [pid 14830] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./531/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./531") = 0 [pid 410] mkdir("./532", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 14830] <... write resumed>) = 1048576 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14830] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14830] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14830] ioctl(4, LOOP_SET_FD, 3 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14832 [ 261.781012][T14828] loop0: detected capacity change from 0 to 2048 [ 261.809142][T14820] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 261.823926][T14827] loop4: detected capacity change from 0 to 2048 [pid 14829] memfd_create("syzkaller", 0./strace-static-x86_64: Process 14832 attached [pid 14832] set_robust_list(0x555555f755e0, 24) = 0 [pid 14832] chdir("./532") = 0 [pid 14832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14832] setpgid(0, 0) = 0 [pid 14832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14832] write(3, "1000", 4) = 4 [pid 14832] close(3) = 0 [pid 14832] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14832] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14832] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14832] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14833], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14833 [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14830] <... ioctl resumed>) = 0 [pid 14830] close(3) = 0 [pid 14830] mkdir("./bus", 0777) = 0 [pid 14830] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14827] <... ioctl resumed>) = 0 [pid 14827] close(3) = 0 [pid 14827] mkdir("./bus", 0777) = 0 [pid 14827] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14829] <... memfd_create resumed>) = 3 [pid 14829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14829] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14829] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14829] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14829] ioctl(4, LOOP_SET_FD, 3 [pid 14819] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14829] <... ioctl resumed>) = 0 [pid 14829] close(3) = 0 [pid 14829] mkdir("./bus", 0777) = 0 [pid 14829] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14833 attached [pid 14833] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14833] memfd_create("syzkaller", 0) = 3 [pid 14833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14819] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14819] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14819] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14819] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14837], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14837 [pid 14819] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 261.836303][T14830] loop1: detected capacity change from 0 to 2048 [ 261.837058][T14820] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 261.867311][T14829] loop5: detected capacity change from 0 to 2048 [ 261.869867][T14828] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/522/bus supports timestamps until 2038 (0x7fffffff) [pid 14819] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14837 attached [pid 14833] <... write resumed>) = 1048576 [pid 14828] <... mount resumed>) = 0 [pid 14828] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14828] chdir("./bus") = 0 [pid 14828] ioctl(4, LOOP_CLR_FD) = 0 [pid 14828] close(4) = 0 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14828] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14837] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14837] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14833] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14833] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14833] ioctl(4, LOOP_SET_FD, 3 [pid 14837] <... openat resumed>) = 8 [pid 14824] <... futex resumed>) = 0 [pid 14820] <... openat resumed>) = 7 [pid 14833] <... ioctl resumed>) = 0 [pid 14833] close(3) = 0 [pid 14833] mkdir("./bus", 0777) = 0 [pid 14833] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14837] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14820] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14837] <... futex resumed>) = 1 [pid 14828] <... futex resumed>) = 0 [pid 14824] <... futex resumed>) = 1 [pid 14819] <... futex resumed>) = 0 [pid 14830] <... mount resumed>) = 0 [pid 14830] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14830] chdir("./bus") = 0 [pid 14830] ioctl(4, LOOP_CLR_FD) = 0 [pid 14830] close(4) = 0 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] <... futex resumed>) = 0 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] <... futex resumed>) = 1 [pid 14830] chdir("./file0") = 0 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] <... futex resumed>) = 0 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] <... futex resumed>) = 1 [pid 14830] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14829] <... mount resumed>) = 0 [pid 14829] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14829] chdir("./bus") = 0 [pid 14829] ioctl(4, LOOP_CLR_FD) = 0 [pid 14829] close(4) = 0 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] chdir("./file0") = 0 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14830] <... open resumed>) = 4 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14825] <... futex resumed>) = 0 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14825] <... futex resumed>) = 0 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14827] <... mount resumed>) = 0 [pid 14827] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14827] chdir("./bus") = 0 [pid 14827] ioctl(4, LOOP_CLR_FD) = 0 [pid 14827] close(4 [pid 14828] chdir("./file0" [pid 14827] <... close resumed>) = 0 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14820] <... futex resumed>) = 0 [pid 14820] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14837] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14819] exit_group(0 [pid 14837] <... futex resumed>) = ? [pid 14820] <... futex resumed>) = ? [pid 14819] <... exit_group resumed>) = ? [pid 14837] +++ exited with 0 +++ [pid 14820] +++ exited with 0 +++ [pid 14819] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14819, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] umount2("./522", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 14823] <... futex resumed>) = 0 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14828] <... chdir resumed>) = 0 [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, [pid 14823] <... futex resumed>) = 1 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./522/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./522/binderfs") = 0 [pid 409] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14830] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14824] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14828] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14824] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14828] <... open resumed>) = 4 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14824] <... futex resumed>) = 0 [pid 14829] <... open resumed>) = 4 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14828] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14824] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14828] <... openat resumed>) = 5 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14824] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14828] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14824] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... write resumed>) = 196608 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14826] <... futex resumed>) = 0 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] <... futex resumed>) = 1 [pid 14829] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14828] <... write resumed>) = 196608 [pid 14830] <... write resumed>) = 196608 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] <... futex resumed>) = 0 [pid 14830] <... futex resumed>) = 1 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14830] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14825] <... futex resumed>) = 0 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [ 261.888982][T14830] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/527/bus supports timestamps until 2038 (0x7fffffff) [ 261.897817][T14833] loop3: detected capacity change from 0 to 2048 [ 261.902089][T14829] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/525/bus supports timestamps until 2038 (0x7fffffff) [ 261.921235][T14827] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/528/bus supports timestamps until 2038 (0x7fffffff) [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] <... mount resumed>) = 0 [pid 14828] <... futex resumed>) = 1 [pid 14824] <... futex resumed>) = 0 [pid 14827] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14830] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14828] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14828] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14827] chdir("./file0") = 0 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14824] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14828] <... futex resumed>) = 0 [pid 14828] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14824] <... futex resumed>) = 0 [pid 14828] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14825] <... futex resumed>) = 0 [pid 14823] <... futex resumed>) = 0 [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14833] <... mount resumed>) = 0 [pid 14830] <... futex resumed>) = 0 [pid 14827] <... futex resumed>) = 0 [pid 14825] <... futex resumed>) = 1 [pid 14823] <... futex resumed>) = 1 [pid 14833] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14830] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14827] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] <... open resumed>) = 6 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14825] <... futex resumed>) = 0 [pid 14833] <... openat resumed>) = 3 [pid 14830] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14827] <... open resumed>) = 4 [pid 14830] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14833] chdir("./bus" [pid 14830] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14825] <... futex resumed>) = 0 [pid 14827] <... futex resumed>) = 1 [pid 14823] <... futex resumed>) = 0 [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14823] <... futex resumed>) = 0 [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = 0 [pid 14833] <... chdir resumed>) = 0 [pid 14833] ioctl(4, LOOP_CLR_FD) = 0 [pid 14833] close(4) = 0 [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14832] <... futex resumed>) = 0 [pid 14833] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14827] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14823] <... futex resumed>) = 0 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14832] <... futex resumed>) = 1 [pid 14823] <... futex resumed>) = 1 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14833] <... futex resumed>) = 0 [pid 14828] <... write resumed>) = 1048576 [pid 14827] <... futex resumed>) = 0 [pid 14833] chdir("./file0" [pid 14829] <... write resumed>) = 1048576 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14827] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14833] <... chdir resumed>) = 0 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14828] <... futex resumed>) = 1 [pid 14824] <... futex resumed>) = 0 [pid 409] lstat("./522/bus", [pid 14826] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14824] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14828] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14826] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14824] <... futex resumed>) = 0 [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14829] <... futex resumed>) = 0 [pid 409] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14833] <... futex resumed>) = 1 [pid 14832] <... futex resumed>) = 0 [pid 14827] <... write resumed>) = 196608 [pid 14826] <... futex resumed>) = 0 [pid 14824] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14833] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [ 261.961313][T14833] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/532/bus supports timestamps until 2038 (0x7fffffff) [pid 14826] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14832] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "./522/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... openat resumed>) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./522/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./522") = 0 [pid 409] mkdir("./523", 0777) = 0 [pid 14830] <... write resumed>) = 1048576 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14825] <... futex resumed>) = 0 [pid 14830] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14827] <... futex resumed>) = 1 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... openat resumed>) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14845 ./strace-static-x86_64: Process 14845 attached [pid 14845] set_robust_list(0x555555f755e0, 24) = 0 [pid 14845] chdir("./523") = 0 [pid 14845] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14845] setpgid(0, 0) = 0 [pid 14845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14845] write(3, "1000", 4) = 4 [pid 14845] close(3) = 0 [pid 14845] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14845] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14845] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14846], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14846 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14846 attached [pid 14846] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14846] memfd_create("syzkaller", 0) = 3 [pid 14846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14823] <... futex resumed>) = 0 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14827] <... futex resumed>) = 0 [pid 14823] <... futex resumed>) = 1 [pid 14827] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14827] <... mount resumed>) = 0 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14823] <... futex resumed>) = 0 [pid 14846] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14846] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14846] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 262.005996][T14828] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.008886][T14829] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.025130][T14830] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14846] ioctl(4, LOOP_SET_FD, 3 [pid 14833] <... open resumed>) = 4 [pid 14827] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14826] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14824] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14846] <... ioctl resumed>) = 0 [pid 14846] close(3) = 0 [pid 14846] mkdir("./bus", 0777) = 0 [pid 14846] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14833] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14827] <... open resumed>) = 6 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14826] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14826] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14826] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14847], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14847 [pid 14826] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14826] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14824] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14824] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14824] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14824] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14848], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14848 [pid 14824] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14824] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14827] <... futex resumed>) = 0 [pid 14823] <... futex resumed>) = 1 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14827] <... futex resumed>) = 0 [pid 14823] <... futex resumed>) = 1 [pid 14827] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14832] <... futex resumed>) = 0 [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14833] <... futex resumed>) = 0 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14833] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 ./strace-static-x86_64: Process 14847 attached [pid 14847] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14847] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14848 attached [pid 14848] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14848] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14848] <... openat resumed>) = 8 [pid 14848] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14824] <... futex resumed>) = 0 [pid 14848] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14833] <... futex resumed>) = 1 [pid 14832] <... futex resumed>) = 0 [pid 14828] <... openat resumed>) = 7 [pid 14828] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14828] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14824] exit_group(0 [pid 14848] <... futex resumed>) = ? [pid 14824] <... exit_group resumed>) = ? [pid 14848] +++ exited with 0 +++ [pid 14828] <... futex resumed>) = ? [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14833] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14832] <... futex resumed>) = 0 [pid 14828] +++ exited with 0 +++ [pid 14824] +++ exited with 0 +++ [pid 14833] <... write resumed>) = 196608 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14824, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./522", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, [pid 14833] <... futex resumed>) = 1 [pid 14833] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14847] <... openat resumed>) = 8 [pid 14832] <... futex resumed>) = 0 [pid 14829] <... openat resumed>) = 7 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14829] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14832] <... futex resumed>) = 0 [pid 14829] <... futex resumed>) = 0 [pid 407] umount2("./522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14829] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./522/binderfs", [pid 14847] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14847] <... futex resumed>) = 1 [pid 14827] <... write resumed>) = 1048576 [pid 14826] <... futex resumed>) = 0 [pid 407] unlink("./522/binderfs" [pid 14847] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14826] exit_group(0 [pid 407] <... unlink resumed>) = 0 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14827] <... futex resumed>) = 1 [pid 14823] <... futex resumed>) = 0 [pid 14847] <... futex resumed>) = ? [pid 14829] <... futex resumed>) = ? [pid 14827] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14826] <... exit_group resumed>) = ? [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14829] +++ exited with 0 +++ [pid 14823] <... futex resumed>) = 0 [pid 14847] +++ exited with 0 +++ [pid 14826] +++ exited with 0 +++ [pid 14833] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14833] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 262.049070][T14828] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 262.055804][T14846] loop2: detected capacity change from 0 to 2048 [ 262.058735][T14829] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 262.078325][T14830] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14833] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14830] <... openat resumed>) = 7 [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14832] <... futex resumed>) = 0 [pid 14825] <... futex resumed>) = 0 [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14826, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14830] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14825] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14825] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14833] <... futex resumed>) = 0 [pid 14832] <... futex resumed>) = 1 [pid 14833] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14833] <... futex resumed>) = 0 [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./525", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14833] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14832] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14830] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14830] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... openat resumed>) = 3 [pid 14830] <... openat resumed>) = 8 [pid 412] fstat(3, [pid 14830] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14830] <... futex resumed>) = 1 [pid 14825] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 14830] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14825] exit_group(0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14830] <... futex resumed>) = ? [pid 14825] <... exit_group resumed>) = ? [pid 412] umount2("./525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14830] +++ exited with 0 +++ [pid 14825] +++ exited with 0 +++ [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./525/binderfs", [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14825, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./525/binderfs") = 0 [pid 408] umount2("./527", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14827] <... openat resumed>) = 7 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./527/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./527/binderfs") = 0 [pid 408] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14827] <... futex resumed>) = 1 [pid 14823] <... futex resumed>) = 0 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14823] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14827] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14823] <... futex resumed>) = 0 [pid 14833] <... write resumed>) = 1048576 [pid 14827] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14823] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14827] <... openat resumed>) = 8 [pid 14827] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14827] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14833] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14832] <... futex resumed>) = 0 [pid 14823] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14823] exit_group(0 [pid 14832] <... futex resumed>) = 1 [pid 14823] <... exit_group resumed>) = ? [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14827] <... futex resumed>) = ? [pid 14827] +++ exited with 0 +++ [pid 14823] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14823, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] umount2("./528", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./528/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./528/binderfs") = 0 [pid 411] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14846] <... mount resumed>) = 0 [pid 14833] <... futex resumed>) = 0 [pid 14846] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14833] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14846] <... openat resumed>) = 3 [pid 14846] chdir("./bus") = 0 [pid 14846] ioctl(4, LOOP_CLR_FD) = 0 [ 262.098899][T14827] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.115678][T14827] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 262.136701][T14846] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/523/bus supports timestamps until 2038 (0x7fffffff) [pid 14846] close(4) = 0 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 1 [pid 14846] chdir("./file0") = 0 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 1 [pid 14846] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 1 [pid 14846] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 1 [pid 14846] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14846] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 0 [pid 14846] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 1 [pid 14846] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14846] <... futex resumed>) = 1 [pid 14846] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14833] <... openat resumed>) = 7 [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14832] <... futex resumed>) = 0 [pid 14832] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14832] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14833] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14833] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14832] <... futex resumed>) = 0 [pid 14832] exit_group(0) = ? [pid 14833] +++ exited with 0 +++ [pid 14832] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14832, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 410] umount2("./532", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "./532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 3 [pid 407] lstat("./522/bus", [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 407] umount2("./522/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./522/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./532/binderfs", [pid 407] <... openat resumed>) = 4 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] fstat(4, [pid 410] unlink("./532/binderfs" [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... unlink resumed>) = 0 [pid 410] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./522/bus" [pid 14846] <... write resumed>) = 1048576 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] <... futex resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 14846] <... futex resumed>) = 1 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./522") = 0 [pid 407] mkdir("./523", 0777 [pid 14845] <... futex resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 14846] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 262.166787][T14833] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.181875][T14833] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14851 ./strace-static-x86_64: Process 14851 attached [pid 14851] set_robust_list(0x555555f755e0, 24 [pid 412] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 412] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./525/bus", [pid 408] lstat("./527/bus", [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./525/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./527/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... openat resumed>) = 4 [pid 408] <... openat resumed>) = 4 [pid 412] fstat(4, [pid 408] fstat(4, [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 408] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, [pid 408] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4 [pid 408] close(4 [pid 412] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 412] rmdir("./525/bus" [pid 408] rmdir("./527/bus" [pid 412] <... rmdir resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 408] getdents64(3, [pid 14846] <... openat resumed>) = 7 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] close(3 [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 411] lstat("./528/bus", [pid 408] <... close resumed>) = 0 [pid 14846] <... futex resumed>) = 1 [pid 14845] <... futex resumed>) = 0 [pid 412] rmdir("./525" [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] rmdir("./527" [pid 14851] <... set_robust_list resumed>) = 0 [pid 14846] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14845] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 411] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... rmdir resumed>) = 0 [pid 14846] <... openat resumed>) = 8 [pid 14845] <... futex resumed>) = 0 [pid 412] mkdir("./526", 0777 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] mkdir("./528", 0777 [pid 14851] chdir("./523" [pid 14846] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14845] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... mkdir resumed>) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 14851] <... chdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14851] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 412] <... openat resumed>) = 3 [pid 411] openat(AT_FDCWD, "./528/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 14845] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14851] <... prctl resumed>) = 0 [pid 14846] <... futex resumed>) = 0 [pid 412] ioctl(3, LOOP_CLR_FD [pid 411] <... openat resumed>) = 4 [pid 410] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14845] exit_group(0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 14851] setpgid(0, 0 [pid 14845] <... exit_group resumed>) = ? [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] fstat(4, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14851] <... setpgid resumed>) = 0 [pid 412] close(3 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] lstat("./532/bus", [pid 408] close(3 [pid 14851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 412] <... close resumed>) = 0 [pid 411] getdents64(4, [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... close resumed>) = 0 [pid 14851] <... openat resumed>) = 3 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14851] write(3, "1000", 4 [pid 14846] +++ exited with 0 +++ [pid 14845] +++ exited with 0 +++ [pid 411] getdents64(4, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14851] <... write resumed>) = 4 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14852 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] openat(AT_FDCWD, "./532/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14845, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14853 [pid 14851] close(3 [pid 411] close(4 [pid 410] <... openat resumed>) = 4 [pid 14851] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 410] fstat(4, [pid 14851] symlink("/dev/binderfs", "./binderfs" [pid 411] rmdir("./528/bus" [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14851] <... symlink resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 410] getdents64(4, [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 14851] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] close(3 [pid 410] getdents64(4, [pid 409] umount2("./523", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14852 attached [pid 14851] <... mmap resumed>) = 0x7f1c32416000 [pid 411] <... close resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14852] set_robust_list(0x555555f755e0, 24 [pid 14851] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 411] rmdir("./528" [pid 410] close(4 [pid 409] openat(AT_FDCWD, "./523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14851] <... mprotect resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 14851] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... rmdir resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 409] fstat(3, [pid 411] mkdir("./529", 0777 [pid 410] rmdir("./532/bus" [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14851] <... clone resumed>, parent_tid=[14854], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14854 [pid 409] getdents64(3, [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... mkdir resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14851] <... futex resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 410] getdents64(3, [pid 409] umount2("./523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 14853 attached [pid 14852] <... set_robust_list resumed>) = 0 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] <... openat resumed>) = 3 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14853] set_robust_list(0x555555f755e0, 24 [pid 14852] chdir("./526" [pid 411] ioctl(3, LOOP_CLR_FD [pid 410] close(3 [pid 409] lstat("./523/binderfs", [pid 14853] <... set_robust_list resumed>) = 0 [pid 14852] <... chdir resumed>) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... close resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 ./strace-static-x86_64: Process 14854 attached [pid 14853] chdir("./528" [pid 14852] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 411] close(3 [pid 410] rmdir("./532" [pid 409] unlink("./523/binderfs" [pid 14854] set_robust_list(0x7f1c324369e0, 24 [pid 14853] <... chdir resumed>) = 0 [pid 14852] <... prctl resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 14853] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14852] setpgid(0, 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] mkdir("./533", 0777 [pid 409] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14853] <... prctl resumed>) = 0 [pid 14854] <... set_robust_list resumed>) = 0 [pid 14854] memfd_create("syzkaller", 0) = 3 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14855 [pid 410] <... mkdir resumed>) = 0 [pid 14854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14853] setpgid(0, 0 [pid 14852] <... setpgid resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14853] <... setpgid resumed>) = 0 [pid 14852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 410] <... openat resumed>) = 3 [pid 14853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14852] <... openat resumed>) = 3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 14853] <... openat resumed>) = 3 [pid 14852] write(3, "1000", 4 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14853] write(3, "1000", 4 [pid 14852] <... write resumed>) = 4 [pid 410] close(3 [pid 14853] <... write resumed>) = 4 [pid 14852] close(3 [pid 14853] close(3 [pid 410] <... close resumed>) = 0 [pid 14853] <... close resumed>) = 0 [pid 14852] <... close resumed>) = 0 [pid 14853] symlink("/dev/binderfs", "./binderfs" [pid 14852] symlink("/dev/binderfs", "./binderfs" [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14852] <... symlink resumed>) = 0 [pid 14853] <... symlink resumed>) = 0 [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14856 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14852] <... futex resumed>) = 0 [pid 14853] <... futex resumed>) = 0 [pid 14852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14853] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14852] <... mmap resumed>) = 0x7f1c32416000 [pid 14853] <... mmap resumed>) = 0x7f1c32416000 [pid 14852] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14853] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14852] <... mprotect resumed>) = 0 [pid 14852] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14853] <... mprotect resumed>) = 0 [pid 14853] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14852] <... clone resumed>, parent_tid=[14857], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14857 [pid 14853] <... clone resumed>, parent_tid=[14858], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14858 [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14852] <... futex resumed>) = 0 [pid 14853] <... futex resumed>) = 0 [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14855 attached ./strace-static-x86_64: Process 14857 attached [pid 14855] set_robust_list(0x555555f755e0, 24./strace-static-x86_64: Process 14856 attached [pid 14856] set_robust_list(0x555555f755e0, 24) = 0 [ 262.212120][T14846] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.228236][T14846] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14856] chdir("./533") = 0 [pid 14856] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14855] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 14858 attached [pid 14857] set_robust_list(0x7f1c324369e0, 24 [pid 14858] set_robust_list(0x7f1c324369e0, 24 [pid 14857] <... set_robust_list resumed>) = 0 [pid 14855] chdir("./529" [pid 14858] <... set_robust_list resumed>) = 0 [pid 14857] memfd_create("syzkaller", 0 [pid 14855] <... chdir resumed>) = 0 [pid 14855] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14857] <... memfd_create resumed>) = 3 [pid 14855] <... prctl resumed>) = 0 [pid 14858] memfd_create("syzkaller", 0 [pid 14857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14855] setpgid(0, 0 [pid 14858] <... memfd_create resumed>) = 3 [pid 14857] <... mmap resumed>) = 0x7f1c2a016000 [pid 14855] <... setpgid resumed>) = 0 [pid 14858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14856] <... prctl resumed>) = 0 [pid 14854] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14856] setpgid(0, 0 [pid 14855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14858] <... mmap resumed>) = 0x7f1c2a016000 [pid 14856] <... setpgid resumed>) = 0 [pid 14855] <... openat resumed>) = 3 [pid 14856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14856] write(3, "1000", 4 [pid 14855] write(3, "1000", 4 [pid 14856] <... write resumed>) = 4 [pid 14855] <... write resumed>) = 4 [pid 14856] close(3) = 0 [pid 14855] close(3 [pid 14856] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14855] <... close resumed>) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14855] symlink("/dev/binderfs", "./binderfs" [pid 14856] <... futex resumed>) = 0 [pid 14856] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14855] <... symlink resumed>) = 0 [pid 14856] <... mmap resumed>) = 0x7f1c32416000 [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14855] <... futex resumed>) = 0 [pid 14856] <... mprotect resumed>) = 0 [pid 14855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14854] <... write resumed>) = 1048576 [pid 14856] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14855] <... mmap resumed>) = 0x7f1c32416000 [pid 14855] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 14856] <... clone resumed>, parent_tid=[14859], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14859 [pid 14855] <... mprotect resumed>) = 0 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14855] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14856] <... futex resumed>) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14855] <... clone resumed>, parent_tid=[14860], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14860 [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14854] munmap(0x7f1c2a016000, 1048576 [pid 14857] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14854] <... munmap resumed>) = 0 [pid 14854] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14858] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14854] <... openat resumed>) = 4 [pid 14854] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14860 attached [pid 14858] <... write resumed>) = 1048576 [pid 14857] <... write resumed>) = 1048576 [pid 14860] set_robust_list(0x7f1c324369e0, 24 [pid 14858] munmap(0x7f1c2a016000, 1048576 [pid 14857] munmap(0x7f1c2a016000, 1048576./strace-static-x86_64: Process 14859 attached [pid 14860] <... set_robust_list resumed>) = 0 [pid 14859] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14859] memfd_create("syzkaller", 0 [pid 14860] memfd_create("syzkaller", 0 [pid 14859] <... memfd_create resumed>) = 3 [pid 14857] <... munmap resumed>) = 0 [pid 14859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14860] <... memfd_create resumed>) = 3 [pid 14858] <... munmap resumed>) = 0 [pid 14857] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 14860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14857] <... openat resumed>) = 4 [pid 14860] <... mmap resumed>) = 0x7f1c2a016000 [pid 14858] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14857] ioctl(4, LOOP_SET_FD, 3 [pid 14859] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14854] <... ioctl resumed>) = 0 [pid 14854] close(3) = 0 [pid 14854] mkdir("./bus", 0777) = 0 [pid 14854] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14859] <... write resumed>) = 1048576 [pid 14859] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14859] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14859] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... umount2 resumed>) = 0 [pid 14858] <... openat resumed>) = 4 [pid 409] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./523/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./523/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./523/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./523") = 0 [pid 409] mkdir("./524", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 14857] <... ioctl resumed>) = 0 [pid 14857] close(3) = 0 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14862 [pid 14858] ioctl(4, LOOP_SET_FD, 3 [pid 14857] mkdir("./bus", 0777) = 0 [pid 14857] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14862 attached [pid 14862] set_robust_list(0x555555f755e0, 24) = 0 [pid 14862] chdir("./524" [pid 14859] <... ioctl resumed>) = 0 [pid 14862] <... chdir resumed>) = 0 [pid 14862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14862] setpgid(0, 0) = 0 [pid 14859] close(3) = 0 [pid 14859] mkdir("./bus", 0777 [pid 14862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14862] write(3, "1000", 4) = 4 [pid 14862] close(3 [pid 14859] <... mkdir resumed>) = 0 [pid 14862] <... close resumed>) = 0 [pid 14862] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14859] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14862] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14862] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14862] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14863], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14863 [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 262.286848][T14854] loop0: detected capacity change from 0 to 2048 [ 262.298496][T14857] loop5: detected capacity change from 0 to 2048 [ 262.306830][T14859] loop3: detected capacity change from 0 to 2048 [ 262.325844][T14858] loop1: detected capacity change from 0 to 2048 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14863 attached [pid 14860] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14858] <... ioctl resumed>) = 0 [pid 14860] <... write resumed>) = 1048576 [pid 14858] close(3 [pid 14860] munmap(0x7f1c2a016000, 1048576 [pid 14858] <... close resumed>) = 0 [pid 14860] <... munmap resumed>) = 0 [pid 14858] mkdir("./bus", 0777 [pid 14860] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 14858] <... mkdir resumed>) = 0 [pid 14860] <... openat resumed>) = 4 [pid 14858] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14860] ioctl(4, LOOP_SET_FD, 3 [pid 14863] set_robust_list(0x7f1c324369e0, 24 [pid 14854] <... mount resumed>) = 0 [pid 14863] <... set_robust_list resumed>) = 0 [pid 14863] memfd_create("syzkaller", 0 [pid 14854] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14854] chdir("./bus") = 0 [pid 14854] ioctl(4, LOOP_CLR_FD) = 0 [pid 14863] <... memfd_create resumed>) = 3 [pid 14854] close(4 [pid 14863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14860] <... ioctl resumed>) = 0 [pid 14854] <... close resumed>) = 0 [pid 14860] close(3 [pid 14863] <... mmap resumed>) = 0x7f1c2a016000 [pid 14860] <... close resumed>) = 0 [pid 14860] mkdir("./bus", 0777 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... mkdir resumed>) = 0 [pid 14854] <... futex resumed>) = 1 [pid 14851] <... futex resumed>) = 0 [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14854] chdir("./file0") = 0 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14851] <... futex resumed>) = 0 [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14854] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14851] <... futex resumed>) = 0 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14854] <... open resumed>) = 4 [pid 14863] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14863] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14863] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 262.341578][T14854] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/523/bus supports timestamps until 2038 (0x7fffffff) [ 262.359024][T14860] loop4: detected capacity change from 0 to 2048 [ 262.379458][T14858] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/528/bus supports timestamps until 2038 (0x7fffffff) [pid 14863] ioctl(4, LOOP_SET_FD, 3 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14863] <... ioctl resumed>) = 0 [pid 14863] close(3) = 0 [pid 14863] mkdir("./bus", 0777) = 0 [pid 14863] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14858] <... mount resumed>) = 0 [pid 14858] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14858] chdir("./bus") = 0 [pid 14858] ioctl(4, LOOP_CLR_FD) = 0 [pid 14858] close(4) = 0 [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] <... futex resumed>) = 0 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14858] <... futex resumed>) = 1 [pid 14858] chdir("./file0") = 0 [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] <... futex resumed>) = 0 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14858] <... futex resumed>) = 1 [pid 14858] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14854] <... futex resumed>) = 1 [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14859] <... mount resumed>) = 0 [pid 14851] <... futex resumed>) = 0 [pid 14859] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14858] <... open resumed>) = 4 [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14854] <... futex resumed>) = 0 [pid 14851] <... futex resumed>) = 1 [pid 14858] <... futex resumed>) = 1 [pid 14854] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14853] <... futex resumed>) = 0 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14858] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14854] <... openat resumed>) = 5 [pid 14853] <... futex resumed>) = 0 [pid 14858] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14854] <... futex resumed>) = 1 [pid 14851] <... futex resumed>) = 0 [pid 14858] <... openat resumed>) = 5 [pid 14854] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14859] <... openat resumed>) = 3 [pid 14859] chdir("./bus") = 0 [pid 14859] ioctl(4, LOOP_CLR_FD) = 0 [pid 14859] close(4) = 0 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14859] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] <... futex resumed>) = 0 [pid 14854] <... write resumed>) = 196608 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14858] <... futex resumed>) = 1 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] <... futex resumed>) = 0 [pid 14858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14856] <... futex resumed>) = 1 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14859] <... futex resumed>) = 0 [pid 14859] chdir("./file0") = 0 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14859] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14858] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14858] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14851] <... futex resumed>) = 0 [pid 14856] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14851] <... futex resumed>) = 1 [pid 14856] <... futex resumed>) = 1 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14858] <... write resumed>) = 196608 [pid 14859] <... futex resumed>) = 0 [pid 14854] <... futex resumed>) = 0 [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14854] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14859] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14854] <... mount resumed>) = 0 [pid 14853] <... futex resumed>) = 0 [pid 14858] <... futex resumed>) = 1 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14859] <... open resumed>) = 4 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14856] <... futex resumed>) = 0 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14859] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14856] <... futex resumed>) = 0 [pid 14859] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 262.390401][T14863] loop2: detected capacity change from 0 to 2048 [ 262.392175][T14859] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/533/bus supports timestamps until 2038 (0x7fffffff) [ 262.422270][T14857] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/526/bus supports timestamps until 2038 (0x7fffffff) [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14859] <... write resumed>) = 196608 [pid 14856] <... futex resumed>) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] <... futex resumed>) = 0 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14859] <... futex resumed>) = 1 [pid 14859] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] <... futex resumed>) = 0 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14859] <... futex resumed>) = 1 [pid 14859] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] <... futex resumed>) = 0 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14858] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14854] <... futex resumed>) = 1 [pid 14853] <... futex resumed>) = 0 [pid 14860] <... mount resumed>) = 0 [pid 14858] <... mount resumed>) = 0 [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14860] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14859] <... futex resumed>) = 1 [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] <... mount resumed>) = 0 [pid 14856] <... futex resumed>) = 0 [pid 14853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14851] <... futex resumed>) = 0 [pid 14860] <... openat resumed>) = 3 [pid 14858] <... futex resumed>) = 0 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] chdir("./bus" [pid 14858] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14853] <... futex resumed>) = 0 [pid 14860] <... chdir resumed>) = 0 [pid 14858] <... open resumed>) = 6 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14860] ioctl(4, LOOP_CLR_FD [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14860] <... ioctl resumed>) = 0 [pid 14858] <... futex resumed>) = 0 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] close(4 [pid 14859] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14858] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14853] <... futex resumed>) = 0 [pid 14863] <... mount resumed>) = 0 [pid 14860] <... close resumed>) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14854] <... futex resumed>) = 0 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... openat resumed>) = 3 [pid 14860] <... futex resumed>) = 1 [pid 14855] <... futex resumed>) = 0 [pid 14854] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14863] chdir("./bus" [pid 14860] chdir("./file0" [pid 14857] <... openat resumed>) = 3 [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14854] <... open resumed>) = 6 [pid 14859] <... write resumed>) = 1048576 [pid 14860] <... chdir resumed>) = 0 [pid 14855] <... futex resumed>) = 0 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14863] <... chdir resumed>) = 0 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14858] <... write resumed>) = 1048576 [pid 14857] chdir("./bus" [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14854] <... futex resumed>) = 1 [pid 14851] <... futex resumed>) = 0 [pid 14863] ioctl(4, LOOP_CLR_FD [pid 14860] <... futex resumed>) = 0 [pid 14855] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14863] <... ioctl resumed>) = 0 [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14854] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14863] close(4 [pid 14860] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14857] <... chdir resumed>) = 0 [pid 14855] <... futex resumed>) = 0 [pid 14854] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14851] <... futex resumed>) = 0 [pid 14863] <... close resumed>) = 0 [pid 14859] <... futex resumed>) = 1 [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] <... futex resumed>) = 0 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14859] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14853] <... futex resumed>) = 0 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14858] <... futex resumed>) = 1 [pid 14857] ioctl(4, LOOP_CLR_FD [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... futex resumed>) = 1 [ 262.427916][T14860] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/529/bus supports timestamps until 2038 (0x7fffffff) [ 262.446780][T14863] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/524/bus supports timestamps until 2038 (0x7fffffff) [ 262.475813][T14859] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14858] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14857] <... ioctl resumed>) = 0 [pid 14863] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14862] <... futex resumed>) = 0 [pid 14857] close(4 [pid 14854] <... write resumed>) = 1048576 [pid 14857] <... close resumed>) = 0 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14852] <... futex resumed>) = 0 [pid 14857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14852] <... futex resumed>) = 0 [pid 14857] chdir("./file0" [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... open resumed>) = 4 [pid 14859] <... openat resumed>) = 7 [pid 14857] <... chdir resumed>) = 0 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14862] <... futex resumed>) = 1 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14854] <... futex resumed>) = 1 [pid 14851] <... futex resumed>) = 0 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14859] <... futex resumed>) = 1 [pid 14856] <... futex resumed>) = 0 [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14859] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14856] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14854] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14851] <... futex resumed>) = 0 [pid 14859] <... openat resumed>) = 8 [pid 14856] <... futex resumed>) = 0 [pid 14854] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14859] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14856] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] chdir("./file0" [pid 14860] <... futex resumed>) = 1 [pid 14857] <... futex resumed>) = 1 [pid 14855] <... futex resumed>) = 0 [pid 14852] <... futex resumed>) = 0 [pid 14863] <... chdir resumed>) = 0 [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14855] <... futex resumed>) = 0 [pid 14852] <... futex resumed>) = 0 [pid 14863] <... futex resumed>) = 1 [pid 14860] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14857] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14860] <... openat resumed>) = 5 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14855] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14855] <... futex resumed>) = 0 [pid 14860] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14860] <... write resumed>) = 196608 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14855] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14855] <... futex resumed>) = 0 [pid 14860] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14860] <... mount resumed>) = 0 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14855] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14855] <... futex resumed>) = 0 [pid 14860] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14860] <... open resumed>) = 6 [pid 14862] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14859] <... futex resumed>) = 0 [pid 14856] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14853] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = 1 [pid 14859] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14858] <... openat resumed>) = 7 [pid 14857] <... open resumed>) = 4 [pid 14856] exit_group(0 [pid 14855] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14858] <... futex resumed>) = 0 [pid 14855] <... futex resumed>) = 0 [ 262.488052][T14858] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.495963][T14859] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 262.511754][T14858] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 262.516062][T14854] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14860] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... futex resumed>) = 0 [pid 14862] <... futex resumed>) = 1 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14863] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14856] <... exit_group resumed>) = ? [pid 14859] <... futex resumed>) = ? [pid 14858] <... futex resumed>) = 0 [pid 14857] <... futex resumed>) = 1 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14853] <... futex resumed>) = 1 [pid 14852] <... futex resumed>) = 0 [pid 14863] <... open resumed>) = 4 [pid 14859] +++ exited with 0 +++ [pid 14858] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14857] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14856] +++ exited with 0 +++ [pid 14853] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14858] <... openat resumed>) = 8 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14856, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14858] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14858] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] umount2("./533", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./533/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./533/binderfs") = 0 [pid 410] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14852] <... futex resumed>) = 0 [pid 14853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14857] <... openat resumed>) = 5 [pid 14853] exit_group(0 [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14858] <... futex resumed>) = ? [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14853] <... exit_group resumed>) = ? [pid 14863] <... futex resumed>) = 1 [pid 14862] <... futex resumed>) = 0 [pid 14858] +++ exited with 0 +++ [pid 14857] <... futex resumed>) = 1 [pid 14853] +++ exited with 0 +++ [pid 14852] <... futex resumed>) = 0 [pid 14863] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14853, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] umount2("./528", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./528/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./528/binderfs") = 0 [pid 14862] <... futex resumed>) = 0 [pid 14852] <... futex resumed>) = 0 [pid 408] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... openat resumed>) = 5 [pid 14854] <... openat resumed>) = 7 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14854] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] <... write resumed>) = 196608 [pid 14851] <... futex resumed>) = 0 [pid 14863] <... futex resumed>) = 1 [pid 14862] <... futex resumed>) = 0 [pid 14851] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14851] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14862] <... futex resumed>) = 0 [pid 14863] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... write resumed>) = 196608 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14852] <... futex resumed>) = 0 [pid 14857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14854] <... futex resumed>) = 0 [pid 14854] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14854] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14851] <... futex resumed>) = 0 [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14851] exit_group(0 [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14851] <... exit_group resumed>) = ? [pid 14854] +++ exited with 0 +++ [pid 14851] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14851, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./523", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] <... futex resumed>) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./523/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./523/binderfs") = 0 [pid 407] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14860] <... write resumed>) = 1048576 [pid 14863] <... futex resumed>) = 1 [pid 14862] <... futex resumed>) = 0 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14863] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] <... futex resumed>) = 1 [pid 14857] <... mount resumed>) = 0 [pid 14855] <... futex resumed>) = 0 [pid 14863] <... mount resumed>) = 0 [pid 14862] <... futex resumed>) = 0 [pid 14860] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [ 262.535512][T14854] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14855] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14857] <... futex resumed>) = 1 [pid 14855] <... futex resumed>) = 0 [pid 14852] <... futex resumed>) = 0 [pid 14863] <... futex resumed>) = 0 [pid 14862] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = 0 [pid 14863] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14852] <... futex resumed>) = 0 [pid 14863] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14862] <... futex resumed>) = 0 [pid 14857] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14863] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14857] <... open resumed>) = 6 [pid 14863] <... open resumed>) = 6 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14857] <... futex resumed>) = 1 [pid 14852] <... futex resumed>) = 0 [pid 407] lstat("./523/bus", [pid 14863] <... futex resumed>) = 1 [pid 14862] <... futex resumed>) = 0 [pid 14857] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14852] <... futex resumed>) = 0 [pid 14862] <... futex resumed>) = 0 [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] umount2("./523/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./523/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./523/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./533/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./533/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./533/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./533") = 0 [pid 410] mkdir("./534", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14875 [pid 407] rmdir("./523") = 0 [pid 407] mkdir("./524", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 14875 attached [pid 14875] set_robust_list(0x555555f755e0, 24) = 0 [pid 14857] <... write resumed>) = 1048576 [pid 407] <... openat resumed>) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... close resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14876 ./strace-static-x86_64: Process 14876 attached [pid 14876] set_robust_list(0x555555f755e0, 24) = 0 [pid 14876] chdir("./524") = 0 [pid 14876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14876] setpgid(0, 0) = 0 [pid 14876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14857] <... futex resumed>) = 1 [pid 14852] <... futex resumed>) = 0 [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14876] <... openat resumed>) = 3 [pid 14876] write(3, "1000", 4) = 4 [pid 14876] close(3) = 0 [pid 14876] symlink("/dev/binderfs", "./binderfs" [pid 14857] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14876] <... symlink resumed>) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14876] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14876] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14877], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14877 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 262.575786][T14860] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.606642][T14860] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14877 attached [pid 14877] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14877] memfd_create("syzkaller", 0) = 3 [pid 14877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14855] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14855] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14855] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14855] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14855] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14878], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14878 [pid 14855] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14855] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] <... write resumed>) = 1048576 [pid 14877] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14877] ioctl(4, LOOP_SET_FD, 3 [pid 14875] chdir("./534" [pid 14863] <... write resumed>) = 1048576 [pid 14862] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14860] <... openat resumed>) = 7 [pid 408] <... umount2 resumed>) = 0 [pid 14875] <... chdir resumed>) = 0 [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14860] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14875] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14863] <... futex resumed>) = 0 [pid 14862] <... futex resumed>) = 0 [pid 14860] <... futex resumed>) = 0 [pid 14875] <... prctl resumed>) = 0 [pid 14863] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14860] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 14878 attached [pid 14878] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14878] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14878] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14855] <... futex resumed>) = 0 [pid 14855] exit_group(0) = ? [pid 14878] <... futex resumed>) = ? [pid 14878] +++ exited with 0 +++ [pid 14877] <... ioctl resumed>) = 0 [pid 14877] close(3) = 0 [pid 14877] mkdir("./bus", 0777) = 0 [ 262.630923][T14857] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.643327][T14877] loop0: detected capacity change from 0 to 2048 [ 262.652305][T14863] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.654743][T14857] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 14877] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14875] setpgid(0, 0 [pid 14860] <... futex resumed>) = ? [pid 408] lstat("./528/bus", [pid 14875] <... setpgid resumed>) = 0 [pid 14860] +++ exited with 0 +++ [pid 14855] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14855, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14852] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14857] <... openat resumed>) = 7 [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14863] <... openat resumed>) = 7 [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14862] <... futex resumed>) = 0 [pid 14862] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14862] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14863] <... futex resumed>) = 1 [pid 14863] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14863] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14862] <... futex resumed>) = 0 [pid 14862] exit_group(0) = ? [pid 14863] <... futex resumed>) = ? [pid 14852] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14857] <... futex resumed>) = 0 [pid 14852] <... futex resumed>) = 1 [pid 408] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14852] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14875] <... openat resumed>) = 3 [pid 14857] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 411] umount2("./529", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] openat(AT_FDCWD, "./528/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14875] write(3, "1000", 4 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14875] <... write resumed>) = 4 [pid 408] <... openat resumed>) = 4 [pid 14875] close(3 [pid 411] openat(AT_FDCWD, "./529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] fstat(4, [pid 14875] <... close resumed>) = 0 [pid 411] <... openat resumed>) = 3 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14875] symlink("/dev/binderfs", "./binderfs" [pid 411] fstat(3, [pid 408] getdents64(4, [pid 14875] <... symlink resumed>) = 0 [pid 14857] <... openat resumed>) = 8 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(3, [pid 408] getdents64(4, [pid 14875] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14875] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] close(4 [pid 14875] <... mmap resumed>) = 0x7f1c32416000 [pid 411] lstat("./529/binderfs", [pid 14875] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 408] <... close resumed>) = 0 [pid 14875] <... mprotect resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] rmdir("./528/bus" [pid 14875] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14857] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14852] <... futex resumed>) = 0 [pid 411] unlink("./529/binderfs" [pid 408] <... rmdir resumed>) = 0 [pid 14875] <... clone resumed>, parent_tid=[14880], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14880 [pid 14857] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14852] exit_group(0 [pid 411] <... unlink resumed>) = 0 [pid 408] getdents64(3, [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14875] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14857] <... futex resumed>) = ? [pid 14852] <... exit_group resumed>) = ? [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14857] +++ exited with 0 +++ [pid 14852] +++ exited with 0 +++ [pid 408] close(3 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14852, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] <... close resumed>) = 0 [pid 14863] +++ exited with 0 +++ [pid 14862] +++ exited with 0 +++ ./strace-static-x86_64: Process 14880 attached [pid 14880] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14880] memfd_create("syzkaller", 0) = 3 [pid 412] umount2("./526", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14862, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 408] rmdir("./528" [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] restart_syscall(<... resuming interrupted clone ...> [pid 412] openat(AT_FDCWD, "./526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 408] <... rmdir resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 408] mkdir("./529", 0777 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14880] <... mmap resumed>) = 0x7f1c2a016000 [pid 408] <... mkdir resumed>) = 0 [pid 412] getdents64(3, [pid 409] <... restart_syscall resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] <... openat resumed>) = 3 [pid 409] umount2("./524", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] ioctl(3, LOOP_CLR_FD [pid 412] lstat("./526/binderfs", [pid 409] openat(AT_FDCWD, "./524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] unlink("./526/binderfs" [pid 409] <... openat resumed>) = 3 [pid 412] <... unlink resumed>) = 0 [pid 409] fstat(3, [pid 408] close(3 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(3, [pid 408] <... close resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./524/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./524/binderfs" [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14881 ./strace-static-x86_64: Process 14881 attached [pid 14881] set_robust_list(0x555555f755e0, 24) = 0 [pid 14881] chdir("./529") = 0 [pid 14881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14881] setpgid(0, 0) = 0 [pid 14881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14881] write(3, "1000", 4) = 4 [pid 14881] close(3) = 0 [pid 14881] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14881] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14881] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14881] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14883], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14883 [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 262.674132][T14863] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14883 attached [pid 14880] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14883] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14883] memfd_create("syzkaller", 0) = 3 [pid 14883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14880] <... write resumed>) = 1048576 [pid 14880] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14880] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14880] ioctl(4, LOOP_SET_FD, 3 [pid 14883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14877] <... mount resumed>) = 0 [pid 14877] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14877] chdir("./bus") = 0 [pid 14877] ioctl(4, LOOP_CLR_FD) = 0 [pid 14877] close(4) = 0 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] <... futex resumed>) = 1 [pid 14877] chdir("./file0" [pid 14880] <... ioctl resumed>) = 0 [pid 14877] <... chdir resumed>) = 0 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] <... futex resumed>) = 1 [pid 14877] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] <... write resumed>) = 1048576 [pid 14880] close(3 [pid 14877] <... futex resumed>) = 1 [pid 14883] munmap(0x7f1c2a016000, 1048576 [pid 14880] <... close resumed>) = 0 [pid 14877] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14883] <... munmap resumed>) = 0 [pid 14883] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14877] <... openat resumed>) = 5 [pid 14883] <... openat resumed>) = 4 [pid 14883] ioctl(4, LOOP_SET_FD, 3 [pid 14880] mkdir("./bus", 0777 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14877] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14880] <... mkdir resumed>) = 0 [pid 14880] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14877] <... futex resumed>) = 0 [pid 14876] <... futex resumed>) = 1 [pid 14877] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] <... write resumed>) = 196608 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] <... futex resumed>) = 1 [pid 14877] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] <... futex resumed>) = 1 [pid 14877] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] <... ioctl resumed>) = 0 [pid 14877] <... futex resumed>) = 1 [pid 14876] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14876] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] lstat("./524/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./524/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 14877] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 409] fstat(4, [pid 14883] close(3 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 14883] <... close resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./524/bus" [pid 14883] mkdir("./bus", 0777 [pid 409] <... rmdir resumed>) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./524" [pid 14883] <... mkdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./525", 0777 [pid 14883] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 412] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 412] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] lstat("./526/bus", [pid 411] lstat("./529/bus", [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./526/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "./529/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14886 [pid 412] <... openat resumed>) = 4 [pid 411] <... openat resumed>) = 4 [pid 412] fstat(4, [pid 411] fstat(4, [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 262.714015][T14877] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/524/bus supports timestamps until 2038 (0x7fffffff) [ 262.721200][T14880] loop3: detected capacity change from 0 to 2048 [ 262.735930][T14883] loop1: detected capacity change from 0 to 2048 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 411] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, [pid 411] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4 [pid 411] close(4 [pid 412] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 412] rmdir("./526/bus" [pid 411] rmdir("./529/bus" [pid 412] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 411] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 411] close(3 [pid 412] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 412] rmdir("./526" [pid 411] rmdir("./529" [pid 412] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 412] mkdir("./527", 0777 [pid 411] mkdir("./530", 0777 [pid 412] <... mkdir resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 412] <... openat resumed>) = 3 [pid 411] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 411] ioctl(3, LOOP_CLR_FD [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 411] close(3 [pid 412] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14887 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14888 ./strace-static-x86_64: Process 14886 attached [pid 14877] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 14888 attached ./strace-static-x86_64: Process 14887 attached [pid 14886] set_robust_list(0x555555f755e0, 24 [pid 14880] <... mount resumed>) = 0 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] <... set_robust_list resumed>) = 0 [pid 14877] <... futex resumed>) = 1 [pid 14876] <... futex resumed>) = 0 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] chdir("./525" [pid 14877] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14876] <... futex resumed>) = 0 [pid 14888] set_robust_list(0x555555f755e0, 24) = 0 [pid 14888] chdir("./530") = 0 [pid 14888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14888] setpgid(0, 0) = 0 [pid 14888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14888] write(3, "1000", 4) = 4 [pid 14888] close(3) = 0 [pid 14888] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14888] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14888] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14891], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14891 [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14887] set_robust_list(0x555555f755e0, 24) = 0 [pid 14887] chdir("./527") = 0 [pid 14887] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14887] setpgid(0, 0) = 0 [pid 14887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14887] write(3, "1000", 4) = 4 [pid 14887] close(3) = 0 [pid 14887] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14887] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14887] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14887] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14892], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14892 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14892 attached [pid 14892] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14892] memfd_create("syzkaller", 0) = 3 [pid 14892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14892] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14892] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14892] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14892] ioctl(4, LOOP_SET_FD, 3 [pid 14886] <... chdir resumed>) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14892] <... ioctl resumed>) = 0 [pid 14892] close(3) = 0 [pid 14892] mkdir("./bus", 0777) = 0 [pid 14892] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14880] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14880] chdir("./bus") = 0 [pid 14880] ioctl(4, LOOP_CLR_FD) = 0 [pid 14880] close(4) = 0 [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14875] <... futex resumed>) = 0 [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14880] <... futex resumed>) = 1 [pid 14880] chdir("./file0") = 0 [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14875] <... futex resumed>) = 0 [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14880] <... futex resumed>) = 1 [pid 14880] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 14891 attached [pid 14891] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14891] memfd_create("syzkaller", 0) = 3 [pid 14891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 262.765160][T14880] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/534/bus supports timestamps until 2038 (0x7fffffff) [ 262.780631][T14877] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.797879][T14892] loop5: detected capacity change from 0 to 2048 [pid 14891] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14891] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14891] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14891] ioctl(4, LOOP_SET_FD, 3 [pid 14886] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14880] <... open resumed>) = 4 [pid 14886] <... prctl resumed>) = 0 [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] setpgid(0, 0 [pid 14880] <... futex resumed>) = 1 [pid 14875] <... futex resumed>) = 0 [pid 14891] <... ioctl resumed>) = 0 [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14886] <... setpgid resumed>) = 0 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14880] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14886] write(3, "1000", 4 [pid 14880] <... openat resumed>) = 5 [pid 14886] <... write resumed>) = 4 [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] close(3 [pid 14880] <... futex resumed>) = 1 [pid 14875] <... futex resumed>) = 0 [pid 14886] <... close resumed>) = 0 [pid 14880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] symlink("/dev/binderfs", "./binderfs" [pid 14880] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14875] <... futex resumed>) = 0 [pid 14891] close(3) = 0 [pid 14891] mkdir("./bus", 0777 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] <... symlink resumed>) = 0 [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14880] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14891] <... mkdir resumed>) = 0 [pid 14891] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14883] <... mount resumed>) = 0 [pid 14883] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14883] chdir("./bus") = 0 [pid 14883] ioctl(4, LOOP_CLR_FD) = 0 [pid 14883] close(4) = 0 [pid 14880] <... write resumed>) = 196608 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] <... futex resumed>) = 0 [pid 14886] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14886] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14886] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] <... clone resumed>, parent_tid=[14894], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14894 [pid 14880] <... futex resumed>) = 1 [pid 14875] <... futex resumed>) = 0 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14880] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14875] <... futex resumed>) = 0 [pid 14883] chdir("./file0") = 0 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14894 attached [pid 14894] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14894] memfd_create("syzkaller", 0) = 3 [pid 14881] <... futex resumed>) = 0 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] <... futex resumed>) = 0 [pid 14881] <... futex resumed>) = 1 [pid 14883] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14883] <... open resumed>) = 4 [pid 14877] <... openat resumed>) = 7 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] <... futex resumed>) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14880] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14876] <... futex resumed>) = 0 [pid 14877] <... futex resumed>) = 1 [pid 14883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14876] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14881] <... futex resumed>) = 0 [pid 14876] <... futex resumed>) = 0 [pid 14877] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14883] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14880] <... mount resumed>) = 0 [pid 14876] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] <... openat resumed>) = 5 [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14877] <... openat resumed>) = 8 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14880] <... futex resumed>) = 1 [pid 14875] <... futex resumed>) = 0 [pid 14877] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] <... futex resumed>) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14880] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14877] <... futex resumed>) = 1 [pid 14876] <... futex resumed>) = 0 [pid 14875] <... futex resumed>) = 0 [pid 14883] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14881] <... futex resumed>) = 0 [pid 14880] <... open resumed>) = 6 [pid 14883] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14877] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14876] exit_group(0 [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14894] <... mmap resumed>) = 0x7f1c2a016000 [pid 14876] <... exit_group resumed>) = ? [pid 14883] <... write resumed>) = 196608 [pid 14877] <... futex resumed>) = ? [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14877] +++ exited with 0 +++ [pid 14876] +++ exited with 0 +++ [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14880] <... futex resumed>) = 1 [pid 14875] <... futex resumed>) = 0 [pid 14875] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14876, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 14875] <... futex resumed>) = 0 [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... restart_syscall resumed>) = 0 [pid 407] umount2("./524", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./524/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./524/binderfs") = 0 [pid 407] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14883] <... futex resumed>) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14880] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 262.800899][T14883] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/529/bus supports timestamps until 2038 (0x7fffffff) [ 262.817205][T14877] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 262.822138][T14891] loop4: detected capacity change from 0 to 2048 [pid 14894] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14894] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14894] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14894] ioctl(4, LOOP_SET_FD, 3 [pid 14883] <... mount resumed>) = 0 [pid 14894] <... ioctl resumed>) = 0 [pid 14894] close(3) = 0 [pid 14894] mkdir("./bus", 0777) = 0 [pid 14894] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14881] <... futex resumed>) = 0 [pid 14883] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14875] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14875] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14875] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14875] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14875] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14875] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14898], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14898 [pid 14875] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14875] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14891] <... mount resumed>) = 0 [pid 14891] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14891] chdir("./bus"./strace-static-x86_64: Process 14898 attached [pid 14892] <... mount resumed>) = 0 [pid 14891] <... chdir resumed>) = 0 [pid 14891] ioctl(4, LOOP_CLR_FD [pid 14898] set_robust_list(0x7f1c2a1159e0, 24 [pid 14892] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14891] <... ioctl resumed>) = 0 [pid 14898] <... set_robust_list resumed>) = 0 [pid 14892] <... openat resumed>) = 3 [pid 14891] close(4 [pid 14883] <... write resumed>) = 1048576 [pid 14892] chdir("./bus" [pid 14891] <... close resumed>) = 0 [pid 14898] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14892] <... chdir resumed>) = 0 [ 262.862280][T14891] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/530/bus supports timestamps until 2038 (0x7fffffff) [ 262.868013][T14894] loop2: detected capacity change from 0 to 2048 [ 262.883580][T14892] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/527/bus supports timestamps until 2038 (0x7fffffff) [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] ioctl(4, LOOP_CLR_FD [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 14892] <... ioctl resumed>) = 0 [pid 14891] chdir("./file0" [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] close(4 [pid 14891] <... chdir resumed>) = 0 [pid 14888] <... futex resumed>) = 0 [pid 14883] <... futex resumed>) = 1 [pid 14892] <... close resumed>) = 0 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14891] <... futex resumed>) = 0 [pid 14888] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14892] <... futex resumed>) = 1 [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14891] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14887] <... futex resumed>) = 0 [pid 14892] chdir("./file0" [pid 14891] <... open resumed>) = 4 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14881] <... futex resumed>) = 0 [pid 14880] <... write resumed>) = 1048576 [pid 14875] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 407] <... umount2 resumed>) = 0 [pid 14892] <... chdir resumed>) = 0 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14880] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14875] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 14883] <... futex resumed>) = 0 [pid 14881] <... futex resumed>) = 1 [pid 14880] <... futex resumed>) = 0 [pid 14875] <... futex resumed>) = 0 [pid 407] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14892] <... futex resumed>) = 1 [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14883] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14880] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14875] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14894] <... mount resumed>) = 0 [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14894] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14887] <... futex resumed>) = 0 [pid 407] lstat("./524/bus", [pid 14894] <... openat resumed>) = 3 [pid 14892] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14894] chdir("./bus" [pid 407] umount2("./524/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 262.922975][T14898] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.931168][T14894] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/525/bus supports timestamps until 2038 (0x7fffffff) [ 262.951006][T14898] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14894] <... chdir resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14894] ioctl(4, LOOP_CLR_FD [pid 407] openat(AT_FDCWD, "./524/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14894] <... ioctl resumed>) = 0 [pid 407] <... openat resumed>) = 4 [pid 14894] close(4 [pid 407] fstat(4, [pid 14894] <... close resumed>) = 0 [pid 14892] <... open resumed>) = 4 [pid 14891] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14875] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14891] <... openat resumed>) = 5 [pid 14875] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 14892] <... futex resumed>) = 1 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14875] <... mprotect resumed>) = 0 [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14875] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14892] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14875] <... clone resumed>, parent_tid=[14902], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 14902 [pid 14892] <... openat resumed>) = 5 [pid 14891] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14875] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14902 attached [pid 14898] <... openat resumed>) = 7 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14891] <... write resumed>) = 196608 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14902] set_robust_list(0x7f1c2a0f49e0, 24 [pid 14898] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14894] <... futex resumed>) = 1 [pid 407] getdents64(4, [pid 14902] <... set_robust_list resumed>) = 0 [pid 14898] <... futex resumed>) = 0 [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14902] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14898] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 407] getdents64(4, [pid 14892] <... futex resumed>) = 1 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 14883] <... openat resumed>) = 7 [pid 14875] <... futex resumed>) = 0 [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14875] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14894] <... futex resumed>) = 0 [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 1 [pid 14883] <... futex resumed>) = 1 [pid 14881] <... futex resumed>) = 0 [pid 14894] chdir("./file0" [pid 14892] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14881] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14894] <... chdir resumed>) = 0 [pid 14892] <... write resumed>) = 196608 [pid 14891] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] <... openat resumed>) = 8 [pid 14881] <... futex resumed>) = 0 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14891] <... mount resumed>) = 0 [pid 14883] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14881] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14894] <... futex resumed>) = 1 [pid 14892] <... futex resumed>) = 1 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 14883] <... futex resumed>) = 0 [pid 14881] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14883] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14881] exit_group(0 [pid 14894] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 14883] <... futex resumed>) = ? [pid 14881] <... exit_group resumed>) = ? [pid 14894] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14892] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 14891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14883] +++ exited with 0 +++ [pid 14881] +++ exited with 0 +++ [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14894] <... open resumed>) = 4 [pid 14892] <... mount resumed>) = 0 [pid 14891] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] close(4 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14891] <... open resumed>) = 6 [pid 407] <... close resumed>) = 0 [pid 14894] <... futex resumed>) = 1 [pid 14892] <... futex resumed>) = 1 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 407] rmdir("./524/bus" [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14894] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 407] getdents64(3, [ 262.962997][T14883] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 262.982257][T14883] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 262.985949][T14902] ================================================================== [ 262.999698][T14902] BUG: KASAN: use-after-free in ext4_ext_rm_leaf+0x14d4/0x1800 [ 263.007080][T14902] Read of size 4 at addr ffff888123a80ff4 by task syz-executor214/14902 [ 263.015230][T14902] [pid 14894] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14892] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14888] <... futex resumed>) = 0 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14894] <... openat resumed>) = 5 [pid 14892] <... open resumed>) = 6 [pid 14891] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] close(3 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... close resumed>) = 0 [pid 14894] <... futex resumed>) = 1 [pid 14892] <... futex resumed>) = 1 [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 407] rmdir("./524" [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... rmdir resumed>) = 0 [pid 14894] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14892] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14887] <... futex resumed>) = 0 [pid 14886] <... futex resumed>) = 0 [pid 407] mkdir("./525", 0777 [pid 14894] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14892] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14881, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 407] <... mkdir resumed>) = 0 [pid 14894] <... write resumed>) = 196608 [pid 14875] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... restart_syscall resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 14894] <... futex resumed>) = 1 [pid 14886] <... futex resumed>) = 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14894] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14886] <... futex resumed>) = 0 [pid 408] umount2("./529", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] close(3 [pid 14894] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... close resumed>) = 0 [pid 14894] <... mount resumed>) = 0 [pid 408] openat(AT_FDCWD, "./529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 14894] <... futex resumed>) = 1 [pid 14886] <... futex resumed>) = 0 [pid 408] fstat(3, [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 14903 [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 263.017404][T14902] CPU: 0 PID: 14902 Comm: syz-executor214 Not tainted 5.15.80-syzkaller-00318-g72d681a01da5 #0 [ 263.027557][T14902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 263.037453][T14902] Call Trace: [ 263.040576][T14902] [ 263.043352][T14902] dump_stack_lvl+0x151/0x1b7 [ 263.047866][T14902] ? bfq_pos_tree_add_move+0x43e/0x43e [ 263.053159][T14902] ? __wake_up_klogd+0xd9/0x110 [ 263.057936][T14902] ? panic+0x727/0x727 [ 263.061845][T14902] ? __find_get_block+0xd85/0x1180 [ 263.066786][T14902] print_address_description+0x87/0x3d0 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14894] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14886] <... futex resumed>) = 0 [pid 408] getdents64(3, ./strace-static-x86_64: Process 14903 attached [pid 14894] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14903] set_robust_list(0x555555f755e0, 24 [pid 14894] <... open resumed>) = 6 [pid 408] umount2("./529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14903] <... set_robust_list resumed>) = 0 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14903] chdir("./525" [pid 14894] <... futex resumed>) = 1 [pid 14886] <... futex resumed>) = 0 [pid 408] lstat("./529/binderfs", [pid 14903] <... chdir resumed>) = 0 [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14903] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14894] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14891] <... write resumed>) = 1048576 [pid 14886] <... futex resumed>) = 0 [pid 408] unlink("./529/binderfs" [pid 14903] <... prctl resumed>) = 0 [pid 14894] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... unlink resumed>) = 0 [pid 14903] setpgid(0, 0 [pid 14891] <... futex resumed>) = 1 [pid 14888] <... futex resumed>) = 0 [pid 408] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14903] <... setpgid resumed>) = 0 [pid 14891] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14888] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14888] <... futex resumed>) = 0 [ 263.072167][T14902] kasan_report+0x1a6/0x1f0 [ 263.076530][T14902] ? ext4_ext_rm_leaf+0x14d4/0x1800 [ 263.080123][T14891] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 263.081540][T14902] ? ext4_ext_rm_leaf+0x14d4/0x1800 [ 263.098418][T14892] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 263.100195][T14902] __asan_report_load4_noabort+0x14/0x20 [pid 14903] <... openat resumed>) = 3 [pid 14892] <... write resumed>) = 1048576 [pid 14888] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14887] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14903] write(3, "1000", 4 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14903] <... write resumed>) = 4 [pid 14892] <... futex resumed>) = 0 [pid 14887] <... futex resumed>) = 0 [pid 14903] close(3 [pid 14892] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14887] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14903] <... close resumed>) = 0 [pid 14903] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14903] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14903] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14904], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14904 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14894] <... write resumed>) = 1048576 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] <... futex resumed>) = 0 [pid 14886] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14886] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14894] <... futex resumed>) = 1 [pid 14894] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14904 attached [pid 14904] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14904] memfd_create("syzkaller", 0) = 3 [pid 14904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14887] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14888] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14888] <... futex resumed>) = 0 [pid 14887] <... futex resumed>) = 0 [pid 14888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14887] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14888] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14887] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14888] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14887] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14888] <... mprotect resumed>) = 0 [pid 14887] <... mprotect resumed>) = 0 [pid 14888] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14887] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14888] <... clone resumed>, parent_tid=[14905], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14905 [pid 14887] <... clone resumed>, parent_tid=[14906], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14906 [pid 14888] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14887] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14888] <... futex resumed>) = 0 [pid 14887] <... futex resumed>) = 0 [pid 14888] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14887] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14905 attached ./strace-static-x86_64: Process 14906 attached [pid 14906] set_robust_list(0x7f1c2a1159e0, 24 [pid 14905] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14906] <... set_robust_list resumed>) = 0 [pid 14905] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14906] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14904] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14904] munmap(0x7f1c2a016000, 1048576) = 0 [ 263.100219][T14902] ext4_ext_rm_leaf+0x14d4/0x1800 [ 263.100238][T14902] ? __kasan_check_read+0x11/0x20 [ 263.123863][T14894] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 263.124153][T14902] ? __read_extent_tree_block+0x1d8/0x7b0 [ 263.131749][T14894] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 263.142639][T14902] ext4_ext_remove_space+0xfc5/0x21b0 [ 263.142667][T14902] ? ext4_ext_index_trans_blocks+0x120/0x120 [ 263.142683][T14902] ? ext4_es_remove_extent+0x1a4/0x360 [ 263.163086][T14904] loop0: detected capacity change from 0 to 2048 [ 263.167815][T14902] ? ext4_es_lookup_extent+0x9d0/0x9d0 [ 263.175110][T14891] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 263.179268][T14902] ext4_ext_truncate+0x19f/0x250 [ 263.185182][T14892] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 263.193065][T14902] ext4_truncate+0x942/0xf50 [ 263.193087][T14902] ? __ext4_mark_inode_dirty+0x7a0/0x7a0 [ 263.193102][T14902] ? selinux_inode_permission+0x650/0x650 [ 263.221812][T14902] ext4_setattr+0xfe4/0x1920 [ 263.226313][T14902] ? ext4_write_inode+0x730/0x730 [ 263.231232][T14902] notify_change+0xd8f/0x1040 [ 263.235707][T14902] ? down_read_killable+0x250/0x250 [ 263.240803][T14902] do_truncate+0x214/0x300 [ 263.245054][T14902] ? put_page_bootmem+0x1a0/0x1a0 [ 263.249915][T14902] path_openat+0x2849/0x2ea0 [ 263.254340][T14902] ? stack_trace_save+0x12d/0x1f0 [ 263.259201][T14902] ? do_filp_open+0x4f0/0x4f0 [ 263.263803][T14902] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 263.269709][T14902] do_filp_open+0x277/0x4f0 [ 263.274048][T14902] ? vfs_tmpfile+0x290/0x290 [ 263.278479][T14902] do_sys_openat2+0x13b/0x500 [ 263.283071][T14902] ? ptrace_stop+0x6eb/0xa30 [ 263.287500][T14902] ? do_sys_open+0x220/0x220 [ 263.291927][T14902] ? _raw_spin_unlock_irq+0x4e/0x70 [ 263.296968][T14902] ? ptrace_notify+0x248/0x340 [ 263.301559][T14902] __x64_sys_openat+0x243/0x290 [ 263.306254][T14902] ? __ia32_sys_open+0x270/0x270 [ 263.311108][T14902] ? syscall_enter_from_user_mode+0x71/0x1b0 [ 263.316924][T14902] do_syscall_64+0x44/0xd0 [ 263.321190][T14902] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 263.326935][T14902] RIP: 0033:0x7f1c3248a7f9 [ 263.331180][T14902] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 263.350769][T14902] RSP: 002b:00007f1c2a0f42f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 263.359014][T14902] RAX: ffffffffffffffda RBX: 00007f1c3250f7c0 RCX: 00007f1c3248a7f9 [ 263.366827][T14902] RDX: 000000000000275a RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 263.374635][T14902] RBP: 00007f1c324dc814 R08: 00007f1c2a0f4700 R09: 0000000000000000 [ 263.382448][T14902] R10: 0000000000000000 R11: 0000000000000246 R12: be734677a9d9a8be [ 263.390267][T14902] R13: 0030656c69662f2e R14: 6f6f6c2f7665642f R15: 00007f1c3250f7c8 [ 263.398092][T14902] [ 263.400936][T14902] [ 263.403105][T14902] The buggy address belongs to the page: [ 263.408574][T14902] page:ffffea00048ea000 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x123a80 [ 263.418640][T14902] flags: 0x4000000000000000(zone=1) [ 263.423680][T14902] raw: 4000000000000000 ffffea0004950488 ffffea000496e388 0000000000000000 [ 263.432098][T14902] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 263.440685][T14902] page dumped because: kasan: bad access detected [ 263.446940][T14902] page_owner tracks the page as freed [ 263.452227][T14902] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 14254, ts 252534449862, free_ts 252822873974 [ 263.466816][T14902] post_alloc_hook+0x1ab/0x1b0 [ 263.471413][T14902] get_page_from_freelist+0x38b/0x400 [ 263.476620][T14902] __alloc_pages+0x3a8/0x7c0 [ 263.481042][T14902] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 263.486510][T14902] shmem_getpage_gfp+0x1487/0x25f0 [ 263.491457][T14902] shmem_write_begin+0xc8/0x1b0 [ 263.496145][T14902] generic_perform_write+0x2cd/0x5d0 [ 263.501266][T14902] __generic_file_write_iter+0x25b/0x4b0 [ 263.506734][T14902] generic_file_write_iter+0xaf/0x1c0 [ 263.511942][T14902] vfs_write+0xc8d/0x1050 [ 263.516107][T14902] ksys_write+0x198/0x2c0 [ 263.520281][T14902] __x64_sys_write+0x7b/0x90 [ 263.524699][T14902] do_syscall_64+0x44/0xd0 [ 263.528949][T14902] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 263.534687][T14902] page last free stack trace: [ 263.539280][T14902] free_pcp_prepare+0x448/0x450 [ 263.543969][T14902] free_unref_page_list+0x16a/0xad0 [ 263.549153][T14902] release_pages+0xf3e/0xf90 [ 263.553513][T14902] __pagevec_release+0x81/0xf0 [ 263.558115][T14902] shmem_undo_range+0x64c/0x1c90 [ 263.562978][T14902] shmem_evict_inode+0x228/0xa30 [ 263.567752][T14902] evict+0x2a3/0x630 [ 263.571486][T14902] iput+0x61c/0x7d0 [ 263.575161][T14902] dentry_unlink_inode+0x349/0x430 [ 263.580505][T14902] __dentry_kill+0x3e2/0x5d0 [ 263.584933][T14902] dentry_kill+0xc0/0x2a0 [ 263.589096][T14902] dput+0x175/0x320 [ 263.592745][T14902] __fput+0x65a/0x910 [ 263.596565][T14902] ____fput+0x15/0x20 [ 263.600489][T14902] task_work_run+0x147/0x1b0 [ 263.604892][T14902] ptrace_notify+0x29a/0x340 [ 263.609321][T14902] [ 263.611502][T14902] Memory state around the buggy address: [ 263.617021][T14902] ffff888123a80e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 263.624947][T14902] ffff888123a80f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 263.632851][T14902] >ffff888123a80f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 263.640740][T14902] ^ [ 263.648312][T14902] ffff888123a81000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 263.656199][T14902] ffff888123a81080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 263.664088][T14902] ================================================================== [pid 14904] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14904] ioctl(4, LOOP_SET_FD, 3 [pid 14886] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14886] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14886] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14886] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14886] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14907], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14907 [pid 14886] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14886] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14907 attached [pid 14907] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14907] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14907] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14886] <... futex resumed>) = 0 [pid 14907] <... futex resumed>) = 1 [pid 14907] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14894] <... openat resumed>) = 7 [pid 14894] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14894] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14886] exit_group(0) = ? [pid 14888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14887] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14888] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14887] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14887] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14888] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14887] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 14888] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14887] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14907] <... futex resumed>) = ? [pid 14907] +++ exited with 0 +++ [pid 14894] <... futex resumed>) = ? [pid 14894] +++ exited with 0 +++ [pid 14886] +++ exited with 0 +++ [pid 14904] <... ioctl resumed>) = 0 [pid 14904] close(3) = 0 [pid 14904] mkdir("./bus", 0777) = 0 [pid 14904] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14886, si_uid=0, si_status=0, si_utime=1, si_stime=4} --- [pid 409] umount2("./525", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./525/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./525/binderfs") = 0 [pid 409] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14902] <... openat resumed>) = 8 [pid 14902] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14902] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14875] exit_group(0 [pid 14902] <... futex resumed>) = ? [pid 14898] <... futex resumed>) = ? [pid 14880] <... futex resumed>) = ? [pid 14875] <... exit_group resumed>) = ? [pid 14906] <... openat resumed>) = 8 [pid 14905] <... openat resumed>) = 8 [pid 14902] +++ exited with 0 +++ [pid 14898] +++ exited with 0 +++ [pid 14892] <... openat resumed>) = 7 [pid 14891] <... openat resumed>) = 7 [pid 14880] +++ exited with 0 +++ [pid 14875] +++ exited with 0 +++ [pid 14906] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14905] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14892] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14875, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14906] <... futex resumed>) = 0 [pid 14905] <... futex resumed>) = 0 [pid 14892] <... futex resumed>) = 0 [pid 14906] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14905] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14892] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] umount2("./534", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./534/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./534/binderfs" [pid 14887] exit_group(0 [pid 410] <... unlink resumed>) = 0 [pid 14906] <... futex resumed>) = ? [pid 14892] <... futex resumed>) = ? [pid 14887] <... exit_group resumed>) = ? [pid 410] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14906] +++ exited with 0 +++ [pid 14892] +++ exited with 0 +++ [pid 14891] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14891] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14887] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14887, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 14888] exit_group(0 [pid 14905] <... futex resumed>) = ? [pid 14891] <... futex resumed>) = ? [pid 14888] <... exit_group resumed>) = ? [pid 14905] +++ exited with 0 +++ [pid 412] <... restart_syscall resumed>) = 0 [pid 14891] +++ exited with 0 +++ [pid 14888] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14888, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 412] umount2("./527", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14904] <... mount resumed>) = 0 [pid 14904] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14904] chdir("./bus") = 0 [pid 412] umount2("./527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] umount2("./530", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] lstat("./527/binderfs", [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] openat(AT_FDCWD, "./530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] unlink("./527/binderfs" [pid 411] <... openat resumed>) = 3 [pid 412] <... unlink resumed>) = 0 [pid 411] fstat(3, [pid 412] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14904] ioctl(4, LOOP_CLR_FD [pid 411] getdents64(3, [pid 14904] <... ioctl resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14904] close(4) = 0 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./530/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./530/binderfs" [pid 14904] <... futex resumed>) = 1 [pid 14904] chdir("./file0" [pid 411] <... unlink resumed>) = 0 [pid 411] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14904] <... chdir resumed>) = 0 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14904] <... futex resumed>) = 1 [pid 14904] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./529/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./529/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./529/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./529") = 0 [pid 408] mkdir("./530", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 14904] <... open resumed>) = 4 [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14910 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14904] <... futex resumed>) = 1 [pid 14904] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 14910 attached ) = 5 [pid 14910] set_robust_list(0x555555f755e0, 24) = 0 [pid 14910] chdir("./530") = 0 [pid 14910] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14910] setpgid(0, 0) = 0 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14910] write(3, "1000", 4) = 4 [pid 14910] close(3) = 0 [pid 14910] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14903] <... futex resumed>) = 0 [pid 14904] <... futex resumed>) = 1 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14910] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14910] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14910] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14911], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14911 [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14911 attached [pid 14911] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14911] memfd_create("syzkaller", 0 [pid 14904] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14911] <... memfd_create resumed>) = 3 [pid 14911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14904] <... write resumed>) = 196608 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14904] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14904] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14904] <... futex resumed>) = 1 [pid 14904] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14911] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14911] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14911] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 263.672074][T14902] Disabling lock debugging due to kernel taint [ 263.694392][T14904] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/525/bus supports timestamps until 2038 (0x7fffffff) [pid 14911] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./525/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./525/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./525/bus") = 0 [pid 409] getdents64(3, [pid 14904] <... write resumed>) = 1048576 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] close(3 [pid 14904] <... futex resumed>) = 1 [pid 14903] <... futex resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 14904] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14903] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] rmdir("./525" [pid 14903] <... futex resumed>) = 0 [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... rmdir resumed>) = 0 [pid 14911] <... ioctl resumed>) = 0 [pid 409] mkdir("./526", 0777 [pid 14911] close(3) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14911] mkdir("./bus", 0777 [pid 409] <... openat resumed>) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 14911] <... mkdir resumed>) = 0 [pid 14911] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = 0 [pid 410] lstat("./534/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./534/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./534/bus") = 0 [pid 411] <... umount2 resumed>) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./534") = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14912 [pid 411] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] mkdir("./535", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./530/bus", [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14913 ./strace-static-x86_64: Process 14913 attached [pid 14913] set_robust_list(0x555555f755e0, 24) = 0 [pid 14913] chdir("./535") = 0 [pid 14913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14913] setpgid(0, 0) = 0 [pid 14913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14913] write(3, "1000", 4) = 4 [pid 14913] close(3) = 0 [pid 14913] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 412] lstat("./527/bus", [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14913] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14913] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14913] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14914], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14914 [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./530/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] openat(AT_FDCWD, "./527/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 4 [pid 412] <... openat resumed>) = 4 [pid 411] fstat(4, [pid 412] fstat(4, [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 412] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, [pid 412] getdents64(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4 [pid 412] close(4 [pid 411] <... close resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./527/bus" [pid 411] rmdir("./530/bus" [pid 412] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 411] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 411] close(3 [pid 412] <... close resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 412] rmdir("./527" [pid 411] rmdir("./530" [pid 412] <... rmdir resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 412] mkdir("./528", 0777 [pid 411] mkdir("./531", 0777./strace-static-x86_64: Process 14912 attached [pid 412] <... mkdir resumed>) = 0 [pid 14912] set_robust_list(0x555555f755e0, 24) = 0 [pid 14912] chdir("./526" [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 411] <... mkdir resumed>) = 0 [pid 14912] <... chdir resumed>) = 0 [pid 14912] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14912] setpgid(0, 0) = 0 [pid 14912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 412] <... openat resumed>) = 3 [pid 411] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 14912] <... openat resumed>) = 3 [pid 14912] write(3, "1000", 4) = 4 [pid 14912] close(3) = 0 [pid 14912] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14912] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14912] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14915], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14915 [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14915 attached [pid 14915] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14915] memfd_create("syzkaller", 0) = 3 [pid 14915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 411] close(3 [pid 412] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... close resumed>) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14916 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14917 [ 263.748174][T14911] loop1: detected capacity change from 0 to 2048 [ 263.767699][T14904] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14916 attached [pid 14916] set_robust_list(0x555555f755e0, 24) = 0 [pid 14916] chdir("./528" [pid 14903] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14903] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14903] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14903] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14903] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14918], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14918 [pid 14903] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14903] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14916] <... chdir resumed>) = 0 [pid 14916] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14916] setpgid(0, 0) = 0 [pid 14916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14916] write(3, "1000", 4) = 4 [pid 14916] close(3) = 0 [pid 14916] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14916] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14916] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14916] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14919], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14919 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14915] <... write resumed>) = 1048576 [pid 14915] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14915] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14915] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14914 attached [pid 14914] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14914] memfd_create("syzkaller", 0) = 3 [pid 14914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14914] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14915] <... ioctl resumed>) = 0 [pid 14915] close(3) = 0 [pid 14914] <... write resumed>) = 1048576 [pid 14914] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14914] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14914] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14918 attached ./strace-static-x86_64: Process 14917 attached [pid 14915] mkdir("./bus", 0777) = 0 [pid 14914] <... ioctl resumed>) = 0 [pid 14914] close(3 [pid 14915] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14917] set_robust_list(0x555555f755e0, 24 [pid 14914] <... close resumed>) = 0 [pid 14914] mkdir("./bus", 0777) = 0 [pid 14914] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14918] set_robust_list(0x7f1c2a1159e0, 24 [pid 14917] <... set_robust_list resumed>) = 0 [pid 14917] chdir("./531") = 0 [pid 14918] <... set_robust_list resumed>) = 0 [pid 14918] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14904] <... openat resumed>) = 7 [pid 14904] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14904] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14919 attached [pid 14919] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14919] memfd_create("syzkaller", 0) = 3 [pid 14919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14917] setpgid(0, 0 [pid 14918] <... openat resumed>) = 8 [pid 14917] <... setpgid resumed>) = 0 [pid 14918] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14903] <... futex resumed>) = 0 [pid 14903] exit_group(0) = ? [pid 14904] <... futex resumed>) = ? [pid 14904] +++ exited with 0 +++ [pid 14917] <... openat resumed>) = 3 [pid 14918] <... futex resumed>) = ? [pid 14917] write(3, "1000", 4) = 4 [pid 14917] close(3) = 0 [pid 14917] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14918] +++ exited with 0 +++ [pid 14903] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14903, si_uid=0, si_status=0, si_utime=0, si_stime=51} --- [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14917] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] <... restart_syscall resumed>) = 0 [pid 14917] <... mmap resumed>) = 0x7f1c32416000 [pid 407] umount2("./525", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14917] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 407] lstat("./525/binderfs", [pid 14917] <... mprotect resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./525/binderfs" [pid 14917] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] <... unlink resumed>) = 0 [pid 407] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14917] <... clone resumed>, parent_tid=[14924], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14924 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [ 263.811311][T14904] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 263.822489][T14915] loop2: detected capacity change from 0 to 2048 [ 263.833870][T14914] loop3: detected capacity change from 0 to 2048 [pid 14919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 14924 attached ) = 1048576 [pid 14919] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14919] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14919] ioctl(4, LOOP_SET_FD, 3 [pid 14924] set_robust_list(0x7f1c324369e0, 24 [pid 14911] <... mount resumed>) = 0 [pid 14919] <... ioctl resumed>) = 0 [pid 14919] close(3) = 0 [pid 14919] mkdir("./bus", 0777) = 0 [pid 14919] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14924] <... set_robust_list resumed>) = 0 [pid 14924] memfd_create("syzkaller", 0) = 3 [pid 14924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14924] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14924] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14924] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14924] ioctl(4, LOOP_SET_FD, 3 [pid 14915] <... mount resumed>) = 0 [pid 14911] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14911] chdir("./bus") = 0 [pid 14911] ioctl(4, LOOP_CLR_FD) = 0 [pid 14911] close(4) = 0 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14911] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14915] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14915] chdir("./bus") = 0 [pid 14915] ioctl(4, LOOP_CLR_FD) = 0 [pid 14915] close(4) = 0 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14915] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14924] <... ioctl resumed>) = 0 [pid 14924] close(3) = 0 [pid 14924] mkdir("./bus", 0777) = 0 [pid 14924] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./525/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./525/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./525/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./525/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./525") = 0 [pid 407] mkdir("./526", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14927 [pid 14910] <... futex resumed>) = 0 [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] <... futex resumed>) = 0 [pid 14910] <... futex resumed>) = 1 [pid 14911] chdir("./file0" [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... chdir resumed>) = 0 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14910] <... futex resumed>) = 0 [pid 14911] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... futex resumed>) = 0 [pid 14911] <... open resumed>) = 4 [pid 14910] <... futex resumed>) = 0 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... futex resumed>) = 0 [pid 14910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14911] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] <... openat resumed>) = 5 [pid 14910] <... futex resumed>) = 0 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... futex resumed>) = 0 [pid 14910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14911] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14910] <... futex resumed>) = 0 [pid 14911] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... write resumed>) = 196608 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14910] <... futex resumed>) = 0 [pid 14911] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] <... mount resumed>) = 0 [pid 14910] <... futex resumed>) = 0 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... futex resumed>) = 0 [pid 14910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14911] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] <... open resumed>) = 6 [pid 14910] <... futex resumed>) = 0 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... futex resumed>) = 0 [pid 14910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14911] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14910] <... futex resumed>) = 0 [pid 14915] <... futex resumed>) = 0 [pid 14912] <... futex resumed>) = 1 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] chdir("./file0" [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] <... chdir resumed>) = 0 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14915] <... futex resumed>) = 0 [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14912] <... futex resumed>) = 0 [pid 14915] <... open resumed>) = 4 [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14915] <... futex resumed>) = 0 [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14912] <... futex resumed>) = 0 [pid 14915] <... openat resumed>) = 5 [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14915] <... futex resumed>) = 0 [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14912] <... futex resumed>) = 0 [pid 14915] <... write resumed>) = 196608 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14915] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] <... futex resumed>) = 0 [pid 14912] <... futex resumed>) = 1 [pid 14915] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] <... mount resumed>) = 0 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14912] <... futex resumed>) = 0 [pid 14915] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14912] <... futex resumed>) = 0 [ 263.861436][T14911] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/530/bus supports timestamps until 2038 (0x7fffffff) [ 263.862017][T14919] loop5: detected capacity change from 0 to 2048 [ 263.876036][T14915] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/526/bus supports timestamps until 2038 (0x7fffffff) [ 263.891833][T14924] loop4: detected capacity change from 0 to 2048 [ 263.898461][T14914] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/535/bus supports timestamps until 2038 (0x7fffffff) [pid 14915] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] <... open resumed>) = 6 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14912] <... futex resumed>) = 0 [pid 14915] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14912] <... futex resumed>) = 0 [pid 14915] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14927 attached [pid 14914] <... mount resumed>) = 0 [pid 14914] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14914] chdir("./bus") = 0 [pid 14914] ioctl(4, LOOP_CLR_FD) = 0 [pid 14914] close(4) = 0 [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14913] <... futex resumed>) = 0 [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14914] <... futex resumed>) = 0 [pid 14913] <... futex resumed>) = 1 [pid 14914] chdir("./file0" [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14914] <... chdir resumed>) = 0 [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] <... write resumed>) = 1048576 [pid 14914] <... futex resumed>) = 1 [pid 14913] <... futex resumed>) = 0 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14915] <... futex resumed>) = 1 [pid 14914] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... futex resumed>) = 0 [pid 14915] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14914] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14913] <... futex resumed>) = 0 [pid 14912] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] set_robust_list(0x555555f755e0, 24 [pid 14915] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14912] <... futex resumed>) = 0 [pid 14912] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14914] <... open resumed>) = 4 [pid 14927] <... set_robust_list resumed>) = 0 [pid 14915] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14919] <... mount resumed>) = 0 [pid 14919] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14919] chdir("./bus") = 0 [pid 14919] ioctl(4, LOOP_CLR_FD) = 0 [pid 14919] close(4 [pid 14910] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14910] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14910] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14910] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14910] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14932], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14932 [pid 14910] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14910] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] <... close resumed>) = 0 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14916] <... futex resumed>) = 0 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] <... futex resumed>) = 1 [pid 14919] chdir("./file0") = 0 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14916] <... futex resumed>) = 0 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] <... futex resumed>) = 1 [pid 14919] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 14932 attached [pid 14932] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14932] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14927] chdir("./526" [pid 14914] <... futex resumed>) = 1 [pid 14913] <... futex resumed>) = 0 [pid 14911] <... write resumed>) = 1048576 [ 263.950813][T14919] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/528/bus supports timestamps until 2038 (0x7fffffff) [ 263.969238][T14915] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 263.982294][T14932] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14927] <... chdir resumed>) = 0 [pid 14914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14914] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14913] <... futex resumed>) = 0 [pid 14911] <... futex resumed>) = 0 [pid 14927] <... prctl resumed>) = 0 [pid 14914] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14927] setpgid(0, 0 [pid 14914] <... openat resumed>) = 5 [pid 14927] <... setpgid resumed>) = 0 [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14914] <... futex resumed>) = 1 [pid 14913] <... futex resumed>) = 0 [pid 14927] <... openat resumed>) = 3 [pid 14914] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] write(3, "1000", 4 [pid 14914] <... write resumed>) = 196608 [pid 14913] <... futex resumed>) = 0 [pid 14927] <... write resumed>) = 4 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14927] close(3) = 0 [pid 14927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14927] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14927] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14934], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14934 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14913] <... futex resumed>) = 0 [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14914] <... futex resumed>) = 1 [pid 14914] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14913] <... futex resumed>) = 0 [pid 14914] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14914] <... open resumed>) = 6 [pid 14913] <... futex resumed>) = 0 [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14914] <... futex resumed>) = 0 [pid 14913] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14914] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14934 attached [pid 14924] <... mount resumed>) = 0 [pid 14919] <... open resumed>) = 4 [pid 14915] <... openat resumed>) = 7 [pid 14912] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14912] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14934] set_robust_list(0x7f1c324369e0, 24 [pid 14912] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14915] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... mprotect resumed>) = 0 [pid 14934] <... set_robust_list resumed>) = 0 [pid 14910] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14912] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14935], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14935 [pid 14912] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14912] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14915] <... futex resumed>) = 0 [pid 14910] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14934] memfd_create("syzkaller", 0 [pid 14919] <... futex resumed>) = 1 [pid 14916] <... futex resumed>) = 0 [pid 14915] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14910] <... futex resumed>) = 1 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] <... futex resumed>) = 0 [pid 14916] <... futex resumed>) = 0 [pid 14919] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14911] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14910] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... memfd_create resumed>) = 3 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14911] <... openat resumed>) = 8 [pid 14911] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14911] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14932] <... openat resumed>) = 7 [pid 14934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14919] <... openat resumed>) = 5 [pid 14910] <... futex resumed>) = 0 [pid 14932] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14932] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14910] exit_group(0 [pid 14911] <... futex resumed>) = ? [pid 14934] <... mmap resumed>) = 0x7f1c2a016000 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14911] +++ exited with 0 +++ [pid 14910] <... exit_group resumed>) = ? [pid 14924] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 14935 attached [pid 14935] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14935] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14935] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14912] <... futex resumed>) = 0 [pid 14912] exit_group(0) = ? [pid 14935] <... futex resumed>) = ? [pid 14935] +++ exited with 0 +++ [pid 14932] <... futex resumed>) = ? [pid 14932] +++ exited with 0 +++ [pid 14910] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14910, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./530", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./530/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./530/binderfs") = 0 [pid 408] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14919] <... futex resumed>) = 1 [pid 14916] <... futex resumed>) = 0 [pid 14915] <... futex resumed>) = ? [pid 14919] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14924] <... openat resumed>) = 3 [pid 14924] chdir("./bus") = 0 [pid 14924] ioctl(4, LOOP_CLR_FD) = 0 [pid 14924] close(4) = 0 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14924] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14915] +++ exited with 0 +++ [pid 14912] +++ exited with 0 +++ [pid 14917] <... futex resumed>) = 0 [pid 14916] <... futex resumed>) = 1 [pid 14919] <... futex resumed>) = 0 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14912, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 14917] <... futex resumed>) = 1 [pid 14919] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./526", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 3 [pid 14919] <... futex resumed>) = 1 [pid 409] fstat(3, [pid 14919] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14916] <... futex resumed>) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./526/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./526/binderfs") = 0 [pid 409] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14919] <... futex resumed>) = 0 [pid 14916] <... futex resumed>) = 1 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14919] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14934] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14916] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14919] <... futex resumed>) = 0 [pid 14916] <... futex resumed>) = 1 [pid 14919] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] <... open resumed>) = 6 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14916] <... futex resumed>) = 0 [pid 14919] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14924] <... futex resumed>) = 0 [pid 14916] <... futex resumed>) = 0 [pid 14914] <... write resumed>) = 1048576 [pid 14924] chdir("./file0" [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14924] <... chdir resumed>) = 0 [pid 14914] <... futex resumed>) = 1 [pid 14913] <... futex resumed>) = 0 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14913] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14913] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14917] <... futex resumed>) = 0 [pid 14914] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14924] <... futex resumed>) = 1 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... write resumed>) = 1048576 [ 263.993638][T14915] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 263.997888][T14924] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/531/bus supports timestamps until 2038 (0x7fffffff) [ 264.017864][T14932] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14934] munmap(0x7f1c2a016000, 1048576 [pid 14914] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14924] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14934] <... munmap resumed>) = 0 [pid 14934] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 14934] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 14934] close(3) = 0 [pid 14934] mkdir("./bus", 0777) = 0 [pid 14934] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14919] <... write resumed>) = 1048576 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14919] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14924] <... open resumed>) = 4 [pid 14916] <... futex resumed>) = 0 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14924] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14917] <... futex resumed>) = 0 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14919] <... futex resumed>) = 0 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14916] <... futex resumed>) = 1 [pid 14924] <... futex resumed>) = 0 [pid 14917] <... futex resumed>) = 1 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14924] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14924] <... openat resumed>) = 5 [ 264.058246][T14914] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.058259][T14934] loop0: detected capacity change from 0 to 2048 [ 264.081506][T14919] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.082553][T14914] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14914] <... openat resumed>) = 7 [pid 14913] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14913] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14913] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14913] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14913] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14938], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14938 [pid 14913] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14913] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] <... openat resumed>) = 7 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14919] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14924] <... futex resumed>) = 1 [pid 14924] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14914] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14914] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14938 attached [pid 14938] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14938] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14938] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14913] <... futex resumed>) = 0 [pid 14913] exit_group(0) = ? [pid 14914] <... futex resumed>) = ? [pid 14914] +++ exited with 0 +++ [pid 14938] <... futex resumed>) = ? [pid 14938] +++ exited with 0 +++ [pid 14913] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14913, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 14916] <... futex resumed>) = 0 [pid 14917] <... futex resumed>) = 0 [pid 14916] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14916] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14919] <... futex resumed>) = 0 [pid 14919] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14919] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14916] <... futex resumed>) = 0 [pid 14916] exit_group(0) = ? [pid 14919] <... futex resumed>) = ? [pid 14919] +++ exited with 0 +++ [pid 14916] +++ exited with 0 +++ [pid 14934] <... mount resumed>) = 0 [pid 14934] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14934] chdir("./bus") = 0 [pid 14934] ioctl(4, LOOP_CLR_FD) = 0 [pid 14934] close(4) = 0 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] chdir("./file0") = 0 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14916, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14924] <... futex resumed>) = 0 [pid 14917] <... futex resumed>) = 1 [pid 410] umount2("./535", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14924] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14934] <... openat resumed>) = 5 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14924] <... write resumed>) = 196608 [pid 410] openat(AT_FDCWD, "./535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, [pid 409] lstat("./526/bus", [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./528", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] getdents64(3, [pid 412] <... openat resumed>) = 3 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14924] <... futex resumed>) = 1 [pid 14917] <... futex resumed>) = 0 [pid 412] fstat(3, [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] lstat("./530/bus", [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14924] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14917] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] openat(AT_FDCWD, "./526/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] lstat("./535/binderfs", [pid 408] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14924] <... mount resumed>) = 0 [pid 412] umount2("./528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... openat resumed>) = 4 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] unlink("./535/binderfs" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14917] <... futex resumed>) = 0 [pid 412] lstat("./528/binderfs", [pid 409] fstat(4, [pid 14924] <... futex resumed>) = 1 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... unlink resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] openat(AT_FDCWD, "./530/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14924] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14917] <... futex resumed>) = 0 [pid 412] unlink("./528/binderfs" [pid 410] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(4, [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... openat resumed>) = 4 [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14934] <... write resumed>) = 196608 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [pid 14934] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, [pid 408] fstat(4, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14924] <... open resumed>) = 6 [pid 409] close(4 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./526/bus" [pid 408] getdents64(4, [pid 14934] <... write resumed>) = 1048576 [pid 14924] <... futex resumed>) = 1 [pid 14917] <... futex resumed>) = 0 [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14924] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14917] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 408] close(4 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] getdents64(3, [pid 408] <... close resumed>) = 0 [pid 408] rmdir("./530/bus" [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14934] <... futex resumed>) = 1 [ 264.101358][T14919] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 264.105630][T14934] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/526/bus supports timestamps until 2038 (0x7fffffff) [pid 14934] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] <... rmdir resumed>) = 0 [pid 409] close(3) = 0 [pid 408] getdents64(3, [pid 409] rmdir("./526" [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 408] close(3) = 0 [pid 409] mkdir("./527", 0777) = 0 [pid 408] rmdir("./530" [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14939 [pid 408] <... rmdir resumed>) = 0 [pid 408] mkdir("./531", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14940 ./strace-static-x86_64: Process 14939 attached [pid 14924] <... write resumed>) = 1048576 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14924] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14939] set_robust_list(0x555555f755e0, 24) = 0 [pid 14917] <... futex resumed>) = 0 [pid 14939] chdir("./527") = 0 [pid 14939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14939] setpgid(0, 0) = 0 [pid 14939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14939] write(3, "1000", 4) = 4 [pid 14939] close(3) = 0 [pid 14939] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 412] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./528/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14917] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "./528/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./528/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./528") = 0 [pid 412] mkdir("./529", 0777) = 0 [pid 14917] <... futex resumed>) = 1 [pid 14917] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14924] <... futex resumed>) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 14941 [pid 14939] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14939] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14924] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14939] <... mmap resumed>) = 0x7f1c32416000 [pid 14939] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14939] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] lstat("./535/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14939] <... clone resumed>, parent_tid=[14942], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14942 [pid 410] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 14940 attached [pid 14940] set_robust_list(0x555555f755e0, 24 [pid 410] openat(AT_FDCWD, "./535/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14934] <... openat resumed>) = 7 [ 264.159610][T14934] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.179017][T14934] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 4 [pid 14940] <... set_robust_list resumed>) = 0 [pid 14940] chdir("./531") = 0 [pid 14940] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14940] setpgid(0, 0) = 0 [pid 14940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14940] write(3, "1000", 4) = 4 [pid 14940] close(3) = 0 [pid 14940] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14940] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14940] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14943], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14943 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14943 attached [pid 14943] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14943] memfd_create("syzkaller", 0) = 3 [pid 14943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14943] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14927] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14927] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14943] <... write resumed>) = 1048576 [pid 14943] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14943] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14943] ioctl(4, LOOP_SET_FD, 3 [pid 410] fstat(4, [pid 14934] <... futex resumed>) = 1 [pid 14927] <... futex resumed>) = 0 [pid 14927] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=45000000} [pid 14934] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 14934] <... openat resumed>) = 8 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14934] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14942 attached ./strace-static-x86_64: Process 14941 attached ) = 1 [pid 410] getdents64(4, [pid 14927] <... futex resumed>) = 0 [pid 14927] exit_group(0) = ? [pid 14943] <... ioctl resumed>) = 0 [pid 14943] close(3) = 0 [pid 14943] mkdir("./bus", 0777) = 0 [pid 14943] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14942] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14942] memfd_create("syzkaller", 0) = 3 [pid 14942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14942] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14941] set_robust_list(0x555555f755e0, 24 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14942] <... write resumed>) = 1048576 [pid 14942] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14942] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 14942] ioctl(4, LOOP_SET_FD, 3 [pid 410] close(4 [pid 14934] +++ exited with 0 +++ [pid 14927] +++ exited with 0 +++ [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./535/bus" [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14927, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] <... rmdir resumed>) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 407] umount2("./526", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] rmdir("./535" [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... rmdir resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 410] mkdir("./536", 0777 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 407] getdents64(3, [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] umount2("./526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] close(3) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] lstat("./526/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./526/binderfs") = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14944 [pid 407] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14942] <... ioctl resumed>) = 0 [pid 14942] close(3) = 0 [pid 14942] mkdir("./bus", 0777 [pid 14917] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14917] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14917] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14917] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14917] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14941] <... set_robust_list resumed>) = 0 [pid 14917] <... clone resumed>, parent_tid=[14945], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14945 [pid 14917] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14941] chdir("./529" [pid 14917] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14941] <... chdir resumed>) = 0 [pid 14941] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14924] <... openat resumed>) = 7 ./strace-static-x86_64: Process 14944 attached [pid 14941] <... prctl resumed>) = 0 [pid 14924] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] <... mkdir resumed>) = 0 [pid 14942] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 14945 attached [pid 14941] setpgid(0, 0) = 0 [pid 14924] <... futex resumed>) = 0 [pid 14941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14944] set_robust_list(0x555555f755e0, 24 [pid 14924] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14945] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14945] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14945] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14917] <... futex resumed>) = 0 [pid 14917] exit_group(0) = ? [pid 14944] <... set_robust_list resumed>) = 0 [pid 14941] <... openat resumed>) = 3 [pid 14924] <... futex resumed>) = ? [pid 14941] write(3, "1000", 4 [pid 14924] +++ exited with 0 +++ [pid 14941] <... write resumed>) = 4 [ 264.199123][T14924] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.213965][T14943] loop1: detected capacity change from 0 to 2048 [ 264.216520][T14924] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 264.234180][T14942] loop2: detected capacity change from 0 to 2048 [pid 14945] <... futex resumed>) = ? [pid 14944] chdir("./536" [pid 14941] close(3) = 0 [pid 14941] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14941] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14941] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14941] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14948], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14948 [pid 14944] <... chdir resumed>) = 0 [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14944] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14941] <... futex resumed>) = 0 [pid 14944] <... prctl resumed>) = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14944] setpgid(0, 0) = 0 [pid 14944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14944] write(3, "1000", 4) = 4 [pid 14944] close(3) = 0 [pid 14944] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14944] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14944] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14944] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14949], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14949 [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14945] +++ exited with 0 +++ [pid 14917] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14917, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./531", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./531/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./531/binderfs") = 0 [pid 411] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14943] <... mount resumed>) = 0 [pid 14943] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14943] chdir("./bus") = 0 [pid 14943] ioctl(4, LOOP_CLR_FD) = 0 [pid 14943] close(4) = 0 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14943] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14940] <... futex resumed>) = 0 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14949 attached ./strace-static-x86_64: Process 14948 attached [pid 14943] <... futex resumed>) = 0 [pid 14949] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14949] memfd_create("syzkaller", 0) = 3 [pid 14949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14949] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14943] chdir("./file0" [pid 14949] <... write resumed>) = 1048576 [pid 14949] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14949] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 14949] ioctl(4, LOOP_SET_FD, 3 [pid 407] lstat("./526/bus", [pid 14943] <... chdir resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14940] <... futex resumed>) = 0 [pid 407] umount2("./526/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14943] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14948] set_robust_list(0x7f1c324369e0, 24 [pid 14943] <... open resumed>) = 4 [pid 407] openat(AT_FDCWD, "./526/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./526/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14940] <... futex resumed>) = 0 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] close(3) = 0 [pid 14943] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 407] rmdir("./526") = 0 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14940] <... futex resumed>) = 0 [pid 14949] <... ioctl resumed>) = 0 [pid 14948] <... set_robust_list resumed>) = 0 [pid 14943] <... futex resumed>) = 1 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] mkdir("./527", 0777 [pid 14943] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14952 [pid 14943] <... write resumed>) = 196608 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14943] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14948] memfd_create("syzkaller", 0) = 3 [pid 14948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14949] close(3) = 0 [ 264.260393][T14943] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/531/bus supports timestamps until 2038 (0x7fffffff) [ 264.292875][T14949] loop3: detected capacity change from 0 to 2048 [pid 14949] mkdir("./bus", 0777 [pid 14940] <... futex resumed>) = 1 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14943] <... futex resumed>) = 0 [pid 14943] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14943] <... futex resumed>) = 1 [pid 14940] <... futex resumed>) = 0 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14943] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14940] <... futex resumed>) = 0 [pid 14943] <... futex resumed>) = 1 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... mkdir resumed>) = 0 [pid 14943] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14940] <... futex resumed>) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14949] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14948] <... write resumed>) = 1048576 [pid 14948] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14948] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 14948] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 14952 attached [pid 14952] set_robust_list(0x555555f755e0, 24) = 0 [pid 14952] chdir("./527") = 0 [pid 14952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14952] setpgid(0, 0) = 0 [pid 14952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14952] write(3, "1000", 4) = 4 [pid 14952] close(3) = 0 [pid 14952] symlink("/dev/binderfs", "./binderfs" [pid 14948] <... ioctl resumed>) = 0 [pid 14948] close(3) = 0 [pid 14948] mkdir("./bus", 0777) = 0 [pid 14948] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14942] <... mount resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 14942] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14942] chdir("./bus") = 0 [pid 14942] ioctl(4, LOOP_CLR_FD) = 0 [pid 14942] close(4) = 0 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14942] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14952] <... symlink resumed>) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14952] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14952] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14952] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14939] <... futex resumed>) = 0 [pid 14952] <... clone resumed>, parent_tid=[14955], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14955 [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14952] <... futex resumed>) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14955 attached [pid 14942] <... futex resumed>) = 0 [pid 14939] <... futex resumed>) = 1 [pid 14942] chdir("./file0" [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14955] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14942] <... chdir resumed>) = 0 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14942] <... futex resumed>) = 1 [pid 14939] <... futex resumed>) = 0 [pid 411] lstat("./531/bus", [pid 14942] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14939] <... futex resumed>) = 0 [pid 14942] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14955] memfd_create("syzkaller", 0) = 3 [pid 14955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14942] <... open resumed>) = 4 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14942] <... futex resumed>) = 1 [pid 14939] <... futex resumed>) = 0 [pid 14942] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14942] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14939] <... futex resumed>) = 0 [pid 14942] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14942] <... openat resumed>) = 5 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./531/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14942] <... futex resumed>) = 1 [pid 14939] <... futex resumed>) = 0 [pid 14942] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14942] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14939] <... futex resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 14942] <... write resumed>) = 196608 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14939] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14939] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14942] <... mount resumed>) = 0 [pid 411] close(4 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 411] rmdir("./531/bus" [pid 14942] <... futex resumed>) = 1 [pid 14939] <... futex resumed>) = 0 [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14939] <... futex resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14942] <... open resumed>) = 6 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 14939] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 14942] <... futex resumed>) = 1 [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] rmdir("./531" [pid 14942] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14939] <... futex resumed>) = 0 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./532", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14957 [ 264.299790][T14942] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/527/bus supports timestamps until 2038 (0x7fffffff) [ 264.329662][T14948] loop5: detected capacity change from 0 to 2048 [pid 14955] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14940] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14940] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14940] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14940] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14940] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14959], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14959 [pid 14940] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14943] <... write resumed>) = 1048576 [pid 14940] <... futex resumed>) = 0 [pid 14940] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14943] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14955] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 14959 attached [pid 14959] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14959] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14955] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14955] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ./strace-static-x86_64: Process 14957 attached [pid 14949] <... mount resumed>) = 0 [pid 14957] set_robust_list(0x555555f755e0, 24) = 0 [pid 14957] chdir("./532") = 0 [pid 14957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14957] setpgid(0, 0) = 0 [pid 14957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14957] write(3, "1000", 4) = 4 [pid 14957] close(3) = 0 [pid 14957] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14957] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14957] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14960], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14960 [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14949] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14949] chdir("./bus") = 0 [pid 14949] ioctl(4, LOOP_CLR_FD) = 0 [pid 14949] close(4) = 0 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14944] <... futex resumed>) = 0 [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14949] <... futex resumed>) = 1 [pid 14949] chdir("./file0" [pid 14955] ioctl(4, LOOP_SET_FD, 3 [pid 14949] <... chdir resumed>) = 0 [pid 14940] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14939] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14940] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14939] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... futex resumed>) = 1 [pid 14944] <... futex resumed>) = 0 [pid 14940] <... futex resumed>) = 1 [pid 14939] <... futex resumed>) = 0 [ 264.381474][T14949] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/536/bus supports timestamps until 2038 (0x7fffffff) [ 264.383864][T14959] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.393685][T14948] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/529/bus supports timestamps until 2038 (0x7fffffff) [ 264.423047][T14955] loop0: detected capacity change from 0 to 2048 ./strace-static-x86_64: Process 14960 attached [pid 14955] <... ioctl resumed>) = 0 [pid 14949] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14948] <... mount resumed>) = 0 [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14943] <... futex resumed>) = 0 [pid 14940] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14939] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14955] close(3) = 0 [pid 14955] mkdir("./bus", 0777) = 0 [pid 14955] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14944] <... futex resumed>) = 0 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14939] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14939] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14939] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14948] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14939] <... clone resumed>, parent_tid=[14961], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14961 [pid 14939] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... open resumed>) = 4 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14939] <... futex resumed>) = 0 [pid 14949] <... futex resumed>) = 1 [pid 14944] <... futex resumed>) = 0 [pid 14939] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14949] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] <... write resumed>) = 1048576 [pid 14949] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14944] <... futex resumed>) = 0 [pid 14949] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... openat resumed>) = 5 [pid 14942] <... futex resumed>) = 0 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14944] <... futex resumed>) = 0 [pid 14948] <... openat resumed>) = 3 [pid 14948] chdir("./bus") = 0 [pid 14948] ioctl(4, LOOP_CLR_FD) = 0 [pid 14948] close(4 [pid 14949] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14942] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14948] <... close resumed>) = 0 [pid 14944] <... futex resumed>) = 0 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14941] <... futex resumed>) = 0 [pid 14948] chdir("./file0" [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] <... chdir resumed>) = 0 [pid 14941] <... futex resumed>) = 0 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] <... futex resumed>) = 0 [pid 14941] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14948] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14941] <... futex resumed>) = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14943] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14960] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14960] memfd_create("syzkaller", 0) = 3 [pid 14960] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14949] <... write resumed>) = 196608 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14944] <... futex resumed>) = 0 [pid 14949] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... mount resumed>) = 0 [pid 14944] <... futex resumed>) = 0 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] <... open resumed>) = 4 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14949] <... futex resumed>) = 0 [pid 14944] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... open resumed>) = 6 [pid 14948] <... futex resumed>) = 1 [pid 14944] <... futex resumed>) = 0 [pid 14941] <... futex resumed>) = 0 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] <... futex resumed>) = 0 [pid 14948] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14944] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14941] <... futex resumed>) = 0 [pid 14949] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14944] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14944] <... futex resumed>) = 0 [pid 14944] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] <... openat resumed>) = 5 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14961 attached ) = 1 [pid 14941] <... futex resumed>) = 0 [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14961] set_robust_list(0x7f1c2a1159e0, 24 [pid 14960] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14959] <... openat resumed>) = 7 [pid 14948] <... write resumed>) = 196608 [pid 14943] <... openat resumed>) = 8 [pid 14961] <... set_robust_list resumed>) = 0 [pid 14943] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14961] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14943] <... futex resumed>) = 1 [pid 14940] <... futex resumed>) = 0 [pid 14941] <... futex resumed>) = 0 [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] <... futex resumed>) = 1 [pid 14948] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14941] <... futex resumed>) = 0 [pid 14948] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] <... open resumed>) = 6 [pid 14941] <... futex resumed>) = 0 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] <... futex resumed>) = 0 [pid 14941] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14948] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 264.431079][T14959] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14943] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14941] <... futex resumed>) = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14959] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14959] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14940] exit_group(0 [pid 14943] <... futex resumed>) = ? [pid 14940] <... exit_group resumed>) = ? [pid 14959] <... futex resumed>) = ? [pid 14943] +++ exited with 0 +++ [pid 14959] +++ exited with 0 +++ [pid 14940] +++ exited with 0 +++ [pid 14939] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14939] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14940, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 14942] <... futex resumed>) = 0 [pid 14939] <... futex resumed>) = 1 [pid 14942] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./531", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./531/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./531/binderfs") = 0 [pid 408] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14948] <... write resumed>) = 1048576 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14941] <... futex resumed>) = 0 [pid 14941] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14941] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14960] <... write resumed>) = 1048576 [pid 14960] munmap(0x7f1c2a016000, 1048576) = 0 [ 264.471443][T14961] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14944] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14944] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14944] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14944] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14944] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14964], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14964 [pid 14944] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14944] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14960] ioctl(4, LOOP_SET_FD, 3 [pid 14955] <... mount resumed>) = 0 [pid 14955] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14955] chdir("./bus") = 0 [pid 14955] ioctl(4, LOOP_CLR_FD) = 0 [pid 14955] close(4) = 0 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14952] <... futex resumed>) = 0 [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14955] <... futex resumed>) = 1 [pid 14955] chdir("./file0") = 0 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14952] <... futex resumed>) = 0 [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14955] <... futex resumed>) = 1 [pid 14955] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14952] <... futex resumed>) = 0 [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14964 attached [pid 14960] <... ioctl resumed>) = 0 [pid 14955] <... futex resumed>) = 1 [pid 14960] close(3) = 0 [pid 14960] mkdir("./bus", 0777) = 0 [pid 14960] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14964] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14964] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14939] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14939] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 264.504347][T14955] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/527/bus supports timestamps until 2038 (0x7fffffff) [ 264.504952][T14948] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.518083][T14960] loop4: detected capacity change from 0 to 2048 [pid 14941] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... umount2 resumed>) = 0 [pid 14941] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14941] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14941] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] lstat("./531/bus", [pid 14941] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14941] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 408] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14941] <... mprotect resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14941] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] openat(AT_FDCWD, "./531/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 14941] <... clone resumed>, parent_tid=[14965], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14965 [pid 408] fstat(4, [pid 14941] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14941] <... futex resumed>) = 0 [pid 408] getdents64(4, [pid 14941] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4 [pid 14944] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... close resumed>) = 0 [pid 14944] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 408] rmdir("./531/bus" [pid 14944] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... rmdir resumed>) = 0 [pid 14944] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 408] getdents64(3, [pid 14944] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14944] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 408] close(3 [pid 14944] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... close resumed>) = 0 [pid 14944] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] rmdir("./531" [pid 14944] <... futex resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 14944] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] mkdir("./532", 0777 [pid 14949] <... write resumed>) = 1048576 [pid 14944] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 408] <... mkdir resumed>) = 0 [pid 14944] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 14944] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 14965 attached [pid 14955] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14949] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] <... openat resumed>) = 7 [pid 408] <... openat resumed>) = 3 [pid 14948] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14948] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14967 attached [pid 14965] set_robust_list(0x7f1c2a1159e0, 24 [pid 14955] <... openat resumed>) = 5 [pid 14949] <... futex resumed>) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 14965] <... set_robust_list resumed>) = 0 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14949] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14944] <... clone resumed>, parent_tid=[14967], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 14967 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14965] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14955] <... futex resumed>) = 1 [pid 14944] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] close(3 [pid 14965] <... openat resumed>) = 8 [pid 14955] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14944] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 14965] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14944] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14965] <... futex resumed>) = 1 [pid 14941] <... futex resumed>) = 0 [pid 14965] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14941] exit_group(0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14969 [pid 14965] <... futex resumed>) = ? [pid 14941] <... exit_group resumed>) = ? [pid 14965] +++ exited with 0 +++ [pid 14967] set_robust_list(0x7f1c2a0f49e0, 24) = 0 [pid 14967] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14942] <... openat resumed>) = 8 [pid 14942] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14942] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14961] <... openat resumed>) = 7 [pid 14961] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14961] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14939] exit_group(0 [pid 14942] <... futex resumed>) = ? [pid 14939] <... exit_group resumed>) = ? [pid 14942] +++ exited with 0 +++ [pid 14961] <... futex resumed>) = ? [pid 14961] +++ exited with 0 +++ [pid 14939] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14939, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./527", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14952] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "./527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, ./strace-static-x86_64: Process 14969 attached [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14948] <... futex resumed>) = ? [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14969] set_robust_list(0x555555f755e0, 24 [pid 14955] <... futex resumed>) = 0 [pid 14952] <... futex resumed>) = 1 [pid 14969] <... set_robust_list resumed>) = 0 [pid 14955] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14948] +++ exited with 0 +++ [pid 14967] <... openat resumed>) = 8 [pid 14964] <... openat resumed>) = 7 [pid 14941] +++ exited with 0 +++ [pid 409] umount2("./527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14969] chdir("./532" [pid 14955] <... write resumed>) = 196608 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14952] <... futex resumed>) = 0 [pid 14955] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14955] <... mount resumed>) = 0 [pid 14952] <... futex resumed>) = 0 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14955] <... futex resumed>) = 0 [pid 14952] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14955] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14955] <... open resumed>) = 6 [pid 14952] <... futex resumed>) = 0 [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14955] <... futex resumed>) = 0 [pid 14952] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14955] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14967] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14969] <... chdir resumed>) = 0 [pid 409] lstat("./527/binderfs", [pid 14969] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14967] <... futex resumed>) = 1 [pid 14944] <... futex resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14941, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14969] <... prctl resumed>) = 0 [pid 14967] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 409] unlink("./527/binderfs" [pid 14969] setpgid(0, 0 [pid 409] <... unlink resumed>) = 0 [pid 14969] <... setpgid resumed>) = 0 [pid 412] <... restart_syscall resumed>) = 0 [pid 409] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14964] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14960] <... mount resumed>) = 0 [pid 14969] write(3, "1000", 4 [pid 14964] <... futex resumed>) = 0 [pid 14944] exit_group(0 [pid 412] umount2("./529", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14969] <... write resumed>) = 4 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14967] <... futex resumed>) = ? [pid 14949] <... futex resumed>) = ? [pid 14944] <... exit_group resumed>) = ? [pid 14967] +++ exited with 0 +++ [pid 14949] +++ exited with 0 +++ [pid 14964] +++ exited with 0 +++ [pid 14969] close(3 [pid 412] openat(AT_FDCWD, "./529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14969] <... close resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 14944] +++ exited with 0 +++ [pid 14969] symlink("/dev/binderfs", "./binderfs" [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14944, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] fstat(3, [pid 14969] <... symlink resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./536", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] getdents64(3, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14969] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] openat(AT_FDCWD, "./536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] umount2("./529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14969] <... mmap resumed>) = 0x7f1c32416000 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14969] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14969] <... mprotect resumed>) = 0 [pid 14960] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 412] lstat("./529/binderfs", [pid 410] getdents64(3, [pid 14969] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14960] <... openat resumed>) = 3 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] unlink("./529/binderfs" [pid 410] umount2("./536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... unlink resumed>) = 0 [pid 14969] <... clone resumed>, parent_tid=[14970], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14970 [pid 412] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./536/binderfs", [pid 14969] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14960] chdir("./bus" [pid 410] unlink("./536/binderfs"./strace-static-x86_64: Process 14970 attached [pid 14960] <... chdir resumed>) = 0 [pid 410] <... unlink resumed>) = 0 [pid 14960] ioctl(4, LOOP_CLR_FD [pid 410] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14960] <... ioctl resumed>) = 0 [pid 14960] close(4) = 0 [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14957] <... futex resumed>) = 0 [pid 14960] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14970] memfd_create("syzkaller", 0) = 3 [pid 14970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14957] <... futex resumed>) = 1 [pid 14960] <... futex resumed>) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] chdir("./file0") = 0 [pid 14955] <... write resumed>) = 1048576 [ 264.546141][T14964] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.547220][T14948] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 264.571536][T14961] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 264.577072][T14964] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 264.593017][T14960] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/532/bus supports timestamps until 2038 (0x7fffffff) [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14957] <... futex resumed>) = 0 [pid 14960] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14960] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14960] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14957] <... futex resumed>) = 0 [pid 14955] <... futex resumed>) = 1 [pid 14952] <... futex resumed>) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14952] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14952] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] <... open resumed>) = 4 [pid 14955] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14957] <... futex resumed>) = 0 [pid 14960] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14960] <... openat resumed>) = 5 [pid 14957] <... futex resumed>) = 0 [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] <... futex resumed>) = 0 [pid 14957] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14960] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14960] <... write resumed>) = 196608 [pid 14957] <... futex resumed>) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14957] <... futex resumed>) = 0 [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] <... futex resumed>) = 1 [pid 14960] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14957] <... futex resumed>) = 0 [pid 14960] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14960] <... open resumed>) = 6 [pid 14957] <... futex resumed>) = 0 [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] <... futex resumed>) = 0 [pid 14957] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14960] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] <... write resumed>) = 1048576 [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14957] <... futex resumed>) = 0 [pid 14957] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14957] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14960] <... futex resumed>) = 1 [pid 14960] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14970] <... write resumed>) = 1048576 [pid 14970] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14970] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 14970] ioctl(4, LOOP_SET_FD, 3 [pid 410] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 14970] <... ioctl resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 14970] close(3) = 0 [pid 14970] mkdir("./bus", 0777) = 0 [pid 14970] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14952] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14952] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14952] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./536/bus", [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14952] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [ 264.643965][T14955] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.662106][T14960] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.664357][T14970] loop1: detected capacity change from 0 to 2048 [pid 14952] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14952] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14971], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14971 [pid 14952] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14971 attached [pid 14971] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14971] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] lstat("./529/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./529/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./529/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./529") = 0 [pid 412] mkdir("./530", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14972 [pid 14952] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14972 attached [pid 14972] set_robust_list(0x555555f755e0, 24) = 0 [pid 14972] chdir("./530") = 0 [pid 14972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14972] setpgid(0, 0) = 0 [pid 14972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14972] write(3, "1000", 4) = 4 [pid 14972] close(3) = 0 [pid 14972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14972] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14972] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14973], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14973 [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14973 attached [pid 14973] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14973] memfd_create("syzkaller", 0) = 3 [pid 14973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] lstat("./527/bus", [pid 410] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "./536/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 4 [pid 409] openat(AT_FDCWD, "./527/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] fstat(4, [pid 409] <... openat resumed>) = 4 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] fstat(4, [pid 410] getdents64(4, [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14957] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] getdents64(4, [pid 14957] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14957] <... futex resumed>) = 0 [pid 14957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] close(4 [pid 14957] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] getdents64(4, [pid 14957] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 410] <... close resumed>) = 0 [pid 14957] <... mprotect resumed>) = 0 [pid 410] rmdir("./536/bus" [pid 14957] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14957] <... clone resumed>, parent_tid=[14974], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14974 [pid 14957] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] close(4 [pid 14957] <... futex resumed>) = 0 [pid 14957] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... close resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] rmdir("./527/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] getdents64(3, [pid 14971] <... openat resumed>) = 8 [pid 14971] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14952] <... futex resumed>) = 0 [pid 410] close(3 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 14971] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] <... close resumed>) = 0 [pid 409] close(3 [pid 410] rmdir("./536" [pid 409] <... close resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] rmdir("./527"./strace-static-x86_64: Process 14974 attached ) = 0 [pid 410] mkdir("./537", 0777 [pid 14974] set_robust_list(0x7f1c2a1159e0, 24 [pid 409] mkdir("./528", 0777 [pid 14974] <... set_robust_list resumed>) = 0 [pid 14974] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14973] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] <... mkdir resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 410] <... openat resumed>) = 3 [pid 409] <... openat resumed>) = 3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] ioctl(3, LOOP_CLR_FD [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14955] <... openat resumed>) = 7 [ 264.690412][T14955] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 409] close(3 [pid 410] <... close resumed>) = 0 [pid 14973] <... write resumed>) = 1048576 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... close resumed>) = 0 [pid 14960] <... openat resumed>) = 7 [pid 14974] <... openat resumed>) = 8 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14974] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14957] <... futex resumed>) = 0 [pid 14974] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14960] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14960] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14955] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14955] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14957] exit_group(0 [pid 14952] exit_group(0 [pid 14974] <... futex resumed>) = ? [pid 14960] <... futex resumed>) = ? [pid 14957] <... exit_group resumed>) = ? [pid 14974] +++ exited with 0 +++ [pid 14971] <... futex resumed>) = ? [pid 14960] +++ exited with 0 +++ [pid 14973] munmap(0x7f1c2a016000, 1048576 [pid 14957] +++ exited with 0 +++ [pid 14955] <... futex resumed>) = ? [pid 14952] <... exit_group resumed>) = ? [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 14975 [pid 14971] +++ exited with 0 +++ [pid 14955] +++ exited with 0 +++ [pid 14952] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14957, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14952, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 14976 [pid 407] umount2("./527", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... restart_syscall resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 407] fstat(3, [pid 411] umount2("./532", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] getdents64(3, [pid 411] openat(AT_FDCWD, "./532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] <... openat resumed>) = 3 [pid 407] umount2("./527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] fstat(3, [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] lstat("./527/binderfs", [pid 411] getdents64(3, ./strace-static-x86_64: Process 14976 attached ./strace-static-x86_64: Process 14975 attached [pid 14973] <... munmap resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] unlink("./527/binderfs" [pid 411] umount2("./532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... unlink resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] lstat("./532/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./532/binderfs") = 0 [pid 411] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14976] set_robust_list(0x555555f755e0, 24) = 0 [pid 14976] chdir("./528") = 0 [pid 14976] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14976] setpgid(0, 0) = 0 [pid 14976] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14976] write(3, "1000", 4) = 4 [pid 14976] close(3) = 0 [pid 14976] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14976] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14976] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14976] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14977], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14977 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14975] set_robust_list(0x555555f755e0, 24) = 0 [pid 14975] chdir("./537") = 0 [pid 14975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14975] setpgid(0, 0) = 0 [pid 14975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14975] write(3, "1000", 4) = 4 [pid 14975] close(3) = 0 [pid 14975] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14975] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14975] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14978], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14978 [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 14978 attached [pid 14978] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 14978] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 14977 attached [pid 14978] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14973] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14973] <... openat resumed>) = 4 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14973] ioctl(4, LOOP_SET_FD, 3 [pid 407] lstat("./527/bus", [pid 14978] <... mmap resumed>) = 0x7f1c2a016000 [pid 14977] set_robust_list(0x7f1c324369e0, 24 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14978] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14977] <... set_robust_list resumed>) = 0 [pid 14977] memfd_create("syzkaller", 0 [pid 407] umount2("./527/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 14977] <... memfd_create resumed>) = 3 [pid 407] openat(AT_FDCWD, "./527/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14973] <... ioctl resumed>) = 0 [pid 14977] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14973] close(3 [pid 407] <... openat resumed>) = 4 [pid 14973] <... close resumed>) = 0 [pid 407] fstat(4, [pid 14973] mkdir("./bus", 0777 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14973] <... mkdir resumed>) = 0 [pid 407] getdents64(4, [pid 14973] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./527/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./527") = 0 [pid 407] mkdir("./528", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14977] <... mmap resumed>) = 0x7f1c2a016000 [pid 14978] <... write resumed>) = 1048576 [ 264.720112][T14960] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 264.752777][T14973] loop5: detected capacity change from 0 to 2048 [pid 14978] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14977] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 14970] <... mount resumed>) = 0 [pid 14977] munmap(0x7f1c2a016000, 1048576 [pid 14970] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14977] <... munmap resumed>) = 0 [pid 14970] <... openat resumed>) = 3 [pid 14970] chdir("./bus") = 0 [pid 14978] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 14977] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 14970] ioctl(4, LOOP_CLR_FD [pid 14973] <... mount resumed>) = 0 [pid 14978] <... openat resumed>) = 4 [pid 14977] <... openat resumed>) = 4 [pid 14970] <... ioctl resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 14983 ./strace-static-x86_64: Process 14983 attached [pid 14983] set_robust_list(0x555555f755e0, 24) = 0 [pid 14983] chdir("./528") = 0 [pid 14983] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14977] ioctl(4, LOOP_SET_FD, 3 [pid 14970] close(4 [pid 14978] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./532/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./532/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 14970] <... close resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./532/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./532") = 0 [pid 411] mkdir("./533", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14969] <... futex resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 14978] <... ioctl resumed>) = 0 [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] chdir("./file0" [pid 14978] close(3 [pid 14969] <... futex resumed>) = 0 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 14978] <... close resumed>) = 0 [pid 14970] <... chdir resumed>) = 0 [pid 411] close(3) = 0 [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 14978] mkdir("./bus", 0777 [pid 14970] <... futex resumed>) = 1 [pid 14969] <... futex resumed>) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 14984 [pid 14983] <... prctl resumed>) = 0 [pid 14983] setpgid(0, 0) = 0 [pid 14970] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... mkdir resumed>) = 0 [pid 14969] <... futex resumed>) = 0 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14970] <... open resumed>) = 4 [pid 14983] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14969] <... futex resumed>) = 0 [pid 14970] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] <... openat resumed>) = 5 [pid 14969] <... futex resumed>) = 0 [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14970] <... futex resumed>) = 0 [pid 14969] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14983] <... openat resumed>) = 3 [pid 14970] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] write(3, "1000", 4 [pid 14970] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14969] <... futex resumed>) = 0 [pid 14970] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] <... write resumed>) = 4 [pid 14983] close(3) = 0 [pid 14983] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14970] <... write resumed>) = 196608 [pid 14983] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14983] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14983] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14985], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14985 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 14984 attached [pid 14984] set_robust_list(0x555555f755e0, 24) = 0 [pid 14973] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14970] <... futex resumed>) = 1 [pid 14969] <... futex resumed>) = 0 [pid 14970] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] chdir("./533" [pid 14969] <... futex resumed>) = 0 [pid 14984] <... chdir resumed>) = 0 [pid 14970] <... mount resumed>) = 0 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14984] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] <... prctl resumed>) = 0 [pid 14984] setpgid(0, 0) = 0 [pid 14973] <... openat resumed>) = 3 [pid 14970] <... futex resumed>) = 1 [pid 14969] <... futex resumed>) = 0 [pid 14970] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14969] <... futex resumed>) = 0 [pid 14970] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 14970] <... open resumed>) = 6 [pid 14984] <... openat resumed>) = 3 [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] write(3, "1000", 4 [pid 14970] <... futex resumed>) = 1 [pid 14969] <... futex resumed>) = 0 ./strace-static-x86_64: Process 14985 attached [pid 14984] <... write resumed>) = 4 [pid 14970] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] set_robust_list(0x7f1c324369e0, 24 [pid 14984] close(3 [pid 14973] chdir("./bus" [pid 14970] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14969] <... futex resumed>) = 0 [pid 14970] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] <... chdir resumed>) = 0 [pid 14985] <... set_robust_list resumed>) = 0 [pid 14984] <... close resumed>) = 0 [pid 14985] memfd_create("syzkaller", 0 [pid 14984] symlink("/dev/binderfs", "./binderfs" [pid 14985] <... memfd_create resumed>) = 3 [pid 14984] <... symlink resumed>) = 0 [pid 14985] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] <... mmap resumed>) = 0x7f1c2a016000 [pid 14984] <... futex resumed>) = 0 [pid 14984] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14973] ioctl(4, LOOP_CLR_FD [pid 14977] <... ioctl resumed>) = 0 [pid 14984] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14984] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14977] close(3 [pid 14984] <... clone resumed>, parent_tid=[14988], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 14988 [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 264.771611][T14970] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/532/bus supports timestamps until 2038 (0x7fffffff) [ 264.771884][T14973] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/530/bus supports timestamps until 2038 (0x7fffffff) [ 264.800055][T14978] loop3: detected capacity change from 0 to 2048 [ 264.806464][T14977] loop2: detected capacity change from 0 to 2048 [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 14985] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14977] <... close resumed>) = 0 [pid 14973] <... ioctl resumed>) = 0 [pid 14977] mkdir("./bus", 0777./strace-static-x86_64: Process 14988 attached ) = 0 [pid 14988] set_robust_list(0x7f1c324369e0, 24 [pid 14977] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14973] close(4 [pid 14988] <... set_robust_list resumed>) = 0 [pid 14985] <... write resumed>) = 1048576 [pid 14978] <... mount resumed>) = 0 [pid 14973] <... close resumed>) = 0 [pid 14985] munmap(0x7f1c2a016000, 1048576 [pid 14978] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] <... munmap resumed>) = 0 [pid 14978] <... openat resumed>) = 3 [pid 14973] <... futex resumed>) = 1 [pid 14972] <... futex resumed>) = 0 [pid 14985] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 14978] chdir("./bus" [pid 14973] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] <... openat resumed>) = 4 [pid 14978] <... chdir resumed>) = 0 [pid 14973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14972] <... futex resumed>) = 0 [pid 14985] ioctl(4, LOOP_SET_FD, 3 [pid 14978] ioctl(4, LOOP_CLR_FD [pid 14973] chdir("./file0" [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14988] memfd_create("syzkaller", 0 [pid 14985] <... ioctl resumed>) = 0 [pid 14978] <... ioctl resumed>) = 0 [pid 14973] <... chdir resumed>) = 0 [pid 14970] <... write resumed>) = 1048576 [pid 14978] close(4 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... close resumed>) = 0 [pid 14973] <... futex resumed>) = 1 [pid 14972] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14972] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14978] chdir("./file0" [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... chdir resumed>) = 0 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14973] <... open resumed>) = 4 [pid 14988] <... memfd_create resumed>) = 3 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14978] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] <... futex resumed>) = 1 [pid 14972] <... futex resumed>) = 0 [pid 14988] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 14978] <... open resumed>) = 4 [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14972] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14978] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... openat resumed>) = 5 [pid 14973] <... openat resumed>) = 5 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] <... futex resumed>) = 1 [pid 14972] <... futex resumed>) = 0 [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14973] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14978] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] <... mmap resumed>) = 0x7f1c2a016000 [pid 14978] <... write resumed>) = 196608 [pid 14973] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14972] <... futex resumed>) = 0 [pid 14970] <... futex resumed>) = 1 [pid 14969] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14978] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... mount resumed>) = 0 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14978] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... open resumed>) = 6 [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14975] <... futex resumed>) = 0 [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14975] <... futex resumed>) = 0 [pid 14978] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] <... write resumed>) = 196608 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14970] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14969] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 264.842989][T14978] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/537/bus supports timestamps until 2038 (0x7fffffff) [ 264.862880][T14985] loop0: detected capacity change from 0 to 2048 [pid 14969] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] close(3) = 0 [pid 14985] mkdir("./bus", 0777) = 0 [pid 14985] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14988] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14972] <... futex resumed>) = 0 [pid 14973] <... futex resumed>) = 1 [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14972] <... futex resumed>) = 0 [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14973] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] <... open resumed>) = 6 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14972] <... futex resumed>) = 0 [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14988] <... write resumed>) = 1048576 [pid 14988] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14988] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 14988] ioctl(4, LOOP_SET_FD, 3 [pid 14978] <... write resumed>) = 1048576 [pid 14988] <... ioctl resumed>) = 0 [pid 14988] close(3) = 0 [pid 14988] mkdir("./bus", 0777) = 0 [pid 14988] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14975] <... futex resumed>) = 0 [pid 14975] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14975] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14978] <... futex resumed>) = 1 [ 264.887848][T14970] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 264.912303][T14988] loop4: detected capacity change from 0 to 2048 [ 264.922917][T14978] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 14978] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14969] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14977] <... mount resumed>) = 0 [pid 14977] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 14977] chdir("./bus") = 0 [pid 14977] ioctl(4, LOOP_CLR_FD) = 0 [pid 14977] close(4) = 0 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14976] <... futex resumed>) = 0 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14977] <... futex resumed>) = 1 [pid 14977] chdir("./file0") = 0 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14976] <... futex resumed>) = 0 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14977] <... futex resumed>) = 1 [pid 14977] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14972] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14972] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14969] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14972] <... futex resumed>) = 0 [pid 14969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14969] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14969] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[14994], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14994 [pid 14969] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14969] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 14972] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14973] <... write resumed>) = 1048576 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14973] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14975] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 14994 attached [pid 14978] <... openat resumed>) = 7 [pid 14977] <... open resumed>) = 4 [pid 14975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14972] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14970] <... openat resumed>) = 7 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] <... futex resumed>) = 1 [pid 14972] <... clone resumed>, parent_tid=[14996], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14996 [pid 14970] <... futex resumed>) = 0 [pid 14994] set_robust_list(0x7f1c2a1159e0, 24 [pid 14977] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14972] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14970] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14994] <... set_robust_list resumed>) = 0 [pid 14972] <... futex resumed>) = 0 [pid 14994] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14972] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14994] <... openat resumed>) = 8 [pid 14994] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14994] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14978] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 264.930896][T14977] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/528/bus supports timestamps until 2038 (0x7fffffff) [ 264.940566][T14970] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 264.953010][T14978] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 264.972957][T14988] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/533/bus supports timestamps until 2038 (0x7fffffff) [pid 14978] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 14996 attached [pid 14988] <... mount resumed>) = 0 [pid 14976] <... futex resumed>) = 0 [pid 14975] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14969] <... futex resumed>) = 0 [pid 14996] set_robust_list(0x7f1c2a1159e0, 24 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14975] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14969] exit_group(0 [pid 14996] <... set_robust_list resumed>) = 0 [pid 14976] <... futex resumed>) = 1 [pid 14975] <... mprotect resumed>) = 0 [pid 14969] <... exit_group resumed>) = ? [pid 14996] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14975] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14994] <... futex resumed>) = ? [pid 14977] <... futex resumed>) = 0 [pid 14970] <... futex resumed>) = ? [pid 14994] +++ exited with 0 +++ [pid 14977] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14970] +++ exited with 0 +++ [pid 14969] +++ exited with 0 +++ [pid 14977] <... openat resumed>) = 5 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14976] <... futex resumed>) = 0 [pid 14977] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14976] <... futex resumed>) = 0 [pid 14977] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14977] <... write resumed>) = 196608 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14976] <... futex resumed>) = 0 [pid 14977] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] <... mount resumed>) = 0 [pid 14976] <... futex resumed>) = 0 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14977] <... futex resumed>) = 0 [pid 14976] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14977] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] <... open resumed>) = 6 [pid 14976] <... futex resumed>) = 0 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14977] <... futex resumed>) = 0 [pid 14976] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14977] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14985] <... mount resumed>) = 0 [pid 14976] <... futex resumed>) = 0 [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 14997 attached [pid 14997] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 14997] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14975] <... clone resumed>, parent_tid=[14997], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 14997 [pid 14985] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 14975] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14969, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 14988] <... openat resumed>) = 3 [pid 14975] <... futex resumed>) = 1 [pid 14985] <... openat resumed>) = 3 [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 14988] chdir("./bus" [pid 14985] chdir("./bus" [pid 14975] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... restart_syscall resumed>) = 0 [pid 14988] <... chdir resumed>) = 0 [pid 14985] <... chdir resumed>) = 0 [pid 14996] <... openat resumed>) = 7 [pid 14997] <... futex resumed>) = 0 [pid 14997] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14996] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] ioctl(4, LOOP_CLR_FD [pid 14985] ioctl(4, LOOP_CLR_FD [pid 14988] <... ioctl resumed>) = 0 [pid 14985] <... ioctl resumed>) = 0 [pid 408] umount2("./532", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14988] close(4 [pid 14985] close(4 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14988] <... close resumed>) = 0 [pid 14985] <... close resumed>) = 0 [pid 408] openat(AT_FDCWD, "./532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 14988] <... futex resumed>) = 1 [pid 14985] <... futex resumed>) = 1 [pid 408] fstat(3, [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./532/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./532/binderfs") = 0 [pid 408] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14996] <... futex resumed>) = 1 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14972] <... futex resumed>) = 0 [pid 14996] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14997] <... openat resumed>) = 8 [pid 14997] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14975] <... futex resumed>) = 0 [pid 14975] exit_group(0) = ? [pid 14997] <... futex resumed>) = ? [pid 14997] +++ exited with 0 +++ [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14978] <... futex resumed>) = ? [pid 14972] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] <... futex resumed>) = 0 [pid 14985] <... futex resumed>) = 0 [pid 14984] <... futex resumed>) = 1 [pid 14983] <... futex resumed>) = 1 [pid 14978] +++ exited with 0 +++ [pid 14977] <... write resumed>) = 1048576 [pid 14975] +++ exited with 0 +++ [pid 14973] <... futex resumed>) = 0 [pid 14972] <... futex resumed>) = 1 [pid 14988] chdir("./file0" [pid 14985] chdir("./file0" [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14973] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14972] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14988] <... chdir resumed>) = 0 [pid 14973] <... openat resumed>) = 8 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14975, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] <... chdir resumed>) = 0 [pid 14973] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./537", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14988] <... futex resumed>) = 1 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] <... futex resumed>) = 0 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] <... futex resumed>) = 1 [pid 14972] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14985] <... futex resumed>) = 1 [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] <... futex resumed>) = 0 [pid 14977] <... futex resumed>) = 1 [pid 14976] <... futex resumed>) = 0 [pid 14973] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14972] exit_group(0 [pid 410] openat(AT_FDCWD, "./537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 14996] <... futex resumed>) = ? [pid 14988] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14984] <... futex resumed>) = 0 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14973] <... futex resumed>) = ? [pid 14972] <... exit_group resumed>) = ? [ 264.983341][T14985] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/528/bus supports timestamps until 2038 (0x7fffffff) [ 264.986807][T14996] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.010828][T14996] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 410] <... openat resumed>) = 3 [pid 14996] +++ exited with 0 +++ [pid 14988] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14985] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] <... futex resumed>) = 0 [pid 14976] <... futex resumed>) = 0 [pid 14973] +++ exited with 0 +++ [pid 14972] +++ exited with 0 +++ [pid 14988] <... open resumed>) = 4 [pid 14985] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] fstat(3, [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14972, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 14988] <... futex resumed>) = 1 [pid 412] umount2("./530", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14984] <... futex resumed>) = 0 [pid 410] getdents64(3, [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14985] <... open resumed>) = 4 [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 14988] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] umount2("./537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14988] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14985] <... futex resumed>) = 1 [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] fstat(3, [pid 410] lstat("./537/binderfs", [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 14988] <... openat resumed>) = 5 [pid 14985] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, [pid 410] unlink("./537/binderfs" [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] <... openat resumed>) = 5 [pid 14983] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] <... unlink resumed>) = 0 [pid 14988] <... futex resumed>) = 1 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] <... futex resumed>) = 0 [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14985] <... futex resumed>) = 0 [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14984] <... futex resumed>) = 0 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] lstat("./530/binderfs", [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./530/binderfs") = 0 [pid 412] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14988] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14988] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14985] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14988] <... write resumed>) = 196608 [pid 14985] <... write resumed>) = 196608 [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] <... futex resumed>) = 1 [pid 14985] <... futex resumed>) = 1 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14985] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14988] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 14985] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14988] <... mount resumed>) = 0 [pid 14985] <... mount resumed>) = 0 [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] <... openat resumed>) = 7 [pid 14988] <... futex resumed>) = 1 [pid 14985] <... futex resumed>) = 1 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14985] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14988] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14985] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14977] <... futex resumed>) = 1 [pid 14976] <... futex resumed>) = 0 [pid 14988] <... open resumed>) = 6 [pid 14985] <... open resumed>) = 6 [pid 14976] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14977] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 14977] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14977] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14977] <... futex resumed>) = 0 [pid 14976] <... futex resumed>) = 1 [pid 14977] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14976] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 14976] exit_group(0 [pid 14977] <... futex resumed>) = ? [pid 14976] <... exit_group resumed>) = ? [pid 408] <... umount2 resumed>) = 0 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14977] +++ exited with 0 +++ [pid 14976] +++ exited with 0 +++ [pid 408] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14976, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 14988] <... futex resumed>) = 0 [pid 14985] <... futex resumed>) = 0 [pid 14984] <... futex resumed>) = 1 [pid 14983] <... futex resumed>) = 1 [pid 408] lstat("./532/bus", [pid 14988] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14985] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./528", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./528/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./528/binderfs") = 0 [pid 409] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 408] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./532/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] lstat("./530/bus", [pid 410] lstat("./537/bus", [pid 408] <... openat resumed>) = 4 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] fstat(4, [pid 412] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] getdents64(4, [pid 412] openat(AT_FDCWD, "./530/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./537/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] <... openat resumed>) = 4 [pid 410] <... openat resumed>) = 4 [pid 408] getdents64(4, [pid 412] fstat(4, [pid 410] fstat(4, [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] close(4 [pid 14988] <... write resumed>) = 1048576 [pid 14985] <... write resumed>) = 1048576 [pid 412] getdents64(4, [pid 410] getdents64(4, [pid 408] <... close resumed>) = 0 [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 14988] <... futex resumed>) = 1 [pid 14985] <... futex resumed>) = 1 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 410] getdents64(4, [pid 408] rmdir("./532/bus" [pid 14988] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14984] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 412] close(4 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] close(4 [pid 408] getdents64(3, [pid 410] <... close resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] rmdir("./537/bus" [pid 408] close(3 [pid 410] <... rmdir resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 410] getdents64(3, [pid 408] rmdir("./532" [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 410] close(3 [pid 408] mkdir("./533", 0777 [pid 410] <... close resumed>) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 410] rmdir("./537" [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 410] <... rmdir resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 410] mkdir("./538", 0777 [pid 408] ioctl(3, LOOP_CLR_FD [pid 410] <... mkdir resumed>) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 408] close(3 [pid 410] <... openat resumed>) = 3 [pid 408] <... close resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 14999 [pid 410] <... close resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15000 ./strace-static-x86_64: Process 14999 attached [pid 14999] set_robust_list(0x555555f755e0, 24) = 0 [pid 14999] chdir("./533") = 0 [pid 14999] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 14999] setpgid(0, 0) = 0 [pid 14999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 14999] write(3, "1000", 4) = 4 [pid 14999] close(3) = 0 [pid 14999] symlink("/dev/binderfs", "./binderfs") = 0 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 14999] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 14999] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15001], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15001 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./530/bus"./strace-static-x86_64: Process 15001 attached ) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./530" [pid 15001] set_robust_list(0x7f1c324369e0, 24 [pid 412] <... rmdir resumed>) = 0 [pid 412] mkdir("./531", 0777 [pid 15001] <... set_robust_list resumed>) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15002 [pid 15001] memfd_create("syzkaller", 0) = 3 [pid 15001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 14985] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14985] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 15002 attached [pid 15002] set_robust_list(0x555555f755e0, 24) = 0 [pid 15002] chdir("./531") = 0 [ 265.038637][T14977] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.053386][T14977] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 15002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15002] setpgid(0, 0) = 0 [pid 15002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15002] write(3, "1000", 4) = 4 [pid 15002] close(3) = 0 [pid 15002] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15002] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15002] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15002] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15003], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15003 [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15001] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 ./strace-static-x86_64: Process 15003 attached [pid 15003] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15003] memfd_create("syzkaller", 0) = 3 [pid 15001] munmap(0x7f1c2a016000, 1048576 [pid 15003] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15001] <... munmap resumed>) = 0 [pid 15003] <... mmap resumed>) = 0x7f1c2a016000 [pid 15001] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 15000 attached ) = 4 [pid 15001] ioctl(4, LOOP_SET_FD, 3 [pid 15003] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15003] munmap(0x7f1c2a016000, 1048576) = 0 [pid 14984] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14984] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 14983] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 14984] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = 0 [pid 15000] set_robust_list(0x555555f755e0, 24 [pid 409] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15000] <... set_robust_list resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./528/bus", [pid 15000] chdir("./538" [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15000] <... chdir resumed>) = 0 [pid 409] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 14984] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14983] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 14984] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14983] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 14984] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14983] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 14984] <... mprotect resumed>) = 0 [pid 14983] <... mprotect resumed>) = 0 [pid 14984] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14983] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 14984] <... clone resumed>, parent_tid=[15004], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15004 [pid 14983] <... clone resumed>, parent_tid=[15005], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15005 [pid 15000] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15000] <... prctl resumed>) = 0 [pid 409] openat(AT_FDCWD, "./528/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15000] setpgid(0, 0 [pid 409] fstat(4, [pid 14984] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14983] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14984] <... futex resumed>) = 0 [pid 14983] <... futex resumed>) = 0 [pid 14984] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14983] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15000] <... setpgid resumed>) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 409] getdents64(4, [pid 15000] <... openat resumed>) = 3 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15000] write(3, "1000", 4 [pid 409] close(4 [pid 15000] <... write resumed>) = 4 [pid 409] <... close resumed>) = 0 [ 265.104033][T14988] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.126598][T14985] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.146821][T15001] loop1: detected capacity change from 0 to 2048 [pid 15003] ioctl(4, LOOP_SET_FD, 3 [pid 15001] <... ioctl resumed>) = 0 [pid 15000] close(3 [pid 409] rmdir("./528/bus"./strace-static-x86_64: Process 15004 attached ./strace-static-x86_64: Process 15005 attached [pid 15005] set_robust_list(0x7f1c2a1159e0, 24 [pid 15004] set_robust_list(0x7f1c2a1159e0, 24 [pid 15005] <... set_robust_list resumed>) = 0 [pid 15004] <... set_robust_list resumed>) = 0 [pid 15005] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15004] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15003] <... ioctl resumed>) = 0 [pid 15003] close(3) = 0 [pid 15003] mkdir("./bus", 0777) = 0 [pid 15003] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15001] close(3) = 0 [pid 15001] mkdir("./bus", 0777) = 0 [pid 15001] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15000] <... close resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 15000] symlink("/dev/binderfs", "./binderfs" [pid 409] getdents64(3, [pid 15000] <... symlink resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] close(3 [pid 15000] <... futex resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 15000] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] rmdir("./528" [pid 15000] <... mmap resumed>) = 0x7f1c32416000 [pid 409] <... rmdir resumed>) = 0 [pid 15000] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 409] mkdir("./529", 0777 [pid 15000] <... mprotect resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 15000] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 15000] <... clone resumed>, parent_tid=[15006], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15006 [pid 409] ioctl(3, LOOP_CLR_FD [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15000] <... futex resumed>) = 0 [pid 409] close(3 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 409] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15007 [pid 15004] <... openat resumed>) = 8 [pid 14988] <... openat resumed>) = 7 ./strace-static-x86_64: Process 15007 attached ./strace-static-x86_64: Process 15006 attached [pid 15004] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 14988] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] set_robust_list(0x555555f755e0, 24 [pid 15006] set_robust_list(0x7f1c324369e0, 24 [pid 15004] <... futex resumed>) = 1 [pid 14988] <... futex resumed>) = 0 [pid 14984] <... futex resumed>) = 0 [pid 15006] <... set_robust_list resumed>) = 0 [pid 15005] <... openat resumed>) = 8 [pid 15004] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14988] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14984] exit_group(0 [pid 15006] memfd_create("syzkaller", 0 [pid 15007] <... set_robust_list resumed>) = 0 [pid 15004] <... futex resumed>) = ? [pid 14988] <... futex resumed>) = ? [pid 14984] <... exit_group resumed>) = ? [pid 15005] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] chdir("./529" [pid 14988] +++ exited with 0 +++ [pid 15004] +++ exited with 0 +++ [pid 14984] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14984, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 14985] <... openat resumed>) = 7 [pid 14985] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14985] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15006] <... memfd_create resumed>) = 3 [pid 411] <... restart_syscall resumed>) = 0 [pid 15006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15007] <... chdir resumed>) = 0 [pid 15005] <... futex resumed>) = 1 [pid 14983] <... futex resumed>) = 0 [pid 15007] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15005] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14983] exit_group(0 [pid 411] umount2("./533", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15007] <... prctl resumed>) = 0 [pid 15005] <... futex resumed>) = ? [pid 14983] <... exit_group resumed>) = ? [pid 15007] setpgid(0, 0 [pid 15005] +++ exited with 0 +++ [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15007] <... setpgid resumed>) = 0 [pid 15007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] openat(AT_FDCWD, "./533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15007] <... openat resumed>) = 3 [pid 15007] write(3, "1000", 4 [pid 411] <... openat resumed>) = 3 [pid 15007] <... write resumed>) = 4 [pid 411] fstat(3, [pid 15007] close(3 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15007] <... close resumed>) = 0 [pid 411] getdents64(3, [pid 15007] symlink("/dev/binderfs", "./binderfs") = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15007] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15007] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] lstat("./533/binderfs", [pid 15007] <... mmap resumed>) = 0x7f1c32416000 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15007] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 411] unlink("./533/binderfs" [pid 15007] <... mprotect resumed>) = 0 [pid 15007] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... unlink resumed>) = 0 [ 265.161711][T15003] loop5: detected capacity change from 0 to 2048 [ 265.167691][T14988] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 265.183096][T14985] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 411] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15007] <... clone resumed>, parent_tid=[15010], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15010 [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15010 attached [pid 15010] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15010] memfd_create("syzkaller", 0) = 3 [pid 15010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15010] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15006] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 14985] <... futex resumed>) = ? [pid 14985] +++ exited with 0 +++ [pid 14983] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14983, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./528", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./528/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./528/binderfs") = 0 [pid 407] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15010] <... write resumed>) = 1048576 [pid 15006] <... write resumed>) = 1048576 [pid 15010] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15010] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 15010] ioctl(4, LOOP_SET_FD, 3 [pid 15006] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15003] <... mount resumed>) = 0 [pid 15001] <... mount resumed>) = 0 [pid 15006] <... openat resumed>) = 4 [pid 15006] ioctl(4, LOOP_SET_FD, 3 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./533/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./533/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./533/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./533") = 0 [pid 411] mkdir("./534", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15013 [pid 15001] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15001] chdir("./bus") = 0 [pid 15001] ioctl(4, LOOP_CLR_FD) = 0 [pid 15001] close(4) = 0 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15001] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15003] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15003] chdir("./bus") = 0 [pid 15003] ioctl(4, LOOP_CLR_FD) = 0 [pid 15003] close(4) = 0 [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15002] <... futex resumed>) = 0 [pid 14999] <... futex resumed>) = 0 [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] chdir("./file0" [pid 15006] <... ioctl resumed>) = 0 [pid 14999] <... futex resumed>) = 1 ./strace-static-x86_64: Process 15013 attached [pid 15010] <... ioctl resumed>) = 0 [pid 15003] <... chdir resumed>) = 0 [pid 15002] <... futex resumed>) = 0 [pid 15001] <... futex resumed>) = 0 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15006] close(3 [pid 15010] close(3 [pid 15006] <... close resumed>) = 0 [pid 15010] <... close resumed>) = 0 [pid 15010] mkdir("./bus", 0777 [pid 15006] mkdir("./bus", 0777 [pid 15010] <... mkdir resumed>) = 0 [pid 15006] <... mkdir resumed>) = 0 [pid 15010] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15006] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15001] chdir("./file0" [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] set_robust_list(0x555555f755e0, 24 [pid 15001] <... chdir resumed>) = 0 [pid 15003] <... futex resumed>) = 1 [pid 15002] <... futex resumed>) = 0 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] <... futex resumed>) = 1 [pid 14999] <... futex resumed>) = 0 [pid 15002] <... futex resumed>) = 0 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14999] <... futex resumed>) = 0 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15013] <... set_robust_list resumed>) = 0 [pid 15013] chdir("./534") = 0 [pid 15013] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15013] setpgid(0, 0) = 0 [pid 15013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15013] write(3, "1000", 4) = 4 [pid 15013] close(3) = 0 [pid 15013] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15013] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15013] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15013] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15014], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15014 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15014 attached [pid 15014] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15014] memfd_create("syzkaller", 0) = 3 [pid 15014] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15001] <... open resumed>) = 4 [pid 15003] <... open resumed>) = 4 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14999] <... futex resumed>) = 0 [pid 15002] <... futex resumed>) = 0 [pid 15001] <... futex resumed>) = 1 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 14999] <... futex resumed>) = 0 [pid 15002] <... futex resumed>) = 0 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] <... futex resumed>) = 1 [pid 15001] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15003] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15001] <... openat resumed>) = 5 [pid 15003] <... openat resumed>) = 5 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 14999] <... futex resumed>) = 0 [pid 15001] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14999] <... futex resumed>) = 0 [pid 15003] <... futex resumed>) = 1 [pid 15002] <... futex resumed>) = 0 [pid 15003] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15001] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15001] <... write resumed>) = 196608 [pid 15003] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15002] <... futex resumed>) = 0 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15014] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15003] <... write resumed>) = 196608 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14999] <... futex resumed>) = 0 [pid 15001] <... futex resumed>) = 1 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 14999] <... futex resumed>) = 0 [pid 15003] <... futex resumed>) = 1 [pid 15001] <... mount resumed>) = 0 [pid 15002] <... futex resumed>) = 0 [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [ 265.208845][T15001] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/533/bus supports timestamps until 2038 (0x7fffffff) [ 265.223371][T15003] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/531/bus supports timestamps until 2038 (0x7fffffff) [ 265.231671][T15010] loop2: detected capacity change from 0 to 2048 [ 265.236102][T15006] loop3: detected capacity change from 0 to 2048 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] <... mount resumed>) = 0 [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15002] <... futex resumed>) = 0 [pid 15001] <... futex resumed>) = 0 [pid 14999] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] <... futex resumed>) = 0 [pid 15001] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15014] <... write resumed>) = 1048576 [pid 15014] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15014] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 15014] ioctl(4, LOOP_SET_FD, 3 [pid 15003] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15002] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15001] <... open resumed>) = 6 [pid 14999] <... futex resumed>) = 0 [pid 15014] <... ioctl resumed>) = 0 [pid 15014] close(3) = 0 [pid 15014] mkdir("./bus", 0777) = 0 [pid 15014] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15006] <... mount resumed>) = 0 [pid 15006] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] <... futex resumed>) = 0 [pid 15002] <... futex resumed>) = 1 [pid 15001] <... futex resumed>) = 0 [pid 14999] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 407] <... umount2 resumed>) = 0 [pid 15003] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15001] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15003] <... open resumed>) = 6 [pid 15001] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 14999] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] lstat("./528/bus", [pid 15003] <... futex resumed>) = 1 [pid 15002] <... futex resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./528/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15003] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15010] <... mount resumed>) = 0 [pid 15006] <... openat resumed>) = 3 [pid 15002] <... futex resumed>) = 0 [pid 15001] <... write resumed>) = 1048576 [pid 407] openat(AT_FDCWD, "./528/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... openat resumed>) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [ 265.288973][T15006] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/538/bus supports timestamps until 2038 (0x7fffffff) [ 265.292460][T15014] loop4: detected capacity change from 0 to 2048 [ 265.302237][T15010] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/529/bus supports timestamps until 2038 (0x7fffffff) [pid 407] close(4 [pid 15010] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15006] chdir("./bus" [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] <... chdir resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 15006] ioctl(4, LOOP_CLR_FD) = 0 [pid 15006] close(4) = 0 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] <... futex resumed>) = 0 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15006] <... futex resumed>) = 1 [pid 15006] chdir("./file0" [pid 14999] <... futex resumed>) = 0 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15001] <... futex resumed>) = 1 [pid 15001] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15010] <... openat resumed>) = 3 [pid 15006] <... chdir resumed>) = 0 [pid 15003] <... write resumed>) = 1048576 [pid 407] rmdir("./528/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./528") = 0 [pid 407] mkdir("./529", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15019 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15000] <... futex resumed>) = 0 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15006] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15000] <... futex resumed>) = 0 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15006] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15000] <... futex resumed>) = 0 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15006] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 15019 attached [pid 15010] chdir("./bus" [pid 15006] <... write resumed>) = 196608 [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15014] <... mount resumed>) = 0 [pid 15014] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15014] chdir("./bus") = 0 [pid 15014] ioctl(4, LOOP_CLR_FD) = 0 [pid 15014] close(4 [pid 15019] set_robust_list(0x555555f755e0, 24 [pid 15014] <... close resumed>) = 0 [pid 15010] <... chdir resumed>) = 0 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] <... futex resumed>) = 1 [pid 15002] <... futex resumed>) = 0 [pid 15019] <... set_robust_list resumed>) = 0 [pid 15010] ioctl(4, LOOP_CLR_FD [pid 15006] <... futex resumed>) = 1 [pid 15003] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] <... futex resumed>) = 0 [pid 15019] chdir("./529" [pid 15010] <... ioctl resumed>) = 0 [pid 15006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15003] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15002] <... futex resumed>) = 0 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15019] <... chdir resumed>) = 0 [pid 15010] close(4 [pid 15006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15003] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15019] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15010] <... close resumed>) = 0 [pid 15006] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15001] <... openat resumed>) = 7 [pid 15019] <... prctl resumed>) = 0 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] setpgid(0, 0 [pid 15010] <... futex resumed>) = 1 [pid 15007] <... futex resumed>) = 0 [pid 15019] <... setpgid resumed>) = 0 [pid 15010] chdir("./file0" [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15010] <... chdir resumed>) = 0 [pid 15007] <... futex resumed>) = 0 [pid 15019] <... openat resumed>) = 3 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15019] write(3, "1000", 4 [pid 15010] <... futex resumed>) = 0 [pid 15007] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15019] <... write resumed>) = 4 [pid 15010] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] close(3 [pid 15010] <... open resumed>) = 4 [pid 15007] <... futex resumed>) = 0 [pid 15019] <... close resumed>) = 0 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 265.342725][T15001] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.358144][T15014] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/534/bus supports timestamps until 2038 (0x7fffffff) [ 265.359459][T15001] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 15019] symlink("/dev/binderfs", "./binderfs" [pid 15010] <... futex resumed>) = 0 [pid 15007] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15019] <... symlink resumed>) = 0 [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15010] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15007] <... futex resumed>) = 0 [pid 15019] <... futex resumed>) = 0 [pid 15010] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15019] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15010] <... openat resumed>) = 5 [pid 15019] <... mmap resumed>) = 0x7f1c32416000 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15010] <... futex resumed>) = 1 [pid 15007] <... futex resumed>) = 0 [pid 15006] <... mount resumed>) = 0 [pid 14999] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15019] <... mprotect resumed>) = 0 [pid 15014] <... futex resumed>) = 1 [pid 15013] <... futex resumed>) = 0 [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14999] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] <... futex resumed>) = 1 [pid 14999] <... futex resumed>) = 0 [pid 15013] <... futex resumed>) = 0 [pid 15006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 14999] <... futex resumed>) = 0 [pid 14999] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15001] <... futex resumed>) = 1 [pid 15001] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15014] chdir("./file0" [pid 15001] <... openat resumed>) = 8 [pid 15014] <... chdir resumed>) = 0 [pid 15001] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 14999] <... futex resumed>) = 0 [pid 14999] exit_group(0) = ? [pid 15001] <... futex resumed>) = ? [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15001] +++ exited with 0 +++ [pid 14999] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14999, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 15014] <... futex resumed>) = 1 [pid 15014] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 408] <... restart_syscall resumed>) = 0 [pid 408] umount2("./533", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./533/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./533/binderfs") = 0 [pid 408] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15019] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15022], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15022 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15010] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15010] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 15022 attached ) = 196608 [pid 15007] <... futex resumed>) = 0 [pid 15003] <... openat resumed>) = 7 [pid 15000] <... futex resumed>) = 0 [pid 15022] set_robust_list(0x7f1c324369e0, 24 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] <... set_robust_list resumed>) = 0 [pid 15010] <... futex resumed>) = 0 [pid 15007] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15006] <... futex resumed>) = 0 [pid 15003] <... futex resumed>) = 1 [pid 15002] <... futex resumed>) = 0 [pid 15000] <... futex resumed>) = 1 [pid 15022] memfd_create("syzkaller", 0 [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15003] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15002] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... memfd_create resumed>) = 3 [pid 15010] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15007] <... futex resumed>) = 0 [pid 15006] <... open resumed>) = 6 [pid 15003] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15002] <... futex resumed>) = 0 [pid 15022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15010] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15003] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15002] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... mmap resumed>) = 0x7f1c2a016000 [pid 15010] <... mount resumed>) = 0 [pid 15006] <... futex resumed>) = 1 [pid 15003] <... openat resumed>) = 8 [pid 15000] <... futex resumed>) = 0 [pid 15014] <... open resumed>) = 4 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15003] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15010] <... futex resumed>) = 1 [pid 15007] <... futex resumed>) = 0 [pid 15006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15003] <... futex resumed>) = 1 [pid 15002] <... futex resumed>) = 0 [pid 15000] <... futex resumed>) = 0 [pid 15014] <... futex resumed>) = 1 [pid 15013] <... futex resumed>) = 0 [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15003] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15002] exit_group(0 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15014] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15010] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15007] <... futex resumed>) = 0 [pid 15003] <... futex resumed>) = ? [pid 15002] <... exit_group resumed>) = ? [pid 15022] <... write resumed>) = 1048576 [pid 15014] <... openat resumed>) = 5 [pid 15013] <... futex resumed>) = 0 [pid 15010] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15003] +++ exited with 0 +++ [pid 15002] +++ exited with 0 +++ [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15010] <... open resumed>) = 6 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15007] <... futex resumed>) = 0 [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15002, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 15010] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15007] <... futex resumed>) = 0 [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 15010] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... restart_syscall resumed>) = 0 [pid 15013] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./531", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15014] <... futex resumed>) = 1 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15014] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 412] openat(AT_FDCWD, "./531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15022] munmap(0x7f1c2a016000, 1048576 [pid 412] <... openat resumed>) = 3 [pid 15022] <... munmap resumed>) = 0 [pid 412] fstat(3, [pid 15022] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15022] <... openat resumed>) = 4 [pid 412] getdents64(3, [pid 15022] ioctl(4, LOOP_SET_FD, 3 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./531/binderfs", [pid 15014] <... write resumed>) = 196608 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./531/binderfs") = 0 [pid 412] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] <... ioctl resumed>) = 0 [pid 15022] close(3) = 0 [pid 15022] mkdir("./bus", 0777) = 0 [pid 15022] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15014] <... futex resumed>) = 1 [pid 15013] <... futex resumed>) = 0 [pid 15014] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15014] <... futex resumed>) = 0 [pid 15014] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15013] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15014] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15013] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15014] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15010] <... write resumed>) = 1048576 [pid 15006] <... write resumed>) = 1048576 [pid 408] <... umount2 resumed>) = 0 [pid 15014] <... write resumed>) = 1048576 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15006] <... futex resumed>) = 1 [pid 15000] <... futex resumed>) = 0 [pid 15000] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15014] <... futex resumed>) = 1 [pid 15013] <... futex resumed>) = 0 [pid 15006] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15000] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15013] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./533/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./533/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./533/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./533") = 0 [pid 408] mkdir("./534", 0777 [pid 15014] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] <... mkdir resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [ 265.382178][T15003] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.396939][T15003] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 265.432127][T15022] loop0: detected capacity change from 0 to 2048 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15025 ./strace-static-x86_64: Process 15025 attached [pid 15025] set_robust_list(0x555555f755e0, 24) = 0 [pid 15025] chdir("./534") = 0 [pid 15025] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15025] setpgid(0, 0) = 0 [pid 15025] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15025] write(3, "1000", 4) = 4 [pid 15025] close(3) = 0 [pid 15025] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15025] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15025] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15025] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15026], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15026 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15026 attached [pid 15026] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15026] memfd_create("syzkaller", 0) = 3 [pid 15026] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] <... umount2 resumed>) = 0 [pid 15007] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15007] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15026] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15026] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15026] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15026] ioctl(4, LOOP_SET_FD, 3 [pid 15007] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15026] <... ioctl resumed>) = 0 [pid 15026] close(3) = 0 [pid 15026] mkdir("./bus", 0777) = 0 [pid 15026] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15013] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15007] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15000] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15007] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15013] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] <... mprotect resumed>) = 0 [pid 15000] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] <... futex resumed>) = 0 [pid 15000] <... futex resumed>) = 0 [pid 15007] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15013] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15000] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15013] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15000] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15007] <... clone resumed>, parent_tid=[15027], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15027 [pid 15013] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15000] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15007] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] <... mprotect resumed>) = 0 [pid 15007] <... futex resumed>) = 0 [pid 15000] <... mprotect resumed>) = 0 [pid 15007] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15013] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15000] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15013] <... clone resumed>, parent_tid=[15028], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15028 [pid 15000] <... clone resumed>, parent_tid=[15029], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15029 [pid 15013] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] <... futex resumed>) = 0 [pid 15000] <... futex resumed>) = 0 [pid 15013] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15000] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 265.472247][T15006] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.488728][T15022] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/529/bus supports timestamps until 2038 (0x7fffffff) [ 265.499025][T15026] loop1: detected capacity change from 0 to 2048 [ 265.500637][T15014] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 412] lstat("./531/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./531/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./531/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./531") = 0 [pid 412] mkdir("./532", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15030 ./strace-static-x86_64: Process 15027 attached ./strace-static-x86_64: Process 15030 attached [pid 15027] set_robust_list(0x7f1c2a1159e0, 24 [pid 15030] set_robust_list(0x555555f755e0, 24 [pid 15027] <... set_robust_list resumed>) = 0 [pid 15027] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15030] <... set_robust_list resumed>) = 0 [pid 15030] chdir("./532" [pid 15006] <... openat resumed>) = 7 [pid 15022] <... mount resumed>) = 0 [pid 15006] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15006] <... futex resumed>) = 0 [pid 15006] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15022] <... openat resumed>) = 3 [pid 15022] chdir("./bus" [pid 15030] <... chdir resumed>) = 0 [pid 15030] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15030] setpgid(0, 0) = 0 [pid 15030] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 15029 attached ./strace-static-x86_64: Process 15028 attached [pid 15030] write(3, "1000", 4 [pid 15022] <... chdir resumed>) = 0 [pid 15014] <... openat resumed>) = 7 [pid 15022] ioctl(4, LOOP_CLR_FD) = 0 [pid 15022] close(4) = 0 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15022] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15028] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15014] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15028] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15014] <... futex resumed>) = 0 [pid 15028] <... openat resumed>) = 8 [pid 15014] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15029] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15029] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15028] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15013] <... futex resumed>) = 0 [pid 15013] exit_group(0) = ? [pid 15014] <... futex resumed>) = ? [pid 15014] +++ exited with 0 +++ [pid 15028] <... futex resumed>) = ? [pid 15029] <... openat resumed>) = 8 [pid 15028] +++ exited with 0 +++ [pid 15013] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15013, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./534", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./534/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./534/binderfs") = 0 [pid 411] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15029] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15000] <... futex resumed>) = 0 [pid 15000] exit_group(0 [pid 15006] <... futex resumed>) = ? [pid 15000] <... exit_group resumed>) = ? [pid 15006] +++ exited with 0 +++ [pid 15029] <... futex resumed>) = ? [pid 15029] +++ exited with 0 +++ [pid 15000] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15000, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] umount2("./538", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./538/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./538/binderfs") = 0 [pid 410] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15030] <... write resumed>) = 4 [pid 15030] close(3) = 0 [pid 15030] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15030] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15030] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15030] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15032], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15032 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15032 attached [pid 15032] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15032] memfd_create("syzkaller", 0) = 3 [pid 15032] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15019] <... futex resumed>) = 0 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] <... futex resumed>) = 0 [pid 15019] <... futex resumed>) = 1 [pid 15022] chdir("./file0" [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... chdir resumed>) = 0 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15019] <... futex resumed>) = 0 [pid 15022] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15019] <... futex resumed>) = 0 [pid 15022] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... open resumed>) = 4 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15019] <... futex resumed>) = 0 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15019] <... futex resumed>) = 0 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... openat resumed>) = 5 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15019] <... futex resumed>) = 0 [pid 15022] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15032] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... write resumed>) = 196608 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] <... futex resumed>) = 0 [pid 15007] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15007] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 15019] <... futex resumed>) = 0 [pid 15022] <... futex resumed>) = 1 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15007] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15007] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 15022] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15007] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15007] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15007] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15022] <... mount resumed>) = 0 [pid 15010] <... futex resumed>) = 0 [pid 15007] <... futex resumed>) = 1 [pid 15010] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15007] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 265.526986][T15006] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 265.539008][T15014] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 265.541557][T15027] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15019] <... futex resumed>) = 0 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15032] <... write resumed>) = 1048576 [pid 15032] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15032] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15032] ioctl(4, LOOP_SET_FD, 3 [pid 15022] <... open resumed>) = 6 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15032] <... ioctl resumed>) = 0 [pid 15032] close(3) = 0 [pid 15032] mkdir("./bus", 0777) = 0 [pid 15032] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15022] <... futex resumed>) = 1 [pid 15022] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15026] <... mount resumed>) = 0 [pid 15019] <... futex resumed>) = 0 [pid 15027] <... openat resumed>) = 7 [pid 15027] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15027] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15026] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15026] chdir("./bus") = 0 [pid 15026] ioctl(4, LOOP_CLR_FD) = 0 [pid 15026] close(4) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15025] <... futex resumed>) = 0 [pid 15026] chdir("./file0" [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] <... chdir resumed>) = 0 [pid 15025] <... futex resumed>) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] <... futex resumed>) = 0 [pid 15025] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15026] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] <... open resumed>) = 4 [pid 15025] <... futex resumed>) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] <... futex resumed>) = 0 [pid 15025] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15026] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] <... openat resumed>) = 5 [pid 15025] <... futex resumed>) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] <... futex resumed>) = 0 [pid 15025] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15026] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] <... write resumed>) = 196608 [pid 15025] <... futex resumed>) = 0 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15025] <... futex resumed>) = 0 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] <... futex resumed>) = 1 [pid 15026] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15025] <... futex resumed>) = 0 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] <... futex resumed>) = 1 [pid 15026] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15025] <... futex resumed>) = 0 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15026] <... futex resumed>) = 1 [pid 15026] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15010] <... openat resumed>) = 8 [pid 15022] <... futex resumed>) = 0 [pid 15019] <... futex resumed>) = 1 [pid 15010] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15032] <... mount resumed>) = 0 [pid 15022] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15010] <... futex resumed>) = 1 [pid 15007] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 15032] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15032] chdir("./bus") = 0 [pid 15032] ioctl(4, LOOP_CLR_FD) = 0 [pid 15032] close(4) = 0 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15030] <... futex resumed>) = 0 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15010] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15007] exit_group(0) = ? [pid 15027] <... futex resumed>) = ? [pid 15010] <... futex resumed>) = ? [pid 15027] +++ exited with 0 +++ [pid 15010] +++ exited with 0 +++ [pid 15007] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15007, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./529", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 15032] <... futex resumed>) = 1 [pid 15026] <... write resumed>) = 1048576 [pid 410] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] fstat(3, [pid 15032] chdir("./file0" [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15026] <... futex resumed>) = 1 [pid 15025] <... futex resumed>) = 0 [pid 410] lstat("./538/bus", [pid 409] getdents64(3, [pid 15026] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15025] <... futex resumed>) = 0 [pid 410] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] openat(AT_FDCWD, "./538/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 4 [pid 409] lstat("./529/binderfs", [pid 410] fstat(4, [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] unlink("./529/binderfs" [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... unlink resumed>) = 0 [pid 410] getdents64(4, [pid 409] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./538/bus") = 0 [pid 15032] <... chdir resumed>) = 0 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15030] <... futex resumed>) = 0 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] getdents64(3, [pid 15030] <... futex resumed>) = 0 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15032] <... futex resumed>) = 1 [ 265.576855][T15032] loop5: detected capacity change from 0 to 2048 [ 265.579677][T15026] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/534/bus supports timestamps until 2038 (0x7fffffff) [ 265.586094][T15027] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 265.596063][T15032] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/532/bus supports timestamps until 2038 (0x7fffffff) [pid 15032] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15022] <... write resumed>) = 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 410] close(3 [pid 409] <... umount2 resumed>) = 0 [pid 411] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... close resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] rmdir("./538" [pid 411] lstat("./534/bus", [pid 410] <... rmdir resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] mkdir("./539", 0777 [pid 411] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... mkdir resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] openat(AT_FDCWD, "./534/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... openat resumed>) = 3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... openat resumed>) = 4 [pid 411] fstat(4, [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] lstat("./529/bus", [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] getdents64(4, [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] close(3 [pid 411] getdents64(4, [pid 410] <... close resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] close(4) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15036 [pid 411] rmdir("./534/bus") = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] openat(AT_FDCWD, "./529/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] close(3 [pid 409] <... openat resumed>) = 4 [pid 411] <... close resumed>) = 0 [pid 411] rmdir("./534") = 0 [pid 411] mkdir("./535", 0777) = 0 [pid 409] fstat(4, [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] ioctl(3, LOOP_CLR_FD [pid 409] getdents64(4, [pid 15032] <... futex resumed>) = 1 [pid 15030] <... futex resumed>) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15032] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 409] getdents64(4, ./strace-static-x86_64: Process 15036 attached [pid 15032] <... openat resumed>) = 5 [pid 15030] <... futex resumed>) = 0 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] close(4 [pid 15032] <... futex resumed>) = 0 [pid 15030] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] <... close resumed>) = 0 [pid 15032] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15037 [pid 409] rmdir("./529/bus" [pid 15032] <... write resumed>) = 196608 [pid 15030] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./529" [pid 15036] set_robust_list(0x555555f755e0, 24 [pid 15022] <... futex resumed>) = 1 [pid 15019] <... futex resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 15037 attached [pid 15036] <... set_robust_list resumed>) = 0 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] <... openat resumed>) = 7 [pid 15022] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15037] set_robust_list(0x555555f755e0, 24 [pid 15036] chdir("./539" [pid 15032] <... futex resumed>) = 1 [pid 15030] <... futex resumed>) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] <... futex resumed>) = 0 [pid 409] mkdir("./530", 0777 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... mkdir resumed>) = 0 [pid 15030] <... futex resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15037] <... set_robust_list resumed>) = 0 [pid 15037] chdir("./535") = 0 [pid 15037] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15037] setpgid(0, 0) = 0 [pid 15037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15037] write(3, "1000", 4) = 4 [pid 15037] close(3) = 0 [pid 15037] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15037] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15037] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15037] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15038], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15038 [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15038 attached [pid 15038] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15038] memfd_create("syzkaller", 0) = 3 [pid 15038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15036] <... chdir resumed>) = 0 [pid 15036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15036] setpgid(0, 0) = 0 [pid 15036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15036] write(3, "1000", 4) = 4 [pid 15036] close(3 [pid 15025] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15036] <... close resumed>) = 0 [pid 15025] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] symlink("/dev/binderfs", "./binderfs" [pid 15026] <... futex resumed>) = 0 [pid 15025] <... futex resumed>) = 0 [pid 15036] <... symlink resumed>) = 0 [pid 15026] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15025] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] <... openat resumed>) = 8 [pid 15036] <... futex resumed>) = 0 [pid 15026] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15026] <... futex resumed>) = 1 [pid 15025] <... futex resumed>) = 0 [pid 15036] <... mmap resumed>) = 0x7f1c32416000 [pid 15026] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15025] exit_group(0 [pid 15036] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15026] <... futex resumed>) = ? [pid 15025] <... exit_group resumed>) = ? [ 265.651882][T15026] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.668507][T15026] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 265.681102][T15022] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15038] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15036] <... mprotect resumed>) = 0 [pid 15032] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15032] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15038] <... write resumed>) = 1048576 [pid 15038] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15038] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 15038] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15038] close(3) = 0 [pid 15038] mkdir("./bus", 0777 [pid 15030] <... futex resumed>) = 0 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15032] <... futex resumed>) = 0 [pid 15030] <... futex resumed>) = 1 [pid 15032] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15032] <... open resumed>) = 6 [pid 15036] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15030] <... futex resumed>) = 0 [pid 15032] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... clone resumed>, parent_tid=[15039], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15039 [pid 15032] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15030] <... futex resumed>) = 0 [pid 15032] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15038] <... mkdir resumed>) = 0 [pid 15038] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15026] +++ exited with 0 +++ [pid 15025] +++ exited with 0 +++ ./strace-static-x86_64: Process 15039 attached [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15025, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] umount2("./534", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15039] set_robust_list(0x7f1c324369e0, 24 [pid 15036] <... futex resumed>) = 0 [pid 15022] <... openat resumed>) = 7 [pid 408] umount2("./534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15039] <... set_robust_list resumed>) = 0 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] lstat("./534/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15022] <... futex resumed>) = 1 [pid 15019] <... futex resumed>) = 0 [pid 408] unlink("./534/binderfs" [pid 15022] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15019] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... unlink resumed>) = 0 [pid 15019] <... futex resumed>) = 0 [pid 408] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15019] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15022] <... openat resumed>) = 8 [pid 15039] memfd_create("syzkaller", 0 [pid 15022] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15019] <... futex resumed>) = 0 [pid 15039] <... memfd_create resumed>) = 3 [pid 15019] exit_group(0 [pid 15039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15019] <... exit_group resumed>) = ? [pid 15039] <... mmap resumed>) = 0x7f1c2a016000 [pid 15022] +++ exited with 0 +++ [pid 15019] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15019, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] umount2("./529", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... openat resumed>) = 3 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] ioctl(3, LOOP_CLR_FD [pid 407] lstat("./529/binderfs", [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] close(3 [pid 407] unlink("./529/binderfs" [pid 409] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... unlink resumed>) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15040 [pid 407] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15039] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15039] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15039] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 265.703472][T15038] loop4: detected capacity change from 0 to 2048 [ 265.711475][T15022] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 15039] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15040 attached [pid 15032] <... write resumed>) = 1048576 [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15030] <... futex resumed>) = 0 [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15032] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15040] set_robust_list(0x555555f755e0, 24 [pid 15039] <... ioctl resumed>) = 0 [pid 15040] <... set_robust_list resumed>) = 0 [pid 15040] chdir("./530") = 0 [pid 15040] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15040] setpgid(0, 0) = 0 [pid 15040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15040] write(3, "1000", 4) = 4 [pid 15040] close(3) = 0 [pid 15040] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15040] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15040] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15040] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15043], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15043 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15039] close(3) = 0 [pid 15039] mkdir("./bus", 0777) = 0 [pid 15039] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15043 attached [pid 15043] set_robust_list(0x7f1c324369e0, 24 [pid 15032] <... openat resumed>) = 7 [pid 15043] <... set_robust_list resumed>) = 0 [pid 15043] memfd_create("syzkaller", 0) = 3 [pid 15043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15043] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15038] <... mount resumed>) = 0 [pid 15038] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15038] <... openat resumed>) = 3 [pid 15032] <... futex resumed>) = 1 [pid 15038] chdir("./bus" [pid 15032] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15030] <... futex resumed>) = 0 [pid 15038] <... chdir resumed>) = 0 [pid 15038] ioctl(4, LOOP_CLR_FD [pid 15030] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15038] <... ioctl resumed>) = 0 [pid 15038] close(4 [pid 15032] <... futex resumed>) = 0 [pid 15030] <... futex resumed>) = 1 [pid 15038] <... close resumed>) = 0 [pid 15032] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15043] <... write resumed>) = 1048576 [pid 15038] <... futex resumed>) = 1 [pid 15032] <... openat resumed>) = 8 [pid 15030] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15038] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15032] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15032] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15043] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15043] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 265.745588][T15039] loop3: detected capacity change from 0 to 2048 [ 265.749069][T15032] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.766535][T15032] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 265.766916][T15038] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/535/bus supports timestamps until 2038 (0x7fffffff) [pid 15043] ioctl(4, LOOP_SET_FD, 3 [pid 15037] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 15043] <... ioctl resumed>) = 0 [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15030] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 407] <... umount2 resumed>) = 0 [pid 15043] close(3) = 0 [pid 15043] mkdir("./bus", 0777) = 0 [pid 15043] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./534/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./534/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./534/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./534") = 0 [pid 408] mkdir("./535", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3 [pid 15039] <... mount resumed>) = 0 [pid 15038] <... futex resumed>) = 0 [pid 15037] <... futex resumed>) = 1 [pid 15030] exit_group(0 [pid 408] <... close resumed>) = 0 [pid 407] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15039] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15039] <... openat resumed>) = 3 [pid 15039] chdir("./bus" [pid 15038] chdir("./file0" [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15032] <... futex resumed>) = ? [pid 15030] <... exit_group resumed>) = ? [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15046 [pid 15039] <... chdir resumed>) = 0 [pid 15038] <... chdir resumed>) = 0 [pid 15032] +++ exited with 0 +++ [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15039] ioctl(4, LOOP_CLR_FD [pid 15030] +++ exited with 0 +++ [pid 15039] <... ioctl resumed>) = 0 [pid 15039] close(4) = 0 [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15036] <... futex resumed>) = 0 [pid 15039] chdir("./file0" [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15039] <... chdir resumed>) = 0 [pid 15036] <... futex resumed>) = 0 [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15039] <... futex resumed>) = 0 [pid 15036] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15039] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15046 attached [pid 15046] set_robust_list(0x555555f755e0, 24) = 0 [pid 15046] chdir("./535") = 0 [pid 15046] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15046] setpgid(0, 0) = 0 [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15030, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15038] <... futex resumed>) = 1 [pid 15037] <... futex resumed>) = 0 [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15038] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15037] <... futex resumed>) = 0 [pid 15046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15038] <... open resumed>) = 4 [pid 407] lstat("./529/bus", [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15038] <... futex resumed>) = 1 [pid 15037] <... futex resumed>) = 0 [pid 15038] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./529/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15039] <... open resumed>) = 4 [pid 15038] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15037] <... futex resumed>) = 0 [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15038] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15038] <... openat resumed>) = 5 [pid 412] umount2("./532", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15039] <... futex resumed>) = 1 [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... futex resumed>) = 0 [pid 407] openat(AT_FDCWD, "./529/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15039] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15038] <... futex resumed>) = 1 [pid 15037] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15038] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... openat resumed>) = 4 [pid 15039] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15038] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15039] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15037] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... openat resumed>) = 3 [pid 407] fstat(4, [pid 15038] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] fstat(3, [pid 15046] <... openat resumed>) = 3 [pid 15046] write(3, "1000", 4) = 4 [pid 15046] close(3) = 0 [pid 15046] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15039] <... openat resumed>) = 5 [pid 15038] <... write resumed>) = 196608 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15036] <... futex resumed>) = 0 [pid 15039] <... futex resumed>) = 1 [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15037] <... futex resumed>) = 0 [pid 15046] <... mmap resumed>) = 0x7f1c32416000 [pid 15038] <... futex resumed>) = 1 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15046] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15039] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15038] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15046] <... mprotect resumed>) = 0 [pid 15037] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] lstat("./532/binderfs", [pid 407] getdents64(4, [pid 15046] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15038] <... mount resumed>) = 0 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./532/binderfs" [pid 15046] <... clone resumed>, parent_tid=[15047], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15047 [pid 15038] <... futex resumed>) = 1 [pid 15037] <... futex resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 407] close(4 [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15038] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15037] <... futex resumed>) = 0 [pid 412] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... close resumed>) = 0 [pid 15046] <... futex resumed>) = 0 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15047 attached [pid 15047] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15038] <... open resumed>) = 6 [pid 407] rmdir("./529/bus" [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15047] memfd_create("syzkaller", 0) = 3 [pid 15047] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 407] <... rmdir resumed>) = 0 [pid 15038] <... futex resumed>) = 1 [pid 15037] <... futex resumed>) = 0 [pid 407] getdents64(3, [pid 15038] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15037] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15037] <... futex resumed>) = 0 [pid 15037] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] close(3) = 0 [pid 407] rmdir("./529") = 0 [pid 15039] <... write resumed>) = 196608 [pid 407] mkdir("./530", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 15047] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15049 [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... futex resumed>) = 0 [pid 15039] <... futex resumed>) = 1 [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15039] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15036] <... futex resumed>) = 0 [pid 15039] <... mount resumed>) = 0 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15036] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15039] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15036] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15039] <... open resumed>) = 6 [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... futex resumed>) = 0 [pid 15039] <... futex resumed>) = 1 [pid 15036] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15039] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15036] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... write resumed>) = 1048576 [pid 15047] munmap(0x7f1c2a016000, 1048576./strace-static-x86_64: Process 15049 attached ) = 0 [pid 15049] set_robust_list(0x555555f755e0, 24) = 0 [pid 15049] chdir("./530" [pid 15047] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15047] ioctl(4, LOOP_SET_FD, 3 [pid 15049] <... chdir resumed>) = 0 [pid 15049] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 265.792589][T15043] loop2: detected capacity change from 0 to 2048 [ 265.799711][T15039] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/539/bus supports timestamps until 2038 (0x7fffffff) [pid 15049] setpgid(0, 0) = 0 [pid 15049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./532/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15049] <... openat resumed>) = 3 [pid 15049] write(3, "1000", 4) = 4 [pid 15049] close(3) = 0 [pid 15049] symlink("/dev/binderfs", "./binderfs" [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./532/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, [pid 15049] <... symlink resumed>) = 0 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15049] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15049] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./532/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 15049] <... clone resumed>, parent_tid=[15051], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15051 [pid 412] rmdir("./532") = 0 [pid 412] mkdir("./533", 0777 [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15049] <... futex resumed>) = 0 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 15047] <... ioctl resumed>) = 0 [pid 15047] close(3) = 0 [pid 15047] mkdir("./bus", 0777) = 0 [pid 15047] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15051 attached [pid 15051] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15051] memfd_create("syzkaller", 0) = 3 [pid 15051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15051] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15051] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15051] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15051] ioctl(4, LOOP_SET_FD, 3 [pid 15037] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15037] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15037] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15037] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15037] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15053], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15053 [pid 15037] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15037] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15051] <... ioctl resumed>) = 0 [pid 15051] close(3) = 0 [pid 15051] mkdir("./bus", 0777 [pid 15036] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15036] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15036] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15036] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15036] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15043] <... mount resumed>) = 0 [pid 15043] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15036] <... clone resumed>, parent_tid=[15054], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15054 [pid 15036] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15036] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... openat resumed>) = 3 [pid 15043] chdir("./bus") = 0 [pid 15043] ioctl(4, LOOP_CLR_FD) = 0 [pid 15043] close(4) = 0 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15040] <... futex resumed>) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15052 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... futex resumed>) = 1 [pid 15043] chdir("./file0") = 0 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15040] <... futex resumed>) = 0 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15051] <... mkdir resumed>) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... futex resumed>) = 1 [pid 15043] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15051] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15043] <... open resumed>) = 4 ./strace-static-x86_64: Process 15052 attached [pid 15052] set_robust_list(0x555555f755e0, 24 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15040] <... futex resumed>) = 0 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15052] <... set_robust_list resumed>) = 0 [pid 15043] <... openat resumed>) = 5 [pid 15052] chdir("./533") = 0 [pid 15052] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15052] <... prctl resumed>) = 0 [pid 15052] setpgid(0, 0) = 0 [pid 15052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15043] <... futex resumed>) = 1 [pid 15040] <... futex resumed>) = 0 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15043] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15052] <... openat resumed>) = 3 [pid 15052] write(3, "1000", 4) = 4 [pid 15052] close(3) = 0 [pid 15052] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 15054 attached ./strace-static-x86_64: Process 15053 attached [pid 15052] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15052] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15052] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15057], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15057 [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 265.855342][T15047] loop1: detected capacity change from 0 to 2048 [ 265.876601][T15043] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/530/bus supports timestamps until 2038 (0x7fffffff) [ 265.887272][T15051] loop0: detected capacity change from 0 to 2048 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15054] set_robust_list(0x7f1c2a1159e0, 24 [pid 15053] set_robust_list(0x7f1c2a1159e0, 24 [pid 15054] <... set_robust_list resumed>) = 0 [pid 15053] <... set_robust_list resumed>) = 0 [pid 15054] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15053] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15043] <... write resumed>) = 196608 ./strace-static-x86_64: Process 15057 attached [pid 15057] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15057] memfd_create("syzkaller", 0) = 3 [pid 15057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15057] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15057] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15057] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15057] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15057] close(3) = 0 [pid 15057] mkdir("./bus", 0777) = 0 [pid 15057] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15037] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15036] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15037] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15036] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15037] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15036] <... futex resumed>) = 0 [pid 15037] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 15036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15037] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 15036] <... mmap resumed>) = 0x7f1c2a0d4000 [pid 15037] <... mprotect resumed>) = 0 [pid 15036] mprotect(0x7f1c2a0d5000, 131072, PROT_READ|PROT_WRITE [pid 15037] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15036] <... mprotect resumed>) = 0 [pid 15036] clone(child_stack=0x7f1c2a0f43f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15037] <... clone resumed>, parent_tid=[15060], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 15060 [pid 15037] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15036] <... clone resumed>, parent_tid=[15061], tls=0x7f1c2a0f4700, child_tidptr=0x7f1c2a0f49d0) = 15061 [pid 15037] <... futex resumed>) = 0 [pid 15036] futex(0x7f1c3250f7c8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15061 attached [pid 15061] set_robust_list(0x7f1c2a0f49e0, 24) = 0 [pid 15061] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15040] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15043] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15037] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15036] <... futex resumed>) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15036] futex(0x7f1c3250f7cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15043] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15040] <... futex resumed>) = 0 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... futex resumed>) = 1 [pid 15043] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15040] <... futex resumed>) = 0 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... futex resumed>) = 1 [ 265.931381][T15054] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 265.942827][T15057] loop5: detected capacity change from 0 to 2048 [ 265.945838][T15053] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15043] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 15060 attached [pid 15060] set_robust_list(0x7f1c2a0f49e0, 24) = 0 [pid 15060] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15051] <... mount resumed>) = 0 [pid 15047] <... mount resumed>) = 0 [pid 15039] <... write resumed>) = 1048576 [pid 15038] <... write resumed>) = 1048576 [pid 15051] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15051] chdir("./bus") = 0 [pid 15051] ioctl(4, LOOP_CLR_FD) = 0 [pid 15051] close(4) = 0 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15049] <... futex resumed>) = 0 [pid 15051] chdir("./file0" [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15051] <... chdir resumed>) = 0 [pid 15049] <... futex resumed>) = 0 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15051] <... futex resumed>) = 0 [pid 15049] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15051] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15038] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15038] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15039] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15039] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15051] <... open resumed>) = 4 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15049] <... futex resumed>) = 0 [pid 15051] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15051] <... openat resumed>) = 5 [pid 15049] <... futex resumed>) = 0 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15051] <... futex resumed>) = 0 [pid 15049] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15051] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15051] <... write resumed>) = 196608 [pid 15049] <... futex resumed>) = 0 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15051] <... futex resumed>) = 0 [pid 15049] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15051] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15051] <... mount resumed>) = 0 [pid 15049] <... futex resumed>) = 0 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15051] <... futex resumed>) = 0 [pid 15049] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15051] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15051] <... open resumed>) = 6 [pid 15049] <... futex resumed>) = 0 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15051] <... futex resumed>) = 0 [pid 15049] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15051] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15043] <... write resumed>) = 1048576 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15061] <... openat resumed>) = 8 [pid 15054] <... openat resumed>) = 7 [pid 15043] <... futex resumed>) = 1 [pid 15040] <... futex resumed>) = 0 [pid 15061] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15054] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15061] <... futex resumed>) = 1 [pid 15054] <... futex resumed>) = 0 [pid 15061] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15054] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15060] <... openat resumed>) = 8 [pid 15060] futex(0x7f1c3250f7cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 265.977533][T15047] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/535/bus supports timestamps until 2038 (0x7fffffff) [ 265.988328][T15051] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/530/bus supports timestamps until 2038 (0x7fffffff) [ 265.994794][T15054] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 266.008985][T15053] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 15060] futex(0x7f1c3250f7c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15053] <... openat resumed>) = 7 [pid 15043] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15037] <... futex resumed>) = 0 [pid 15036] <... futex resumed>) = 0 [pid 15043] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15040] <... futex resumed>) = 0 [pid 15043] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15036] exit_group(0 [pid 15053] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15053] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15047] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15047] chdir("./bus") = 0 [pid 15047] ioctl(4, LOOP_CLR_FD) = 0 [pid 15047] close(4) = 0 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] chdir("./file0") = 0 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15039] <... futex resumed>) = ? [pid 15036] <... exit_group resumed>) = ? [pid 15061] <... futex resumed>) = ? [pid 15054] <... futex resumed>) = ? [pid 15061] +++ exited with 0 +++ [pid 15054] +++ exited with 0 +++ [pid 15039] +++ exited with 0 +++ [pid 15037] exit_group(0 [pid 15036] +++ exited with 0 +++ [pid 15060] <... futex resumed>) = ? [pid 15053] <... futex resumed>) = ? [pid 15038] <... futex resumed>) = ? [pid 15037] <... exit_group resumed>) = ? [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15036, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15060] +++ exited with 0 +++ [pid 15053] +++ exited with 0 +++ [pid 15038] +++ exited with 0 +++ [pid 15037] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15037, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] umount2("./535", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./539", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] lstat("./535/binderfs", [pid 410] <... openat resumed>) = 3 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] fstat(3, [pid 411] unlink("./535/binderfs" [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... unlink resumed>) = 0 [pid 410] getdents64(3, [pid 411] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./539/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./539/binderfs") = 0 [pid 410] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15047] <... open resumed>) = 4 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15046] <... futex resumed>) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15047] <... futex resumed>) = 1 [pid 15047] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15051] <... write resumed>) = 1048576 [pid 411] <... umount2 resumed>) = 0 [pid 15049] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15049] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15049] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15049] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15064], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15064 [pid 15049] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15049] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15051] <... futex resumed>) = 0 [pid 411] lstat("./535/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15051] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./535/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, ./strace-static-x86_64: Process 15064 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 266.025728][T15043] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.052039][T15043] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 15064] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15064] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15057] <... mount resumed>) = 0 [pid 15047] <... write resumed>) = 1048576 [pid 15043] <... openat resumed>) = 7 [pid 15040] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] getdents64(4, [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15040] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15047] <... futex resumed>) = 1 [pid 15043] <... futex resumed>) = 0 [pid 15040] <... futex resumed>) = 0 [pid 411] getdents64(4, [pid 15047] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15043] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15040] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15043] <... openat resumed>) = 8 [pid 411] close(4 [pid 15043] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... close resumed>) = 0 [pid 15043] <... futex resumed>) = 1 [pid 15040] <... futex resumed>) = 0 [pid 411] rmdir("./535/bus" [pid 15043] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15040] exit_group(0 [pid 411] <... rmdir resumed>) = 0 [pid 15043] <... futex resumed>) = ? [pid 15040] <... exit_group resumed>) = ? [pid 411] getdents64(3, [pid 15043] +++ exited with 0 +++ [pid 15040] +++ exited with 0 +++ [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15040, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] <... close resumed>) = 0 [pid 411] rmdir("./535") = 0 [pid 409] umount2("./530", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] mkdir("./536", 0777 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15046] <... futex resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "./530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 409] <... openat resumed>) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15046] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15046] <... futex resumed>) = 1 [pid 15047] <... futex resumed>) = 0 [pid 409] umount2("./530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15057] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15047] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15046] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15057] <... openat resumed>) = 3 [pid 15057] chdir("./bus") = 0 [pid 15057] ioctl(4, LOOP_CLR_FD) = 0 [pid 15057] close(4) = 0 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15052] <... futex resumed>) = 0 [pid 15057] chdir("./file0" [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15057] <... chdir resumed>) = 0 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15052] <... futex resumed>) = 0 [pid 15049] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15057] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15049] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... open resumed>) = 4 [pid 15049] <... futex resumed>) = 1 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15049] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15057] <... futex resumed>) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15052] <... futex resumed>) = 0 [pid 15057] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15057] <... openat resumed>) = 5 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15052] <... futex resumed>) = 0 [pid 15057] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15057] <... write resumed>) = 196608 [pid 15051] <... futex resumed>) = 0 [pid 409] lstat("./530/binderfs", [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15051] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15057] <... futex resumed>) = 1 [pid 15052] <... futex resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] unlink("./530/binderfs" [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15052] <... futex resumed>) = 0 [pid 15057] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... unlink resumed>) = 0 [pid 15057] <... mount resumed>) = 0 [pid 409] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15052] <... futex resumed>) = 0 [pid 15057] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15057] <... open resumed>) = 6 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15057] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 266.079824][T15057] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/533/bus supports timestamps until 2038 (0x7fffffff) [ 266.084129][T15064] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.106729][T15064] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 266.107435][T15047] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15052] <... futex resumed>) = 0 [pid 15057] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15064] <... openat resumed>) = 7 [pid 15064] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15064] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15051] <... openat resumed>) = 8 [pid 15057] <... write resumed>) = 1048576 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15052] <... futex resumed>) = 0 [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15057] <... futex resumed>) = 1 [pid 15057] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15051] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 410] <... umount2 resumed>) = 0 [pid 15051] <... futex resumed>) = 1 [pid 15049] <... futex resumed>) = 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 410] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15051] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15049] exit_group(0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15064] <... futex resumed>) = ? [pid 15051] <... futex resumed>) = ? [pid 15049] <... exit_group resumed>) = ? [pid 411] close(3 [pid 410] lstat("./539/bus", [pid 15064] +++ exited with 0 +++ [pid 15051] +++ exited with 0 +++ [pid 15049] +++ exited with 0 +++ [pid 409] <... umount2 resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15049, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15046] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15046] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15066 [pid 410] openat(AT_FDCWD, "./539/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15046] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 4 [pid 409] lstat("./530/bus", [pid 407] umount2("./530", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15046] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] fstat(4, [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15046] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15046] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15046] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] getdents64(4, [pid 15046] <... clone resumed>, parent_tid=[15067], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15067 [pid 407] <... openat resumed>) = 3 [pid 15046] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] fstat(3, [pid 15046] <... futex resumed>) = 0 [pid 410] getdents64(4, [pid 409] openat(AT_FDCWD, "./530/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15046] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... openat resumed>) = 4 [pid 407] getdents64(3, [pid 15047] <... openat resumed>) = 7 [pid 15047] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15047] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15066 attached [pid 15066] set_robust_list(0x555555f755e0, 24) = 0 [pid 15066] chdir("./536") = 0 [pid 15066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15066] setpgid(0, 0) = 0 [pid 15066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15066] write(3, "1000", 4) = 4 [pid 15066] close(3) = 0 [pid 15066] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15066] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15066] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15066] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15068], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15068 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15068 attached [pid 15068] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15068] memfd_create("syzkaller", 0) = 3 [pid 15068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 ./strace-static-x86_64: Process 15067 attached [pid 410] close(4 [pid 409] fstat(4, [pid 407] umount2("./530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15067] set_robust_list(0x7f1c2a1159e0, 24 [pid 410] <... close resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] rmdir("./539/bus" [pid 409] getdents64(4, [pid 407] lstat("./530/binderfs", [pid 15067] <... set_robust_list resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 15067] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15057] <... openat resumed>) = 7 [pid 410] getdents64(3, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15067] <... openat resumed>) = 8 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] getdents64(4, [pid 407] unlink("./530/binderfs" [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15067] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(3 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15067] <... futex resumed>) = 1 [pid 15046] <... futex resumed>) = 0 [pid 15057] <... futex resumed>) = 1 [pid 410] <... close resumed>) = 0 [pid 409] close(4 [pid 407] <... unlink resumed>) = 0 [pid 15067] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15046] exit_group(0 [pid 410] rmdir("./539" [pid 409] <... close resumed>) = 0 [pid 407] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15067] <... futex resumed>) = ? [pid 15046] <... exit_group resumed>) = ? [pid 15052] <... futex resumed>) = 0 [pid 15047] <... futex resumed>) = ? [pid 410] <... rmdir resumed>) = 0 [pid 409] rmdir("./530/bus" [pid 15052] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15047] +++ exited with 0 +++ [pid 409] <... rmdir resumed>) = 0 [pid 15052] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] mkdir("./540", 0777 [pid 409] close(3) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 409] rmdir("./530" [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./531", 0777 [pid 410] <... openat resumed>) = 3 [pid 409] <... mkdir resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 410] <... close resumed>) = 0 [pid 15068] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... openat resumed>) = 3 [pid 409] ioctl(3, LOOP_CLR_FD [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15069 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15067] +++ exited with 0 +++ [pid 15046] +++ exited with 0 +++ [pid 409] close(3 [pid 15068] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 15069 attached [pid 15069] set_robust_list(0x555555f755e0, 24) = 0 [pid 15069] chdir("./540" [pid 15068] munmap(0x7f1c2a016000, 1048576 [pid 409] <... close resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15046, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 15069] <... chdir resumed>) = 0 [pid 15069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15069] setpgid(0, 0 [pid 15068] <... munmap resumed>) = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15070 [pid 408] umount2("./535", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, [pid 15069] <... setpgid resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./535/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./535/binderfs") = 0 [pid 408] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15068] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 266.137462][T15047] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 266.150304][T15057] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.172822][T15057] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 15068] ioctl(4, LOOP_SET_FD, 3 [pid 15057] <... futex resumed>) = 0 [pid 15069] <... openat resumed>) = 3 [pid 15069] write(3, "1000", 4) = 4 [pid 15069] close(3) = 0 [pid 15069] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15069] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15069] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15071], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15071 [pid 15057] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15071 attached ./strace-static-x86_64: Process 15070 attached [pid 15057] <... openat resumed>) = 8 [pid 15069] <... futex resumed>) = 0 [pid 15070] set_robust_list(0x555555f755e0, 24 [pid 15071] set_robust_list(0x7f1c324369e0, 24 [pid 15070] <... set_robust_list resumed>) = 0 [pid 15057] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15068] <... ioctl resumed>) = 0 [pid 15068] close(3 [pid 15071] <... set_robust_list resumed>) = 0 [pid 15070] chdir("./531" [pid 15068] <... close resumed>) = 0 [pid 15057] <... futex resumed>) = 1 [pid 15052] <... futex resumed>) = 0 [pid 15071] memfd_create("syzkaller", 0 [pid 15070] <... chdir resumed>) = 0 [pid 15057] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15052] exit_group(0 [pid 15071] <... memfd_create resumed>) = 3 [pid 15070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15057] <... futex resumed>) = ? [pid 15052] <... exit_group resumed>) = ? [pid 15071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15070] <... prctl resumed>) = 0 [pid 15068] mkdir("./bus", 0777 [pid 15057] +++ exited with 0 +++ [pid 15052] +++ exited with 0 +++ [pid 15068] <... mkdir resumed>) = 0 [pid 15068] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15071] <... mmap resumed>) = 0x7f1c2a016000 [pid 15070] setpgid(0, 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15052, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15070] <... setpgid resumed>) = 0 [pid 15070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15070] write(3, "1000", 4) = 4 [pid 15070] close(3) = 0 [pid 15070] symlink("/dev/binderfs", "./binderfs" [pid 15071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15070] <... symlink resumed>) = 0 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15070] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] umount2("./533", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15070] <... mmap resumed>) = 0x7f1c32416000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15070] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 412] openat(AT_FDCWD, "./533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = 0 [pid 15070] <... mprotect resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 15070] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15070] <... clone resumed>, parent_tid=[15072], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15072 [pid 412] getdents64(3, [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15070] <... futex resumed>) = 0 [pid 412] umount2("./533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = 0 [pid 407] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] lstat("./533/binderfs", [pid 408] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] unlink("./533/binderfs" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... unlink resumed>) = 0 [pid 412] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] lstat("./535/bus", [pid 407] lstat("./530/bus", [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./530/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15071] <... write resumed>) = 1048576 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./535/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] openat(AT_FDCWD, "./530/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15071] munmap(0x7f1c2a016000, 1048576) = 0 [pid 408] <... openat resumed>) = 4 [pid 407] <... openat resumed>) = 4 [pid 408] fstat(4, [pid 15071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] fstat(4, [pid 408] getdents64(4, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] close(4 [pid 407] getdents64(4, [pid 408] <... close resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] rmdir("./535/bus" [pid 407] close(4 [pid 15071] <... openat resumed>) = 4 [pid 408] <... rmdir resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 408] getdents64(3, [pid 407] rmdir("./530/bus" [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15071] ioctl(4, LOOP_SET_FD, 3 [pid 408] close(3 [pid 407] <... rmdir resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 407] getdents64(3, [pid 408] rmdir("./535" [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 407] close(3./strace-static-x86_64: Process 15072 attached [pid 408] mkdir("./536", 0777 [pid 407] <... close resumed>) = 0 [pid 15071] <... ioctl resumed>) = 0 [pid 15071] close(3) = 0 [pid 15071] mkdir("./bus", 0777) = 0 [pid 15071] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15072] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15072] memfd_create("syzkaller", 0) = 3 [pid 15072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 266.199127][T15068] loop4: detected capacity change from 0 to 2048 [ 266.234514][T15071] loop3: detected capacity change from 0 to 2048 [pid 15072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] <... mkdir resumed>) = 0 [pid 407] rmdir("./530" [pid 15068] <... mount resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 407] <... rmdir resumed>) = 0 [pid 15072] <... write resumed>) = 1048576 [pid 15068] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 408] <... openat resumed>) = 3 [pid 407] mkdir("./531", 0777 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] <... mkdir resumed>) = 0 [pid 408] close(3 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 408] <... close resumed>) = 0 [pid 15072] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15072] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 15072] ioctl(4, LOOP_SET_FD, 3 [pid 15068] <... openat resumed>) = 3 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... openat resumed>) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15075 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15076 ./strace-static-x86_64: Process 15076 attached ./strace-static-x86_64: Process 15075 attached [pid 15072] <... ioctl resumed>) = 0 [pid 15068] chdir("./bus") = 0 [pid 15068] ioctl(4, LOOP_CLR_FD [pid 15072] close(3 [pid 15068] <... ioctl resumed>) = 0 [pid 15072] <... close resumed>) = 0 [pid 15068] close(4 [pid 15072] mkdir("./bus", 0777 [pid 15068] <... close resumed>) = 0 [pid 15072] <... mkdir resumed>) = 0 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15066] <... futex resumed>) = 0 [pid 15072] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15068] chdir("./file0" [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = 0 [pid 15068] <... chdir resumed>) = 0 [pid 15066] <... futex resumed>) = 0 [pid 412] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15068] <... futex resumed>) = 0 [pid 15066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] lstat("./533/bus", [pid 15068] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15066] <... futex resumed>) = 0 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15075] set_robust_list(0x555555f755e0, 24) = 0 [pid 15075] chdir("./536" [pid 412] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15075] <... chdir resumed>) = 0 [pid 15075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15075] setpgid(0, 0) = 0 [pid 15075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15075] write(3, "1000", 4) = 4 [pid 15075] close(3) = 0 [pid 15075] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15075] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15075] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15079], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15079 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15076] set_robust_list(0x555555f755e0, 24) = 0 [pid 15076] chdir("./531") = 0 [pid 15076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15076] setpgid(0, 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15076] <... setpgid resumed>) = 0 [pid 15076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15076] write(3, "1000", 4) = 4 [pid 412] openat(AT_FDCWD, "./533/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15076] close(3) = 0 [pid 15068] <... open resumed>) = 4 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 4 [pid 15076] symlink("/dev/binderfs", "./binderfs" [pid 15068] <... futex resumed>) = 1 [pid 15066] <... futex resumed>) = 0 [pid 412] fstat(4, [pid 15076] <... symlink resumed>) = 0 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15076] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15076] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15068] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15076] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15066] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 15068] <... openat resumed>) = 5 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15076] <... clone resumed>, parent_tid=[15081], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15081 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] getdents64(4, [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15068] <... futex resumed>) = 0 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15076] <... futex resumed>) = 0 [pid 15068] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15066] <... futex resumed>) = 0 [pid 412] close(4 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15071] <... mount resumed>) = 0 [pid 15071] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15071] chdir("./bus") = 0 [pid 15071] ioctl(4, LOOP_CLR_FD) = 0 [pid 15068] <... write resumed>) = 196608 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... close resumed>) = 0 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] rmdir("./533/bus" [pid 15071] close(4 [pid 412] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 15079 attached [pid 15079] set_robust_list(0x7f1c324369e0, 24 [pid 412] getdents64(3, [pid 15079] <... set_robust_list resumed>) = 0 [pid 15079] memfd_create("syzkaller", 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15079] <... memfd_create resumed>) = 3 [pid 412] close(3 [pid 15066] <... futex resumed>) = 0 [pid 15068] <... futex resumed>) = 1 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... close resumed>) = 0 [pid 15079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15066] <... futex resumed>) = 0 [pid 412] rmdir("./533" [pid 15068] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... rmdir resumed>) = 0 [pid 412] mkdir("./534", 0777 [pid 15068] <... mount resumed>) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 15068] <... futex resumed>) = 1 [pid 15066] <... futex resumed>) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] close(3 [pid 15068] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15066] <... futex resumed>) = 0 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15068] <... open resumed>) = 6 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15082 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15066] <... futex resumed>) = 0 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15068] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15066] <... futex resumed>) = 0 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15082 attached [pid 15082] set_robust_list(0x555555f755e0, 24) = 0 [pid 15082] chdir("./534") = 0 [pid 15082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15082] setpgid(0, 0) = 0 [pid 15082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15082] write(3, "1000", 4) = 4 [pid 15082] close(3) = 0 [pid 15082] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15082] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15082] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15071] <... close resumed>) = 0 [ 266.239087][T15068] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/536/bus supports timestamps until 2038 (0x7fffffff) [ 266.262946][T15072] loop2: detected capacity change from 0 to 2048 [ 266.278376][T15071] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/540/bus supports timestamps until 2038 (0x7fffffff) [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15083 attached ./strace-static-x86_64: Process 15081 attached [pid 15079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15068] <... write resumed>) = 1048576 [pid 15082] <... clone resumed>, parent_tid=[15083], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15083 [pid 15081] set_robust_list(0x7f1c324369e0, 24 [pid 15079] <... write resumed>) = 1048576 [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15081] <... set_robust_list resumed>) = 0 [pid 15082] <... futex resumed>) = 0 [pid 15081] memfd_create("syzkaller", 0 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15081] <... memfd_create resumed>) = 3 [pid 15081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15083] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15083] memfd_create("syzkaller", 0) = 3 [pid 15083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15081] <... write resumed>) = 1048576 [pid 15079] munmap(0x7f1c2a016000, 1048576 [pid 15072] <... mount resumed>) = 0 [pid 15071] <... futex resumed>) = 1 [pid 15069] <... futex resumed>) = 0 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15079] <... munmap resumed>) = 0 [pid 15071] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15068] <... futex resumed>) = 1 [pid 15066] <... futex resumed>) = 0 [pid 15079] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15069] <... futex resumed>) = 0 [pid 15068] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15081] munmap(0x7f1c2a016000, 1048576 [pid 15079] <... openat resumed>) = 4 [pid 15072] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15071] chdir("./file0" [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15066] <... futex resumed>) = 0 [pid 15081] <... munmap resumed>) = 0 [pid 15079] ioctl(4, LOOP_SET_FD, 3 [pid 15081] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15071] <... chdir resumed>) = 0 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] <... openat resumed>) = 4 [ 266.319360][T15072] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/531/bus supports timestamps until 2038 (0x7fffffff) [ 266.336622][T15068] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.336949][T15079] loop1: detected capacity change from 0 to 2048 [ 266.351228][T15068] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 15081] ioctl(4, LOOP_SET_FD, 3 [pid 15083] <... write resumed>) = 1048576 [pid 15072] <... openat resumed>) = 3 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15069] <... futex resumed>) = 0 [pid 15072] chdir("./bus" [pid 15071] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] <... chdir resumed>) = 0 [pid 15071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15069] <... futex resumed>) = 0 [pid 15072] ioctl(4, LOOP_CLR_FD [pid 15071] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15072] <... ioctl resumed>) = 0 [pid 15071] <... open resumed>) = 4 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15069] <... futex resumed>) = 0 [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15069] <... futex resumed>) = 0 [pid 15071] <... openat resumed>) = 5 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15069] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15071] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15069] <... futex resumed>) = 0 [pid 15081] <... ioctl resumed>) = 0 [pid 15081] close(3) = 0 [pid 15081] mkdir("./bus", 0777) = 0 [pid 15081] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15071] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15072] close(4 [pid 15079] <... ioctl resumed>) = 0 [pid 15079] close(3) = 0 [pid 15079] mkdir("./bus", 0777) = 0 [pid 15079] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15083] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15083] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15071] <... write resumed>) = 196608 [pid 15072] <... close resumed>) = 0 [pid 15083] <... openat resumed>) = 4 [pid 15083] ioctl(4, LOOP_SET_FD, 3 [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15070] <... futex resumed>) = 0 [pid 15072] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15070] <... futex resumed>) = 0 [pid 15072] chdir("./file0" [pid 15071] <... futex resumed>) = 1 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15069] <... futex resumed>) = 0 [pid 15072] <... chdir resumed>) = 0 [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15069] <... futex resumed>) = 0 [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15072] <... futex resumed>) = 1 [pid 15071] <... mount resumed>) = 0 [pid 15070] <... futex resumed>) = 0 [pid 15072] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15070] <... futex resumed>) = 0 [pid 15072] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15071] <... futex resumed>) = 1 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15069] <... futex resumed>) = 0 [pid 15068] <... openat resumed>) = 7 [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15072] <... open resumed>) = 4 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] <... futex resumed>) = 1 [pid 15070] <... futex resumed>) = 0 [pid 15071] <... open resumed>) = 6 [pid 15072] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15066] <... futex resumed>) = 0 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] <... futex resumed>) = 0 [pid 15068] <... futex resumed>) = 1 [pid 15066] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15066] <... futex resumed>) = 0 [pid 15072] <... openat resumed>) = 5 [pid 15071] <... futex resumed>) = 1 [pid 15069] <... futex resumed>) = 0 [pid 15068] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15066] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15083] <... ioctl resumed>) = 0 [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15068] <... openat resumed>) = 8 [pid 15069] <... futex resumed>) = 0 [pid 15068] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15068] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15083] close(3) = 0 [pid 15083] mkdir("./bus", 0777) = 0 [pid 15083] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15066] <... futex resumed>) = 0 [pid 15070] <... futex resumed>) = 0 [pid 15072] <... futex resumed>) = 1 [pid 15066] exit_group(0 [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15066] <... exit_group resumed>) = ? [pid 15072] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15070] <... futex resumed>) = 0 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15072] <... write resumed>) = 196608 [pid 15068] <... futex resumed>) = ? [pid 15068] +++ exited with 0 +++ [pid 15066] +++ exited with 0 +++ [pid 15079] <... mount resumed>) = 0 [pid 15079] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15079] chdir("./bus") = 0 [pid 15079] ioctl(4, LOOP_CLR_FD) = 0 [pid 15079] close(4) = 0 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... futex resumed>) = 1 [pid 15079] chdir("./file0") = 0 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... futex resumed>) = 1 [pid 15079] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15072] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15066, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [ 266.357469][T15081] loop0: detected capacity change from 0 to 2048 [ 266.384644][T15083] loop5: detected capacity change from 0 to 2048 [ 266.401614][T15079] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/536/bus supports timestamps until 2038 (0x7fffffff) [pid 411] umount2("./536", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./536/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./536/binderfs") = 0 [pid 411] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15070] <... futex resumed>) = 0 [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15072] <... futex resumed>) = 0 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... open resumed>) = 4 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... futex resumed>) = 1 [pid 15079] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 411] <... umount2 resumed>) = 0 [pid 15072] <... mount resumed>) = 0 [pid 411] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15072] <... futex resumed>) = 1 [pid 15070] <... futex resumed>) = 0 [pid 411] lstat("./536/bus", [pid 15072] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15070] <... futex resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15072] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15072] <... open resumed>) = 6 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./536/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15072] <... futex resumed>) = 1 [pid 15070] <... futex resumed>) = 0 [pid 15072] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 4 [pid 15070] <... futex resumed>) = 0 [pid 15072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] fstat(4, [pid 15072] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15079] <... futex resumed>) = 1 [pid 15075] <... futex resumed>) = 0 [pid 15079] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15079] <... write resumed>) = 196608 [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./536/bus" [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... futex resumed>) = 1 [pid 15079] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... futex resumed>) = 1 [pid 15079] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 411] <... rmdir resumed>) = 0 [pid 411] getdents64(3, [pid 15079] <... open resumed>) = 6 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 15079] <... futex resumed>) = 1 [pid 15075] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 15079] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 266.412171][T15081] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/531/bus supports timestamps until 2038 (0x7fffffff) [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15069] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] rmdir("./536" [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] <... mount resumed>) = 0 [pid 15081] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15081] chdir("./bus") = 0 [pid 15081] ioctl(4, LOOP_CLR_FD) = 0 [pid 15081] close(4) = 0 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15076] <... futex resumed>) = 0 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] <... futex resumed>) = 1 [pid 15081] chdir("./file0") = 0 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15076] <... futex resumed>) = 0 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] <... futex resumed>) = 1 [pid 15081] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15069] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15083] <... mount resumed>) = 0 [pid 15083] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15083] chdir("./bus") = 0 [pid 15083] ioctl(4, LOOP_CLR_FD) = 0 [pid 15083] close(4) = 0 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15082] <... futex resumed>) = 0 [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15083] <... futex resumed>) = 1 [pid 15083] chdir("./file0") = 0 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15082] <... futex resumed>) = 0 [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15083] <... futex resumed>) = 1 [pid 15083] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 411] <... rmdir resumed>) = 0 [pid 411] mkdir("./537", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15069] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15071] <... write resumed>) = 1048576 [pid 15069] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15081] <... open resumed>) = 4 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15069] <... mprotect resumed>) = 0 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] <... futex resumed>) = 0 [pid 15069] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15071] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15081] <... futex resumed>) = 1 [pid 15076] <... futex resumed>) = 0 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15069] <... clone resumed>, parent_tid=[15091], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15091 [pid 15081] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 15091 attached [pid 15076] <... futex resumed>) = 0 [pid 15069] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15091] set_robust_list(0x7f1c2a1159e0, 24 [pid 15081] <... openat resumed>) = 5 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15069] <... futex resumed>) = 0 [pid 15091] <... set_robust_list resumed>) = 0 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15069] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15091] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15081] <... futex resumed>) = 0 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... open resumed>) = 4 [pid 15081] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15076] <... futex resumed>) = 0 [pid 15081] <... write resumed>) = 196608 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] <... futex resumed>) = 0 [pid 15076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15076] <... futex resumed>) = 0 [pid 15082] <... futex resumed>) = 0 [pid 15081] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15083] <... futex resumed>) = 1 [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15082] <... futex resumed>) = 0 [pid 15081] <... mount resumed>) = 0 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... openat resumed>) = 5 [pid 15081] <... futex resumed>) = 1 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15076] <... futex resumed>) = 0 [pid 15081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... futex resumed>) = 1 [pid 15082] <... futex resumed>) = 0 [pid 15081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15076] <... futex resumed>) = 0 [pid 15083] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15081] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15079] <... write resumed>) = 1048576 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15075] <... futex resumed>) = 0 [pid 15075] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... futex resumed>) = 1 [ 266.448584][T15083] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/534/bus supports timestamps until 2038 (0x7fffffff) [ 266.479252][T15091] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15079] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15083] <... write resumed>) = 196608 [pid 15082] <... futex resumed>) = 0 [pid 15081] <... open resumed>) = 6 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15072] <... write resumed>) = 1048576 [pid 15070] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15083] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... futex resumed>) = 0 [pid 15082] <... futex resumed>) = 1 [pid 15083] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15083] <... mount resumed>) = 0 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15082] <... futex resumed>) = 0 [pid 15083] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... open resumed>) = 6 [pid 15082] <... futex resumed>) = 0 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15083] <... futex resumed>) = 0 [pid 15082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15083] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15092 [pid 15081] <... futex resumed>) = 0 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15072] <... futex resumed>) = 0 [pid 15070] <... futex resumed>) = 0 [pid 15072] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15070] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15076] <... futex resumed>) = 0 [pid 15081] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15075] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15069] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15069] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] <... futex resumed>) = 0 [pid 15069] <... futex resumed>) = 1 [pid 15071] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15069] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15075] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15075] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15075] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15093], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15093 [pid 15075] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15075] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] <... openat resumed>) = 7 [pid 15079] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15083] <... write resumed>) = 1048576 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15082] <... futex resumed>) = 0 [pid 15083] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15082] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15082] <... futex resumed>) = 0 [pid 15083] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15082] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15079] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15092 attached [pid 15092] set_robust_list(0x555555f755e0, 24) = 0 [ 266.485928][T15079] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.495296][T15091] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 266.520810][T15072] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.521872][T15079] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 15092] chdir("./537") = 0 [pid 15092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15092] setpgid(0, 0) = 0 [pid 15092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15092] write(3, "1000", 4) = 4 [pid 15092] close(3) = 0 [pid 15092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15092] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15092] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15094], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15094 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15094 attached [pid 15094] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15094] memfd_create("syzkaller", 0) = 3 [pid 15094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15091] <... openat resumed>) = 7 [pid 15071] <... openat resumed>) = 8 [pid 15091] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15071] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15091] <... futex resumed>) = 0 [pid 15071] <... futex resumed>) = 1 [pid 15069] <... futex resumed>) = 0 [pid 15071] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15091] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15069] exit_group(0 [pid 15091] <... futex resumed>) = ? [pid 15071] <... futex resumed>) = ? [pid 15069] <... exit_group resumed>) = ? [pid 15091] +++ exited with 0 +++ [pid 15071] +++ exited with 0 +++ [pid 15069] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15069, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] umount2("./540", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./540/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./540/binderfs") = 0 [pid 410] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15094] <... write resumed>) = 1048576 [pid 15094] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 15094] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15093 attached [pid 15093] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15093] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15093] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15075] <... futex resumed>) = 0 [pid 15075] exit_group(0 [pid 15079] <... futex resumed>) = ? [pid 15075] <... exit_group resumed>) = ? [pid 15079] +++ exited with 0 +++ [pid 15093] <... futex resumed>) = ? [pid 15093] +++ exited with 0 +++ [pid 15075] +++ exited with 0 +++ [pid 15081] <... write resumed>) = 1048576 [pid 15072] <... openat resumed>) = 7 [pid 15070] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15075, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15081] <... futex resumed>) = 1 [pid 15076] <... futex resumed>) = 0 [pid 15070] <... futex resumed>) = 0 [pid 15081] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15094] <... ioctl resumed>) = 0 [pid 15076] <... futex resumed>) = 0 [pid 15072] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] umount2("./536", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./536/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./536/binderfs") = 0 [pid 408] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15072] <... futex resumed>) = 0 [pid 15072] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15094] close(3) = 0 [pid 15094] mkdir("./bus", 0777) = 0 [ 266.549326][T15083] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.576089][T15072] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 266.579253][T15094] loop4: detected capacity change from 0 to 2048 [pid 15094] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15070] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15082] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15070] <... mprotect resumed>) = 0 [pid 15082] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15070] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15082] <... futex resumed>) = 0 [pid 15082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15070] <... clone resumed>, parent_tid=[15095], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15095 [pid 15082] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15070] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15082] <... mprotect resumed>) = 0 [pid 15070] <... futex resumed>) = 0 [pid 15082] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15070] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15082] <... clone resumed>, parent_tid=[15096], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15096 [pid 15082] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15083] <... openat resumed>) = 7 [pid 15083] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15083] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15095 attached [pid 15095] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15095] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15082] <... futex resumed>) = 0 [pid 15082] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15095] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15095] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15096 attached [pid 15096] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15096] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15096] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15096] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15082] exit_group(0 [pid 15083] <... futex resumed>) = ? [pid 15082] <... exit_group resumed>) = ? [pid 15083] +++ exited with 0 +++ [pid 15096] <... futex resumed>) = ? [pid 15096] +++ exited with 0 +++ [pid 15082] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15082, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 412] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 15070] <... futex resumed>) = 0 [pid 412] umount2("./534", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./534/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./534/binderfs") = 0 [pid 15070] exit_group(0 [pid 412] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15095] <... futex resumed>) = ? [pid 15072] <... futex resumed>) = ? [pid 15070] <... exit_group resumed>) = ? [pid 410] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15095] +++ exited with 0 +++ [pid 15081] <... openat resumed>) = 7 [pid 15072] +++ exited with 0 +++ [pid 15070] +++ exited with 0 +++ [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./540/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15070, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./531", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./540/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] openat(AT_FDCWD, "./531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... openat resumed>) = 4 [pid 409] <... openat resumed>) = 3 [pid 410] fstat(4, [pid 409] fstat(3, [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 409] getdents64(3, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] getdents64(4, [pid 409] umount2("./531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] close(4 [pid 409] lstat("./531/binderfs", [pid 410] <... close resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] rmdir("./540/bus" [pid 409] unlink("./531/binderfs" [pid 410] <... rmdir resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 410] getdents64(3, [pid 409] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./540") = 0 [pid 410] mkdir("./541", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15099 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15081] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15099 attached [ 266.589485][T15081] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.597478][T15083] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 266.618556][T15081] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 15099] set_robust_list(0x555555f755e0, 24) = 0 [pid 15076] <... futex resumed>) = 0 [pid 15076] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15076] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15081] <... futex resumed>) = 0 [pid 15081] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15081] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15076] <... futex resumed>) = 0 [pid 15076] exit_group(0) = ? [pid 15081] +++ exited with 0 +++ [pid 15076] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15076, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./531", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./531/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./531/binderfs") = 0 [pid 407] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15094] <... mount resumed>) = 0 [pid 15094] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15094] chdir("./bus") = 0 [pid 15094] ioctl(4, LOOP_CLR_FD) = 0 [pid 15094] close(4) = 0 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15092] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15094] <... futex resumed>) = 1 [pid 15094] chdir("./file0" [pid 15099] chdir("./541") = 0 [pid 15099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15099] setpgid(0, 0) = 0 [pid 15099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15099] write(3, "1000", 4) = 4 [pid 15099] close(3) = 0 [pid 15099] symlink("/dev/binderfs", "./binderfs" [pid 408] <... umount2 resumed>) = 0 [pid 15099] <... symlink resumed>) = 0 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15099] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15099] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15100], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15100 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 408] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 15100 attached [pid 15100] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15100] memfd_create("syzkaller", 0) = 3 [pid 15100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 412] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 412] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15094] <... chdir resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./536/bus", [pid 407] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 412] lstat("./534/bus", [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] lstat("./531/bus", [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15092] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15094] <... futex resumed>) = 1 [pid 408] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] lstat("./531/bus", [pid 15094] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15092] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./536/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] openat(AT_FDCWD, "./534/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] openat(AT_FDCWD, "./531/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] umount2("./531/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... openat resumed>) = 4 [pid 409] <... openat resumed>) = 4 [pid 408] <... openat resumed>) = 4 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] fstat(4, [pid 409] fstat(4, [pid 408] fstat(4, [pid 407] openat(AT_FDCWD, "./531/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... openat resumed>) = 4 [pid 15094] <... open resumed>) = 4 [pid 412] getdents64(4, [pid 409] getdents64(4, [pid 408] getdents64(4, [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] fstat(4, [pid 15094] <... futex resumed>) = 1 [pid 15092] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 409] getdents64(4, [pid 408] getdents64(4, [pid 15094] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15092] <... futex resumed>) = 0 [pid 15094] <... openat resumed>) = 5 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] close(4 [pid 408] close(4 [pid 409] close(4 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15092] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... close resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 407] getdents64(4, [pid 15094] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] rmdir("./534/bus" [pid 409] <... close resumed>) = 0 [pid 408] rmdir("./536/bus" [pid 15092] <... futex resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 409] rmdir("./531/bus" [pid 408] <... rmdir resumed>) = 0 [pid 15094] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 407] getdents64(4, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] close(3 [pid 408] getdents64(3, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... close resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] rmdir("./534" [pid 409] getdents64(3, [pid 407] close(4 [pid 412] <... rmdir resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3 [pid 407] <... close resumed>) = 0 [pid 412] mkdir("./535", 0777 [pid 409] close(3 [pid 408] <... close resumed>) = 0 [pid 407] rmdir("./531/bus" [pid 412] <... mkdir resumed>) = 0 [pid 408] rmdir("./536" [pid 409] <... close resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 409] rmdir("./531" [pid 408] <... rmdir resumed>) = 0 [pid 407] getdents64(3, [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 409] <... rmdir resumed>) = 0 [pid 408] mkdir("./537", 0777 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 266.639539][T15094] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/537/bus supports timestamps until 2038 (0x7fffffff) [pid 409] mkdir("./532", 0777 [pid 412] close(3 [pid 408] <... mkdir resumed>) = 0 [pid 407] close(3 [pid 409] <... mkdir resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 407] <... close resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 408] ioctl(3, LOOP_CLR_FD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15101 [pid 409] <... openat resumed>) = 3 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] rmdir("./531" [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] close(3 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] <... rmdir resumed>) = 0 [pid 409] close(3 [pid 408] <... close resumed>) = 0 [pid 407] mkdir("./532", 0777 [pid 409] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... mkdir resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15102 [pid 407] <... openat resumed>) = 3 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15103 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 15094] <... write resumed>) = 196608 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... close resumed>) = 0 [pid 15100] <... write resumed>) = 1048576 [pid 15094] <... futex resumed>) = 1 [pid 15092] <... futex resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 15103 attached ./strace-static-x86_64: Process 15102 attached ./strace-static-x86_64: Process 15101 attached [pid 15100] munmap(0x7f1c2a016000, 1048576 [pid 15094] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15094] <... mount resumed>) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15104 [pid 15103] set_robust_list(0x555555f755e0, 24 [pid 15102] set_robust_list(0x555555f755e0, 24 [pid 15101] set_robust_list(0x555555f755e0, 24 [pid 15100] <... munmap resumed>) = 0 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15092] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15103] <... set_robust_list resumed>) = 0 [pid 15102] <... set_robust_list resumed>) = 0 [pid 15101] <... set_robust_list resumed>) = 0 [pid 15100] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15094] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15101] chdir("./535" [pid 15094] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15103] chdir("./532" [pid 15100] <... openat resumed>) = 4 [pid 15094] <... open resumed>) = 6 [pid 15103] <... chdir resumed>) = 0 [pid 15102] chdir("./537" [pid 15101] <... chdir resumed>) = 0 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15100] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15104 attached [pid 15103] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15102] <... chdir resumed>) = 0 [pid 15101] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15094] <... futex resumed>) = 1 [pid 15092] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15104] set_robust_list(0x555555f755e0, 24 [pid 15092] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15104] <... set_robust_list resumed>) = 0 [pid 15104] chdir("./532") = 0 [pid 15104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15094] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15104] setpgid(0, 0) = 0 [pid 15104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15104] write(3, "1000", 4) = 4 [pid 15104] close(3) = 0 [pid 15104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15104] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15104] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15105], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15105 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15105 attached [pid 15105] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15105] memfd_create("syzkaller", 0) = 3 [pid 15105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15101] <... prctl resumed>) = 0 [pid 15103] <... prctl resumed>) = 0 [pid 15103] setpgid(0, 0 [pid 15101] setpgid(0, 0 [pid 15103] <... setpgid resumed>) = 0 [pid 15102] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15101] <... setpgid resumed>) = 0 [pid 15101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15101] <... openat resumed>) = 3 [pid 15103] <... openat resumed>) = 3 [pid 15102] <... prctl resumed>) = 0 [pid 15101] write(3, "1000", 4) = 4 [pid 15103] write(3, "1000", 4 [pid 15102] setpgid(0, 0 [pid 15103] <... write resumed>) = 4 [pid 15102] <... setpgid resumed>) = 0 [pid 15101] close(3 [pid 15103] close(3 [pid 15101] <... close resumed>) = 0 [pid 15101] symlink("/dev/binderfs", "./binderfs" [pid 15103] <... close resumed>) = 0 [pid 15102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15101] <... symlink resumed>) = 0 [pid 15103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15102] <... openat resumed>) = 3 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] write(3, "1000", 4 [pid 15101] <... futex resumed>) = 0 [pid 15103] <... futex resumed>) = 0 [pid 15102] <... write resumed>) = 4 [pid 15101] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15102] close(3 [pid 15101] <... mmap resumed>) = 0x7f1c32416000 [pid 15101] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15103] <... mmap resumed>) = 0x7f1c32416000 [pid 15103] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15102] <... close resumed>) = 0 [pid 15101] <... mprotect resumed>) = 0 [pid 15103] <... mprotect resumed>) = 0 [pid 15102] symlink("/dev/binderfs", "./binderfs" [pid 15101] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15103] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15102] <... symlink resumed>) = 0 [pid 15101] <... clone resumed>, parent_tid=[15107], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15107 [pid 15103] <... clone resumed>, parent_tid=[15106], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15106 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 0 [pid 15101] <... futex resumed>) = 0 [pid 15102] <... futex resumed>) = 0 [pid 15100] <... ioctl resumed>) = 0 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15102] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15100] close(3 [pid 15102] <... mmap resumed>) = 0x7f1c32416000 [pid 15100] <... close resumed>) = 0 [pid 15102] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15100] mkdir("./bus", 0777 [pid 15102] <... mprotect resumed>) = 0 [pid 15102] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15108], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15108 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15100] <... mkdir resumed>) = 0 [pid 15100] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15107 attached [pid 15107] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15107] memfd_create("syzkaller", 0) = 3 [pid 15107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 15106 attached [pid 15106] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15106] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 15108 attached [pid 15094] <... write resumed>) = 1048576 [pid 15108] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15108] memfd_create("syzkaller", 0 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15108] <... memfd_create resumed>) = 3 [pid 15108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15094] <... futex resumed>) = 1 [pid 15092] <... futex resumed>) = 0 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15094] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15106] <... mmap resumed>) = 0x7f1c2a016000 [ 266.700919][T15100] loop3: detected capacity change from 0 to 2048 [pid 15105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15105] munmap(0x7f1c2a016000, 1048576 [pid 15107] <... write resumed>) = 1048576 [pid 15105] <... munmap resumed>) = 0 [pid 15107] munmap(0x7f1c2a016000, 1048576 [pid 15105] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15107] <... munmap resumed>) = 0 [pid 15105] <... openat resumed>) = 4 [pid 15107] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15105] ioctl(4, LOOP_SET_FD, 3 [pid 15107] <... openat resumed>) = 4 [pid 15108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15106] <... write resumed>) = 1048576 [pid 15100] <... mount resumed>) = 0 [pid 15108] <... write resumed>) = 1048576 [ 266.746143][T15094] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.763353][T15094] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 266.763842][T15100] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/541/bus supports timestamps until 2038 (0x7fffffff) [ 266.778646][T15105] loop0: detected capacity change from 0 to 2048 [pid 15107] ioctl(4, LOOP_SET_FD, 3 [pid 15105] <... ioctl resumed>) = 0 [pid 15094] <... openat resumed>) = 7 [pid 15108] munmap(0x7f1c2a016000, 1048576 [pid 15106] munmap(0x7f1c2a016000, 1048576 [pid 15100] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15092] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15108] <... munmap resumed>) = 0 [pid 15106] <... munmap resumed>) = 0 [pid 15105] close(3 [pid 15100] <... openat resumed>) = 3 [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15092] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15108] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15106] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15100] chdir("./bus" [pid 15092] <... futex resumed>) = 0 [pid 15108] <... openat resumed>) = 4 [pid 15106] <... openat resumed>) = 4 [pid 15100] <... chdir resumed>) = 0 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15108] ioctl(4, LOOP_SET_FD, 3 [pid 15106] ioctl(4, LOOP_SET_FD, 3 [pid 15100] ioctl(4, LOOP_CLR_FD [pid 15107] <... ioctl resumed>) = 0 [pid 15105] <... close resumed>) = 0 [pid 15094] <... futex resumed>) = 1 [pid 15092] <... futex resumed>) = 0 [pid 15107] close(3 [pid 15105] mkdir("./bus", 0777 [pid 15094] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15092] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=47000000} [pid 15107] <... close resumed>) = 0 [pid 15105] <... mkdir resumed>) = 0 [pid 15094] <... openat resumed>) = 8 [pid 15107] mkdir("./bus", 0777 [pid 15105] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15094] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] <... mkdir resumed>) = 0 [pid 15100] <... ioctl resumed>) = 0 [pid 15094] <... futex resumed>) = 1 [pid 15092] <... futex resumed>) = 0 [pid 15107] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15094] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15092] exit_group(0 [pid 15094] <... futex resumed>) = ? [pid 15092] <... exit_group resumed>) = ? [pid 15094] +++ exited with 0 +++ [pid 15092] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15092, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./537", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 15108] <... ioctl resumed>) = 0 [pid 15106] <... ioctl resumed>) = 0 [pid 15100] close(4) = 0 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15100] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15108] close(3 [pid 15106] close(3 [pid 15108] <... close resumed>) = 0 [pid 15106] <... close resumed>) = 0 [pid 15108] mkdir("./bus", 0777 [pid 15106] mkdir("./bus", 0777 [pid 15099] <... futex resumed>) = 0 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] fstat(3, [pid 15106] <... mkdir resumed>) = 0 [pid 15106] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15108] <... mkdir resumed>) = 0 [pid 15108] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15100] <... futex resumed>) = 0 [pid 15099] <... futex resumed>) = 1 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15100] chdir("./file0" [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 15100] <... chdir resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15099] <... futex resumed>) = 0 [pid 411] umount2("./537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15100] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15099] <... futex resumed>) = 0 [pid 411] lstat("./537/binderfs", [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15100] <... open resumed>) = 4 [pid 411] unlink("./537/binderfs" [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15099] <... futex resumed>) = 0 [pid 411] <... unlink resumed>) = 0 [pid 15100] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15100] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15099] <... futex resumed>) = 0 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15099] <... futex resumed>) = 0 [pid 15100] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15100] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 266.791255][T15107] loop5: detected capacity change from 0 to 2048 [ 266.799077][T15108] loop1: detected capacity change from 0 to 2048 [ 266.805637][T15106] loop2: detected capacity change from 0 to 2048 [pid 15100] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15099] <... futex resumed>) = 0 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] <... futex resumed>) = 0 [pid 15100] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15099] <... futex resumed>) = 0 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] <... futex resumed>) = 1 [pid 15100] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15099] <... futex resumed>) = 0 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] <... futex resumed>) = 1 [pid 15100] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15105] <... mount resumed>) = 0 [pid 15105] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15105] chdir("./bus") = 0 [pid 15105] ioctl(4, LOOP_CLR_FD) = 0 [pid 15105] close(4) = 0 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15104] <... futex resumed>) = 0 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15105] chdir("./file0") = 0 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15104] <... futex resumed>) = 0 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15105] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15105] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15104] <... futex resumed>) = 0 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15100] <... write resumed>) = 1048576 [ 266.837175][T15105] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/532/bus supports timestamps until 2038 (0x7fffffff) [ 266.864931][T15108] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/537/bus supports timestamps until 2038 (0x7fffffff) [pid 15108] <... mount resumed>) = 0 [pid 15107] <... mount resumed>) = 0 [pid 15105] <... futex resumed>) = 0 [pid 15104] <... futex resumed>) = 1 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15099] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15107] <... openat resumed>) = 3 [pid 15099] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] chdir("./bus" [pid 15099] <... futex resumed>) = 0 [pid 15107] <... chdir resumed>) = 0 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] ioctl(4, LOOP_CLR_FD) = 0 [pid 15107] close(4) = 0 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15101] <... futex resumed>) = 0 [pid 15107] chdir("./file0" [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] <... chdir resumed>) = 0 [pid 15101] <... futex resumed>) = 0 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] <... futex resumed>) = 0 [pid 15101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15107] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] <... open resumed>) = 4 [pid 15101] <... futex resumed>) = 0 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] <... futex resumed>) = 0 [pid 15101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15107] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] <... openat resumed>) = 5 [pid 15101] <... futex resumed>) = 0 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] <... futex resumed>) = 0 [pid 15101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15107] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15101] <... futex resumed>) = 0 [pid 15100] <... futex resumed>) = 1 [pid 15099] <... futex resumed>) = 0 [pid 15108] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15106] <... mount resumed>) = 0 [pid 15105] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=39000000} [pid 15107] <... write resumed>) = 196608 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... futex resumed>) = 0 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] <... futex resumed>) = 1 [pid 15107] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... futex resumed>) = 0 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] <... futex resumed>) = 1 [pid 15107] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... futex resumed>) = 0 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15107] <... futex resumed>) = 1 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15107] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15108] <... openat resumed>) = 3 [pid 15108] chdir("./bus") = 0 [pid 15108] ioctl(4, LOOP_CLR_FD) = 0 [pid 15108] close(4 [pid 15106] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15106] chdir("./bus") = 0 [pid 15106] ioctl(4, LOOP_CLR_FD) = 0 [pid 15106] close(4) = 0 [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] <... futex resumed>) = 1 [pid 15106] chdir("./file0") = 0 [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] <... futex resumed>) = 1 [pid 15106] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15105] <... openat resumed>) = 5 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15105] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... umount2 resumed>) = 0 [pid 15106] <... open resumed>) = 4 [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15106] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15103] <... futex resumed>) = 0 [pid 15106] <... openat resumed>) = 5 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15103] <... futex resumed>) = 0 [pid 15106] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15106] <... write resumed>) = 196608 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] <... futex resumed>) = 1 [pid 15106] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] <... futex resumed>) = 1 [pid 15106] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15106] <... futex resumed>) = 1 [pid 15106] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15104] <... futex resumed>) = 0 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15108] <... close resumed>) = 0 [pid 15105] <... futex resumed>) = 0 [pid 15104] <... futex resumed>) = 1 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15105] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] lstat("./537/bus", [pid 15108] <... futex resumed>) = 1 [pid 15102] <... futex resumed>) = 0 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15108] chdir("./file0" [pid 15105] <... write resumed>) = 196608 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15108] <... chdir resumed>) = 0 [pid 15105] <... futex resumed>) = 1 [pid 15104] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] <... write resumed>) = 1048576 [pid 15105] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./537/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15104] <... futex resumed>) = 0 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... openat resumed>) = 4 [pid 15108] <... futex resumed>) = 1 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15105] <... mount resumed>) = 0 [pid 15102] <... futex resumed>) = 0 [pid 411] fstat(4, [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 266.865244][T15107] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/535/bus supports timestamps until 2038 (0x7fffffff) [ 266.878378][T15106] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/532/bus supports timestamps until 2038 (0x7fffffff) [ 266.902474][T15100] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15099] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15099] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15099] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15099] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15099] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15119], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15119 [pid 15099] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15099] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15108] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15107] <... futex resumed>) = 1 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 15119 attached [pid 15119] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15119] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15101] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(4, [pid 15101] <... futex resumed>) = 0 [pid 15105] <... futex resumed>) = 1 [pid 15104] <... futex resumed>) = 0 [pid 15107] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15105] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15104] <... futex resumed>) = 0 [pid 15101] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15108] <... open resumed>) = 4 [pid 15106] <... write resumed>) = 1048576 [pid 15105] <... open resumed>) = 6 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15100] <... openat resumed>) = 7 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./537/bus" [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... rmdir resumed>) = 0 [pid 15105] <... futex resumed>) = 1 [pid 15104] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 15105] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15104] <... futex resumed>) = 0 [pid 411] close(3 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... close resumed>) = 0 [pid 411] rmdir("./537") = 0 [pid 411] mkdir("./538", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15120 [pid 15100] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15100] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15108] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15106] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15102] <... futex resumed>) = 0 [pid 15103] <... futex resumed>) = 0 [pid 15119] <... openat resumed>) = 8 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15119] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15103] <... futex resumed>) = 1 [pid 15102] <... futex resumed>) = 1 [pid 15099] <... futex resumed>) = 0 [pid 15119] <... futex resumed>) = 1 [pid 15108] <... futex resumed>) = 0 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15108] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15099] exit_group(0 [pid 15119] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 15108] <... openat resumed>) = 5 [pid 15100] <... futex resumed>) = ? [pid 15099] <... exit_group resumed>) = ? [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15100] +++ exited with 0 +++ [pid 15108] <... futex resumed>) = 1 [pid 15102] <... futex resumed>) = 0 [pid 15108] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15106] <... futex resumed>) = 0 [pid 15106] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15108] <... futex resumed>) = 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15108] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15119] +++ exited with 0 +++ [pid 15108] <... write resumed>) = 196608 [pid 15099] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15099, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] umount2("./541", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15108] <... futex resumed>) = 1 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15108] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] lstat("./541/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./541/binderfs" [pid 15102] <... futex resumed>) = 0 [pid 410] <... unlink resumed>) = 0 [pid 410] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 15120 attached [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15120] set_robust_list(0x555555f755e0, 24 [pid 15102] <... futex resumed>) = 1 [pid 15120] <... set_robust_list resumed>) = 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15120] chdir("./538") = 0 [pid 15120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 266.935636][T15100] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 266.952512][T15107] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 266.975760][T15107] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 15120] setpgid(0, 0) = 0 [pid 15120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15120] write(3, "1000", 4) = 4 [pid 15120] close(3) = 0 [pid 15120] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15120] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15120] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15121], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15121 [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15121 attached [pid 15121] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15121] memfd_create("syzkaller", 0) = 3 [pid 15121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15101] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15101] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15108] <... futex resumed>) = 0 [pid 15104] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15101] <... futex resumed>) = 0 [pid 15108] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15104] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15108] <... mount resumed>) = 0 [pid 15107] <... openat resumed>) = 7 [pid 15104] <... futex resumed>) = 0 [pid 15101] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15107] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15101] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15108] <... futex resumed>) = 1 [pid 15107] <... futex resumed>) = 0 [pid 15104] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15101] <... mprotect resumed>) = 0 [pid 15108] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15107] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15104] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15101] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15104] <... mprotect resumed>) = 0 [pid 15105] <... write resumed>) = 1048576 [pid 15104] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15102] <... futex resumed>) = 0 [pid 15121] <... write resumed>) = 1048576 [pid 15121] munmap(0x7f1c2a016000, 1048576 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... clone resumed>, parent_tid=[15122], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15122 [pid 15104] <... clone resumed>, parent_tid=[15123], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15123 [pid 15101] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15104] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... futex resumed>) = 0 [pid 15104] <... futex resumed>) = 0 [pid 15101] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15104] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] <... munmap resumed>) = 0 [pid 15106] <... openat resumed>) = 7 [pid 15121] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 15123 attached ./strace-static-x86_64: Process 15122 attached [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15105] <... futex resumed>) = 0 [pid 15102] <... futex resumed>) = 1 [pid 15105] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] <... openat resumed>) = 4 [pid 15121] ioctl(4, LOOP_SET_FD, 3 [pid 15123] set_robust_list(0x7f1c2a1159e0, 24 [pid 15122] set_robust_list(0x7f1c2a1159e0, 24 [pid 15108] <... futex resumed>) = 0 [pid 15106] <... futex resumed>) = 1 [pid 15108] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15106] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15108] <... open resumed>) = 6 [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15108] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15122] <... set_robust_list resumed>) = 0 [pid 15122] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15122] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15101] <... futex resumed>) = 0 [pid 15101] exit_group(0 [pid 15107] <... futex resumed>) = ? [pid 15101] <... exit_group resumed>) = ? [pid 15107] +++ exited with 0 +++ [pid 15122] <... futex resumed>) = ? [pid 15123] <... set_robust_list resumed>) = 0 [pid 15122] +++ exited with 0 +++ [pid 15121] <... ioctl resumed>) = 0 [pid 15103] <... futex resumed>) = 0 [pid 15102] <... futex resumed>) = 0 [pid 15101] +++ exited with 0 +++ [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./541/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./541/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15103] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15101, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] fstat(4, [pid 15108] <... futex resumed>) = 0 [pid 15106] <... futex resumed>) = 0 [pid 15103] <... futex resumed>) = 1 [pid 15102] <... futex resumed>) = 1 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15108] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15106] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15103] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] getdents64(4, [pid 15123] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15121] close(3 [pid 15106] <... openat resumed>) = 8 [pid 15106] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./535", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15106] <... futex resumed>) = 1 [pid 15103] <... futex resumed>) = 0 [ 266.978017][T15106] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.003996][T15106] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 267.015452][T15121] loop4: detected capacity change from 0 to 2048 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15106] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15103] exit_group(0 [pid 412] openat(AT_FDCWD, "./535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] getdents64(4, [pid 15106] <... futex resumed>) = ? [pid 15103] <... exit_group resumed>) = ? [pid 412] <... openat resumed>) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./535/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./535/binderfs" [pid 15106] +++ exited with 0 +++ [pid 15103] +++ exited with 0 +++ [pid 412] <... unlink resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15103, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] close(4 [pid 15121] <... close resumed>) = 0 [pid 15121] mkdir("./bus", 0777) = 0 [pid 409] umount2("./532", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... close resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] rmdir("./541/bus" [pid 409] <... openat resumed>) = 3 [pid 15121] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 410] <... rmdir resumed>) = 0 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 409] getdents64(3, [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... close resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] rmdir("./541" [pid 409] lstat("./532/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] unlink("./532/binderfs" [pid 410] mkdir("./542", 0777 [pid 409] <... unlink resumed>) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 409] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15123] <... openat resumed>) = 7 [pid 15123] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15123] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15104] <... futex resumed>) = 0 [pid 15104] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15105] <... futex resumed>) = 0 [pid 15104] <... futex resumed>) = 1 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15105] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15108] <... write resumed>) = 1048576 [pid 15104] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... openat resumed>) = 3 [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15105] <... openat resumed>) = 8 [pid 15105] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15105] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15108] <... futex resumed>) = 1 [pid 15104] <... futex resumed>) = 0 [pid 15102] <... futex resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 15104] exit_group(0 [pid 15108] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15104] <... exit_group resumed>) = ? [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15123] <... futex resumed>) = ? [pid 15105] <... futex resumed>) = ? [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] close(3 [pid 15123] +++ exited with 0 +++ [pid 15108] <... futex resumed>) = 0 [pid 15105] +++ exited with 0 +++ [pid 15104] +++ exited with 0 +++ [pid 15102] <... futex resumed>) = 1 [pid 410] <... close resumed>) = 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15104, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 15108] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15125 [pid 407] umount2("./532", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./532/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./532/binderfs") = 0 [pid 407] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 15125 attached [pid 15125] set_robust_list(0x555555f755e0, 24) = 0 [pid 15125] chdir("./542") = 0 [pid 15125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15125] setpgid(0, 0) = 0 [pid 15125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15125] write(3, "1000", 4) = 4 [pid 15125] close(3) = 0 [pid 15125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15125] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15125] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15125] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15127], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15127 [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./535/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./535/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [ 267.037100][T15123] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.052810][T15123] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 267.067381][T15108] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 412] getdents64(4, [pid 15108] <... openat resumed>) = 7 [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] <... futex resumed>) = 0 [pid 15102] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15102] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15108] <... futex resumed>) = 1 [pid 15108] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15108] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15102] <... futex resumed>) = 0 [pid 15102] exit_group(0) = ? [pid 15108] <... futex resumed>) = ? [pid 15108] +++ exited with 0 +++ [pid 15102] +++ exited with 0 +++ ./strace-static-x86_64: Process 15127 attached [pid 15127] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15127] memfd_create("syzkaller", 0) = 3 [pid 15127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15127] munmap(0x7f1c2a016000, 1048576 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15102, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 412] close(4) = 0 [pid 412] rmdir("./535/bus" [pid 15127] <... munmap resumed>) = 0 [pid 15127] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 15127] ioctl(4, LOOP_SET_FD, 3 [pid 15121] <... mount resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 408] umount2("./537", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... close resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] rmdir("./535" [pid 408] openat(AT_FDCWD, "./537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... rmdir resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 412] mkdir("./536", 0777 [pid 408] fstat(3, [pid 412] <... mkdir resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 408] getdents64(3, [pid 412] <... openat resumed>) = 3 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] ioctl(3, LOOP_CLR_FD [pid 408] umount2("./537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] close(3 [pid 408] lstat("./537/binderfs", [pid 412] <... close resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] unlink("./537/binderfs") = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15129 [pid 408] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 15129 attached [pid 15127] <... ioctl resumed>) = 0 [pid 15121] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./532/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./532/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./532/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 409] rmdir("./532") = 0 [pid 409] mkdir("./533", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15130 [pid 407] lstat("./532/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15127] close(3 [pid 407] umount2("./532/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15127] <... close resumed>) = 0 [pid 15121] <... openat resumed>) = 3 [pid 407] openat(AT_FDCWD, "./532/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15127] mkdir("./bus", 0777 [pid 15121] chdir("./bus" [pid 15127] <... mkdir resumed>) = 0 [pid 15121] <... chdir resumed>) = 0 [pid 15127] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15121] ioctl(4, LOOP_CLR_FD) = 0 [pid 407] <... openat resumed>) = 4 [pid 15121] close(4) = 0 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15121] chdir("./file0" [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15129] set_robust_list(0x555555f755e0, 24) = 0 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./532/bus" [pid 15129] chdir("./536" [pid 407] <... rmdir resumed>) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./532" [pid 15129] <... chdir resumed>) = 0 [pid 15129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15129] setpgid(0, 0) = 0 [pid 15129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15129] write(3, "1000", 4) = 4 [pid 15129] close(3) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 15129] symlink("/dev/binderfs", "./binderfs" [pid 407] mkdir("./533", 0777 [pid 15129] <... symlink resumed>) = 0 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15129] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15129] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15121] <... chdir resumed>) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 15129] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15129] <... clone resumed>, parent_tid=[15131], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15131 [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15130 attached [pid 407] <... openat resumed>) = 3 [pid 15121] <... futex resumed>) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15121] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] ioctl(3, LOOP_CLR_FD [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 15121] <... open resumed>) = 4 [pid 407] <... close resumed>) = 0 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] set_robust_list(0x555555f755e0, 24) = 0 [pid 15130] chdir("./533") = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15121] <... futex resumed>) = 1 [pid 15130] <... prctl resumed>) = 0 [pid 15130] setpgid(0, 0) = 0 [pid 15121] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15132 [pid 15130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15121] <... openat resumed>) = 5 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] <... openat resumed>) = 3 [pid 15130] write(3, "1000", 4) = 4 [pid 15130] close(3 [pid 15121] <... futex resumed>) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15121] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15121] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15130] <... close resumed>) = 0 [pid 15130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15130] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15130] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15133], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15133 [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15131 attached [pid 15131] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15131] memfd_create("syzkaller", 0) = 3 [pid 15131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15121] <... write resumed>) = 196608 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15121] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] <... mount resumed>) = 0 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15121] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] <... open resumed>) = 6 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15121] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15132 attached [pid 15132] set_robust_list(0x555555f755e0, 24) = 0 [pid 15132] chdir("./533" [pid 15131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 15133 attached [pid 15132] <... chdir resumed>) = 0 [pid 15133] set_robust_list(0x7f1c324369e0, 24 [pid 15132] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15133] <... set_robust_list resumed>) = 0 [pid 15132] <... prctl resumed>) = 0 [pid 15132] setpgid(0, 0 [pid 15133] memfd_create("syzkaller", 0 [pid 15132] <... setpgid resumed>) = 0 [pid 15132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15133] <... memfd_create resumed>) = 3 [pid 15133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15132] <... openat resumed>) = 3 [pid 15133] <... mmap resumed>) = 0x7f1c2a016000 [pid 15132] write(3, "1000", 4) = 4 [pid 15132] close(3) = 0 [pid 15132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15132] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [ 267.096846][T15108] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 267.096998][T15121] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/538/bus supports timestamps until 2038 (0x7fffffff) [ 267.118592][T15127] loop3: detected capacity change from 0 to 2048 [pid 15132] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15132] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15136], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15136 [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15131] <... write resumed>) = 1048576 [pid 15131] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15131] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15131] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15136 attached [pid 15133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15131] <... ioctl resumed>) = 0 [pid 15131] close(3) = 0 [pid 15131] mkdir("./bus", 0777) = 0 [pid 15131] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./537/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./537/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./537/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./537") = 0 [pid 408] mkdir("./538", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15137 [pid 15127] <... mount resumed>) = 0 [pid 15127] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15127] chdir("./bus") = 0 [pid 15127] ioctl(4, LOOP_CLR_FD) = 0 [pid 15127] close(4) = 0 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15125] <... futex resumed>) = 0 [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15127] <... futex resumed>) = 1 [pid 15127] chdir("./file0" [pid 15136] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15136] memfd_create("syzkaller", 0) = 3 [pid 15136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15121] <... write resumed>) = 1048576 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15120] <... futex resumed>) = 0 [pid 15120] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15136] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 267.183955][T15131] loop5: detected capacity change from 0 to 2048 [ 267.188132][T15127] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/542/bus supports timestamps until 2038 (0x7fffffff) [ 267.217755][T15121] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15136] ioctl(4, LOOP_SET_FD, 3 [pid 15127] <... chdir resumed>) = 0 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15125] <... futex resumed>) = 0 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... ioctl resumed>) = 0 [pid 15136] close(3) = 0 [pid 15136] mkdir("./bus", 0777) = 0 [pid 15136] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15133] <... write resumed>) = 1048576 [pid 15127] <... open resumed>) = 4 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15133] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 15133] ioctl(4, LOOP_SET_FD, 3 [pid 15127] <... futex resumed>) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15127] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15125] <... futex resumed>) = 0 [pid 15127] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15127] <... openat resumed>) = 5 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15137 attached [pid 15127] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15125] <... futex resumed>) = 0 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15133] <... ioctl resumed>) = 0 [pid 15133] close(3) = 0 [pid 15133] mkdir("./bus", 0777) = 0 [pid 15133] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15137] set_robust_list(0x555555f755e0, 24 [pid 15127] <... write resumed>) = 196608 [pid 15120] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15120] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15120] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15120] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15141], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15141 [pid 15120] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15120] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15121] <... openat resumed>) = 7 [pid 15121] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15121] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15137] <... set_robust_list resumed>) = 0 [pid 15137] chdir("./538") = 0 [pid 15137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15137] setpgid(0, 0) = 0 [pid 15137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15137] write(3, "1000", 4) = 4 [pid 15137] close(3) = 0 [pid 15137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15137] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15137] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15142], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15142 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15142 attached [pid 15142] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15142] memfd_create("syzkaller", 0) = 3 [pid 15142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15141 attached [pid 15131] <... mount resumed>) = 0 [pid 15127] <... futex resumed>) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15141] set_robust_list(0x7f1c2a1159e0, 24 [pid 15127] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15141] <... set_robust_list resumed>) = 0 [pid 15125] <... futex resumed>) = 0 [pid 15142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [ 267.221486][T15136] loop0: detected capacity change from 0 to 2048 [ 267.246336][T15133] loop2: detected capacity change from 0 to 2048 [ 267.256676][T15121] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 267.263248][T15131] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/536/bus supports timestamps until 2038 (0x7fffffff) [pid 15142] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15142] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15142] ioctl(4, LOOP_SET_FD, 3 [pid 15141] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15136] <... mount resumed>) = 0 [pid 15131] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15127] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15141] <... openat resumed>) = 8 [pid 15131] <... openat resumed>) = 3 [pid 15127] <... mount resumed>) = 0 [pid 15141] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] chdir("./bus" [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15141] <... futex resumed>) = 1 [pid 15131] <... chdir resumed>) = 0 [pid 15127] <... futex resumed>) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15141] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15131] ioctl(4, LOOP_CLR_FD [pid 15127] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] <... ioctl resumed>) = 0 [pid 15127] <... open resumed>) = 6 [pid 15125] <... futex resumed>) = 0 [pid 15131] close(4 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... ioctl resumed>) = 0 [pid 15136] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15131] <... close resumed>) = 0 [pid 15127] <... futex resumed>) = 0 [pid 15125] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15120] <... futex resumed>) = 0 [pid 15127] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15120] exit_group(0 [pid 15141] <... futex resumed>) = ? [pid 15121] <... futex resumed>) = ? [pid 15120] <... exit_group resumed>) = ? [pid 15141] +++ exited with 0 +++ [pid 15121] +++ exited with 0 +++ [pid 15120] +++ exited with 0 +++ [pid 15142] close(3) = 0 [pid 15142] mkdir("./bus", 0777) = 0 [pid 15136] <... openat resumed>) = 3 [pid 15136] chdir("./bus") = 0 [pid 15136] ioctl(4, LOOP_CLR_FD) = 0 [pid 15136] close(4) = 0 [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 15127] <... futex resumed>) = 0 [pid 15125] <... futex resumed>) = 1 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15120, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 411] umount2("./538", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15131] chdir("./file0" [pid 15129] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15131] <... chdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "./538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 411] fstat(3, [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15129] <... futex resumed>) = 0 [pid 15131] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15131] <... open resumed>) = 4 [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15129] <... futex resumed>) = 0 [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15129] <... futex resumed>) = 0 [pid 411] umount2("./538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15131] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15131] <... openat resumed>) = 5 [pid 411] lstat("./538/binderfs", [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 411] unlink("./538/binderfs" [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15129] <... futex resumed>) = 0 [pid 15131] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... unlink resumed>) = 0 [pid 15131] <... write resumed>) = 196608 [pid 411] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15142] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15131] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15132] <... futex resumed>) = 0 [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... futex resumed>) = 1 [pid 15136] chdir("./file0") = 0 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15132] <... futex resumed>) = 0 [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... futex resumed>) = 1 [pid 15136] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15133] <... mount resumed>) = 0 [pid 15131] <... mount resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15136] <... futex resumed>) = 1 [pid 15133] <... openat resumed>) = 3 [pid 15132] <... futex resumed>) = 0 [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15136] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15133] chdir("./bus" [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [ 267.279126][T15136] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/533/bus supports timestamps until 2038 (0x7fffffff) [ 267.285848][T15142] loop1: detected capacity change from 0 to 2048 [ 267.317725][T15133] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/533/bus supports timestamps until 2038 (0x7fffffff) [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] lstat("./538/bus", [pid 15136] <... openat resumed>) = 5 [pid 15133] <... chdir resumed>) = 0 [pid 15132] <... futex resumed>) = 0 [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15129] <... futex resumed>) = 0 [pid 15127] <... write resumed>) = 1048576 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] ioctl(4, LOOP_CLR_FD [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15131] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15136] <... futex resumed>) = 0 [pid 15133] <... ioctl resumed>) = 0 [pid 15132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15131] <... open resumed>) = 6 [pid 15127] <... futex resumed>) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15133] close(4 [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15125] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15133] <... close resumed>) = 0 [pid 15132] <... futex resumed>) = 0 [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 15127] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15125] <... futex resumed>) = 0 [pid 15136] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15125] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... write resumed>) = 196608 [pid 15133] <... futex resumed>) = 1 [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15130] <... futex resumed>) = 0 [pid 15129] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15131] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... futex resumed>) = 1 [pid 15133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15132] <... futex resumed>) = 0 [pid 15130] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15133] chdir("./file0" [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15133] <... chdir resumed>) = 0 [pid 15132] <... futex resumed>) = 0 [pid 15136] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... mount resumed>) = 0 [pid 15133] <... futex resumed>) = 1 [pid 15130] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15136] <... futex resumed>) = 1 [pid 15133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15132] <... futex resumed>) = 0 [pid 15130] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15133] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15132] <... futex resumed>) = 0 [pid 15136] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... open resumed>) = 6 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15132] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15132] <... futex resumed>) = 0 [pid 15136] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... mount resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15142] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 411] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15142] <... openat resumed>) = 3 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15142] chdir("./bus" [pid 411] openat(AT_FDCWD, "./538/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15142] <... chdir resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 15142] ioctl(4, LOOP_CLR_FD [pid 411] fstat(4, [pid 15142] <... ioctl resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15142] close(4 [pid 411] getdents64(4, [pid 15142] <... close resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(4, [pid 15142] <... futex resumed>) = 1 [pid 15137] <... futex resumed>) = 0 [pid 15133] <... open resumed>) = 4 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15142] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15136] <... write resumed>) = 1048576 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(4 [pid 15142] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15137] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] <... futex resumed>) = 1 [pid 15130] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 15142] chdir("./file0" [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15136] <... futex resumed>) = 1 [pid 15133] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15132] <... futex resumed>) = 0 [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] rmdir("./538/bus" [pid 15142] <... chdir resumed>) = 0 [pid 15136] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15132] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] <... futex resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15133] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15132] <... futex resumed>) = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] getdents64(3, [pid 15142] <... futex resumed>) = 1 [pid 15137] <... futex resumed>) = 0 [pid 15136] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15133] <... openat resumed>) = 5 [pid 15132] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15142] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] close(3 [pid 15142] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15137] <... futex resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 15142] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] rmdir("./538") = 0 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] mkdir("./539", 0777 [pid 15133] <... futex resumed>) = 1 [pid 15130] <... futex resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 15133] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 267.340641][T15127] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.343176][T15142] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/538/bus supports timestamps until 2038 (0x7fffffff) [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15133] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] <... futex resumed>) = 0 [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15133] <... futex resumed>) = 1 [pid 15133] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15148 [pid 15130] <... futex resumed>) = 0 [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15133] <... futex resumed>) = 1 [pid 15133] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] <... futex resumed>) = 0 [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15133] <... futex resumed>) = 1 [pid 15133] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15131] <... write resumed>) = 1048576 [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15129] <... futex resumed>) = 0 [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15142] <... open resumed>) = 4 [pid 15131] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15129] <... futex resumed>) = 0 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15137] <... futex resumed>) = 0 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... futex resumed>) = 1 [pid 15142] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... openat resumed>) = 5 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15137] <... futex resumed>) = 0 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15142] <... futex resumed>) = 1 [pid 15137] <... futex resumed>) = 0 [pid 15142] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 267.385095][T15136] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.406675][T15131] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.411118][T15127] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15125] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15142] <... write resumed>) = 196608 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15137] <... futex resumed>) = 0 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... futex resumed>) = 1 [pid 15142] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15137] <... futex resumed>) = 0 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... futex resumed>) = 1 [pid 15142] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15137] <... futex resumed>) = 0 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15142] <... futex resumed>) = 1 [pid 15142] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 15148 attached [pid 15148] set_robust_list(0x555555f755e0, 24) = 0 [pid 15148] chdir("./539") = 0 [pid 15148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15148] setpgid(0, 0) = 0 [pid 15148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15148] write(3, "1000", 4) = 4 [pid 15148] close(3) = 0 [pid 15148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15148] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15148] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15149], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15149 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15132] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15131] <... openat resumed>) = 7 [pid 15125] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15149 attached [pid 15149] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15149] memfd_create("syzkaller", 0) = 3 [pid 15149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15132] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15125] <... futex resumed>) = 0 [pid 15130] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15130] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15130] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15130] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15150], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15150 [pid 15130] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15130] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15125] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15131] <... futex resumed>) = 1 [pid 15132] <... futex resumed>) = 0 [pid 15131] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] <... futex resumed>) = 0 [pid 15125] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15129] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15132] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15129] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15131] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15125] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15132] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15131] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15132] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15125] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 15150 attached [pid 15136] <... openat resumed>) = 7 [pid 15133] <... write resumed>) = 1048576 [pid 15132] <... mprotect resumed>) = 0 [pid 15131] <... openat resumed>) = 8 [pid 15125] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] <... openat resumed>) = 7 [pid 15132] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15131] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15127] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15133] <... futex resumed>) = 0 [pid 15131] <... futex resumed>) = 1 [pid 15129] <... futex resumed>) = 0 [pid 15127] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] exit_group(0 [pid 15133] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15129] <... exit_group resumed>) = ? [pid 15132] <... clone resumed>, parent_tid=[15152], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15152 [pid 15125] <... clone resumed>, parent_tid=[15151], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15151 [pid 15131] +++ exited with 0 +++ ./strace-static-x86_64: Process 15152 attached ./strace-static-x86_64: Process 15151 attached [pid 15150] set_robust_list(0x7f1c2a1159e0, 24 [pid 15149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15136] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15132] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15129] +++ exited with 0 +++ [pid 15125] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15152] set_robust_list(0x7f1c2a1159e0, 24 [pid 15151] set_robust_list(0x7f1c2a1159e0, 24 [pid 15150] <... set_robust_list resumed>) = 0 [pid 15149] <... write resumed>) = 1048576 [pid 15142] <... write resumed>) = 1048576 [pid 15136] <... futex resumed>) = 0 [pid 15132] <... futex resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15129, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15125] <... futex resumed>) = 0 [pid 15136] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15132] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15125] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./536", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15150] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, [pid 15142] <... futex resumed>) = 1 [pid 15137] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15142] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 267.422090][T15131] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 267.438524][T15136] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 267.466315][T15150] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15137] <... futex resumed>) = 0 [pid 15152] <... set_robust_list resumed>) = 0 [pid 15151] <... set_robust_list resumed>) = 0 [pid 15149] munmap(0x7f1c2a016000, 1048576 [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15130] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15130] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15133] <... futex resumed>) = 0 [pid 15130] <... futex resumed>) = 1 [pid 15133] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15130] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15152] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15152] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15132] <... futex resumed>) = 0 [pid 15152] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15132] exit_group(0 [pid 15152] <... futex resumed>) = ? [pid 15136] <... futex resumed>) = ? [pid 15132] <... exit_group resumed>) = ? [pid 15152] +++ exited with 0 +++ [pid 15136] +++ exited with 0 +++ [pid 15132] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15132, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 407] umount2("./533", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./533/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./533/binderfs") = 0 [pid 407] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15151] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15151] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15125] <... futex resumed>) = 0 [pid 15149] <... munmap resumed>) = 0 [pid 15151] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15149] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15125] exit_group(0 [pid 412] lstat("./536/binderfs", [pid 15151] <... futex resumed>) = ? [pid 15149] <... openat resumed>) = 4 [pid 15127] <... futex resumed>) = ? [pid 15125] <... exit_group resumed>) = ? [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15151] +++ exited with 0 +++ [pid 15149] ioctl(4, LOOP_SET_FD, 3 [pid 15133] <... openat resumed>) = 8 [pid 15133] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15130] <... futex resumed>) = 0 [pid 15133] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15127] +++ exited with 0 +++ [pid 15125] +++ exited with 0 +++ [pid 412] unlink("./536/binderfs" [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15125, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 410] umount2("./542", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... unlink resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./542/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./542/binderfs") = 0 [pid 410] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15150] <... openat resumed>) = 7 [pid 15150] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] exit_group(0 [pid 15133] <... futex resumed>) = ? [pid 15130] <... exit_group resumed>) = ? [pid 15133] +++ exited with 0 +++ [pid 15150] <... futex resumed>) = ? [pid 15149] <... ioctl resumed>) = 0 [pid 15142] <... openat resumed>) = 7 [pid 15150] +++ exited with 0 +++ [pid 15149] close(3 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15130] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15130, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15137] <... futex resumed>) = 0 [pid 15142] <... futex resumed>) = 1 [pid 15137] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] umount2("./533", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15137] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./533/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./533/binderfs") = 0 [pid 409] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15149] <... close resumed>) = 0 [pid 15142] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15142] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15137] <... futex resumed>) = 0 [pid 15137] exit_group(0) = ? [pid 15142] <... futex resumed>) = ? [pid 15142] +++ exited with 0 +++ [pid 15137] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15137, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 15149] mkdir("./bus", 0777 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15149] <... mkdir resumed>) = 0 [pid 409] lstat("./533/bus", [pid 408] umount2("./538", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15149] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... openat resumed>) = 3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] fstat(3, [pid 409] openat(AT_FDCWD, "./533/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, [pid 409] getdents64(4, [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] umount2("./538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] close(4 [pid 408] lstat("./538/binderfs", [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./533/bus" [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./538/binderfs" [pid 409] <... rmdir resumed>) = 0 [pid 408] <... unlink resumed>) = 0 [pid 408] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 267.466613][T15142] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.481322][T15150] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 267.494327][T15142] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 267.516687][T15149] loop4: detected capacity change from 0 to 2048 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./533") = 0 [pid 409] mkdir("./534", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15149] <... mount resumed>) = 0 [pid 15149] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15149] chdir("./bus") = 0 [pid 15149] ioctl(4, LOOP_CLR_FD) = 0 [pid 15149] close(4) = 0 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15148] <... futex resumed>) = 0 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15149] <... futex resumed>) = 1 [pid 15149] chdir("./file0") = 0 [pid 410] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 410] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./542/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./542/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./542/bus" [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... rmdir resumed>) = 0 [pid 410] getdents64(3, [pid 407] lstat("./533/bus", [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./542") = 0 [pid 410] mkdir("./543", 0777) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 407] umount2("./533/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15155 [pid 15149] <... futex resumed>) = 1 [pid 15148] <... futex resumed>) = 0 [pid 15149] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] openat(AT_FDCWD, "./533/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, ./strace-static-x86_64: Process 15155 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./533/bus" [pid 15155] set_robust_list(0x555555f755e0, 24 [pid 407] <... rmdir resumed>) = 0 [pid 15155] <... set_robust_list resumed>) = 0 [pid 407] getdents64(3, [pid 15155] chdir("./543" [pid 15149] <... open resumed>) = 4 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3 [pid 15155] <... chdir resumed>) = 0 [pid 15155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15155] setpgid(0, 0 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... close resumed>) = 0 [pid 15149] <... futex resumed>) = 1 [pid 15148] <... futex resumed>) = 0 [pid 407] rmdir("./533" [pid 15149] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... rmdir resumed>) = 0 [pid 15149] <... openat resumed>) = 5 [pid 407] mkdir("./534", 0777 [pid 15155] <... setpgid resumed>) = 0 [pid 15155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... mkdir resumed>) = 0 [pid 15155] <... openat resumed>) = 3 [pid 15155] write(3, "1000", 4 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15149] <... futex resumed>) = 1 [pid 15148] <... futex resumed>) = 0 [pid 15149] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 3 [pid 15148] <... futex resumed>) = 0 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] ioctl(3, LOOP_CLR_FD [pid 15155] <... write resumed>) = 4 [pid 412] <... umount2 resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] ioctl(3, LOOP_CLR_FD [pid 407] close(3 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] lstat("./536/bus", [pid 409] close(3 [pid 407] <... close resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... close resumed>) = 0 [pid 412] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./536/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15156 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./536/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./536") = 0 [pid 412] mkdir("./537", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15157 ./strace-static-x86_64: Process 15158 attached [pid 408] <... umount2 resumed>) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15158 [pid 15158] set_robust_list(0x555555f755e0, 24 [pid 408] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15158] <... set_robust_list resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15158] chdir("./537" [pid 408] lstat("./538/bus", [pid 15158] <... chdir resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15158] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 408] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15158] <... prctl resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./538/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15158] setpgid(0, 0 [pid 408] <... openat resumed>) = 4 [pid 15158] <... setpgid resumed>) = 0 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15158] <... openat resumed>) = 3 [pid 408] getdents64(4, [pid 15158] write(3, "1000", 4 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15158] <... write resumed>) = 4 [pid 408] close(4 [pid 15158] close(3) = 0 [pid 408] <... close resumed>) = 0 [pid 15158] symlink("/dev/binderfs", "./binderfs" [pid 15155] close(3 [pid 408] rmdir("./538/bus" [pid 15158] <... symlink resumed>) = 0 [pid 15155] <... close resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(3, [pid 15158] <... futex resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15158] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] close(3 [pid 15158] <... mmap resumed>) = 0x7f1c32416000 [pid 15155] symlink("/dev/binderfs", "./binderfs" [pid 408] <... close resumed>) = 0 ./strace-static-x86_64: Process 15157 attached ./strace-static-x86_64: Process 15156 attached [pid 15158] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15155] <... symlink resumed>) = 0 [pid 408] rmdir("./538" [pid 15158] <... mprotect resumed>) = 0 [pid 15157] set_robust_list(0x555555f755e0, 24 [pid 15156] set_robust_list(0x555555f755e0, 24 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15149] <... write resumed>) = 196608 [pid 15158] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15157] <... set_robust_list resumed>) = 0 [pid 15156] <... set_robust_list resumed>) = 0 [pid 15155] <... futex resumed>) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 15157] chdir("./534" [pid 15156] chdir("./534" [pid 15155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] mkdir("./539", 0777 [pid 15158] <... clone resumed>, parent_tid=[15159], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15159 [pid 15157] <... chdir resumed>) = 0 [pid 15156] <... chdir resumed>) = 0 [pid 15155] <... mmap resumed>) = 0x7f1c32416000 [pid 15149] <... futex resumed>) = 1 [pid 15148] <... futex resumed>) = 0 [pid 15155] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15149] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... mprotect resumed>) = 0 [pid 15149] <... mount resumed>) = 0 [pid 15148] <... futex resumed>) = 0 [pid 15155] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15157] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15156] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15149] <... futex resumed>) = 0 [pid 15148] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] <... mkdir resumed>) = 0 [pid 15158] <... futex resumed>) = 0 [pid 15155] <... clone resumed>, parent_tid=[15160], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15160 [pid 15149] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15156] <... prctl resumed>) = 0 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15149] <... open resumed>) = 6 [pid 15148] <... futex resumed>) = 0 [ 267.552906][T15149] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/539/bus supports timestamps until 2038 (0x7fffffff) [pid 408] <... openat resumed>) = 3 [pid 15157] <... prctl resumed>) = 0 [pid 15156] setpgid(0, 0 [pid 15155] <... futex resumed>) = 0 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 15159 attached [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15149] <... futex resumed>) = 0 [pid 15148] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15159] set_robust_list(0x7f1c324369e0, 24 [pid 15149] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] close(3 [pid 15159] <... set_robust_list resumed>) = 0 [pid 15157] setpgid(0, 0 [pid 15156] <... setpgid resumed>) = 0 [pid 15148] <... futex resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 15159] memfd_create("syzkaller", 0 [pid 15157] <... setpgid resumed>) = 0 [pid 15156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15159] <... memfd_create resumed>) = 3 [pid 15157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15156] <... openat resumed>) = 3 [pid 15159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15156] write(3, "1000", 4./strace-static-x86_64: Process 15161 attached ./strace-static-x86_64: Process 15160 attached [pid 15157] <... openat resumed>) = 3 [pid 15156] <... write resumed>) = 4 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15161 [pid 15161] set_robust_list(0x555555f755e0, 24 [pid 15160] set_robust_list(0x7f1c324369e0, 24 [pid 15157] write(3, "1000", 4 [pid 15156] close(3 [pid 15161] <... set_robust_list resumed>) = 0 [pid 15160] <... set_robust_list resumed>) = 0 [pid 15157] <... write resumed>) = 4 [pid 15156] <... close resumed>) = 0 [pid 15161] chdir("./539" [pid 15160] memfd_create("syzkaller", 0 [pid 15157] close(3 [pid 15156] symlink("/dev/binderfs", "./binderfs" [pid 15161] <... chdir resumed>) = 0 [pid 15160] <... memfd_create resumed>) = 3 [pid 15157] <... close resumed>) = 0 [pid 15156] <... symlink resumed>) = 0 [pid 15149] <... write resumed>) = 1048576 [pid 15161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15157] symlink("/dev/binderfs", "./binderfs" [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15161] <... prctl resumed>) = 0 [pid 15160] <... mmap resumed>) = 0x7f1c2a016000 [pid 15157] <... symlink resumed>) = 0 [pid 15156] <... futex resumed>) = 0 [pid 15148] <... futex resumed>) = 0 [pid 15149] <... futex resumed>) = 1 [pid 15161] setpgid(0, 0 [pid 15159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15149] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15161] <... setpgid resumed>) = 0 [pid 15160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15159] <... write resumed>) = 1048576 [pid 15157] <... futex resumed>) = 0 [pid 15156] <... mmap resumed>) = 0x7f1c32416000 [pid 15160] <... write resumed>) = 1048576 [pid 15159] munmap(0x7f1c2a016000, 1048576 [pid 15157] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15156] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15160] munmap(0x7f1c2a016000, 1048576 [pid 15159] <... munmap resumed>) = 0 [pid 15157] <... mmap resumed>) = 0x7f1c32416000 [pid 15156] <... mprotect resumed>) = 0 [pid 15160] <... munmap resumed>) = 0 [pid 15159] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15157] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15156] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15160] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15159] <... openat resumed>) = 4 [pid 15157] <... mprotect resumed>) = 0 [pid 15160] <... openat resumed>) = 4 [pid 15159] ioctl(4, LOOP_SET_FD, 3 [pid 15157] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15156] <... clone resumed>, parent_tid=[15162], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15162 ./strace-static-x86_64: Process 15163 attached ./strace-static-x86_64: Process 15162 attached [pid 15161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15160] ioctl(4, LOOP_SET_FD, 3 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15148] <... futex resumed>) = 0 [pid 15163] set_robust_list(0x7f1c324369e0, 24 [pid 15162] set_robust_list(0x7f1c324369e0, 24 [pid 15161] <... openat resumed>) = 3 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15163] <... set_robust_list resumed>) = 0 [pid 15162] <... set_robust_list resumed>) = 0 [pid 15161] write(3, "1000", 4 [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15162] memfd_create("syzkaller", 0 [pid 15161] <... write resumed>) = 4 [pid 15162] <... memfd_create resumed>) = 3 [pid 15161] close(3 [pid 15162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15161] <... close resumed>) = 0 [pid 15162] <... mmap resumed>) = 0x7f1c2a016000 [pid 15161] symlink("/dev/binderfs", "./binderfs" [pid 15160] <... ioctl resumed>) = 0 [pid 15159] <... ioctl resumed>) = 0 [pid 15157] <... clone resumed>, parent_tid=[15163], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15163 [pid 15156] <... futex resumed>) = 0 [pid 15160] close(3 [pid 15159] close(3 [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15160] <... close resumed>) = 0 [pid 15159] <... close resumed>) = 0 [pid 15157] <... futex resumed>) = 1 [pid 15160] mkdir("./bus", 0777 [pid 15159] mkdir("./bus", 0777 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15163] <... futex resumed>) = 0 [pid 15161] <... symlink resumed>) = 0 [pid 15160] <... mkdir resumed>) = 0 [pid 15159] <... mkdir resumed>) = 0 [pid 15149] <... openat resumed>) = 7 [pid 15163] memfd_create("syzkaller", 0 [pid 15160] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15163] <... memfd_create resumed>) = 3 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15161] <... futex resumed>) = 0 [pid 15149] <... futex resumed>) = 1 [pid 15148] <... futex resumed>) = 0 [pid 15163] <... mmap resumed>) = 0x7f1c2a016000 [pid 15161] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15149] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15148] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15162] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15162] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 15162] ioctl(4, LOOP_SET_FD, 3 [pid 15163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15148] <... futex resumed>) = 0 [pid 15149] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15161] <... mmap resumed>) = 0x7f1c32416000 [pid 15149] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15148] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15161] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15149] <... openat resumed>) = 8 [pid 15161] <... mprotect resumed>) = 0 [ 267.634885][T15149] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.641378][T15159] loop5: detected capacity change from 0 to 2048 [ 267.649171][T15149] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 267.655979][T15160] loop3: detected capacity change from 0 to 2048 [pid 15149] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15161] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15149] <... futex resumed>) = 1 [pid 15148] <... futex resumed>) = 0 [pid 15161] <... clone resumed>, parent_tid=[15165], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15165 [pid 15149] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15148] exit_group(0 [pid 15149] <... futex resumed>) = ? [pid 15148] <... exit_group resumed>) = ? [pid 15149] +++ exited with 0 +++ [pid 15162] <... ioctl resumed>) = 0 [pid 15162] close(3) = 0 [pid 15162] mkdir("./bus", 0777 [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15148] +++ exited with 0 +++ [pid 15161] <... futex resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15148, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] umount2("./539", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./539/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./539/binderfs") = 0 [pid 411] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15163] <... write resumed>) = 1048576 [pid 15163] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15163] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15165 attached [pid 15162] <... mkdir resumed>) = 0 [pid 15165] set_robust_list(0x7f1c324369e0, 24 [pid 15162] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15165] <... set_robust_list resumed>) = 0 [pid 15165] memfd_create("syzkaller", 0 [pid 15163] <... ioctl resumed>) = 0 [pid 15165] <... memfd_create resumed>) = 3 [pid 15163] close(3 [pid 15160] <... mount resumed>) = 0 [pid 15165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15163] <... close resumed>) = 0 [pid 15165] <... mmap resumed>) = 0x7f1c2a016000 [pid 15163] mkdir("./bus", 0777 [pid 15165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15163] <... mkdir resumed>) = 0 [ 267.681209][T15162] loop2: detected capacity change from 0 to 2048 [ 267.700355][T15163] loop0: detected capacity change from 0 to 2048 [ 267.708135][T15160] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/543/bus supports timestamps until 2038 (0x7fffffff) [pid 15163] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./539/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./539/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./539/bus") = 0 [pid 15159] <... mount resumed>) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./539") = 0 [pid 411] mkdir("./540", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15171 [pid 15165] <... write resumed>) = 1048576 [pid 15165] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15165] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15165] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15171 attached [pid 15162] <... mount resumed>) = 0 [pid 15160] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15159] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15171] set_robust_list(0x555555f755e0, 24 [pid 15160] <... openat resumed>) = 3 [pid 15159] <... openat resumed>) = 3 [pid 15171] <... set_robust_list resumed>) = 0 [pid 15160] chdir("./bus" [pid 15159] chdir("./bus" [pid 15171] chdir("./540" [pid 15160] <... chdir resumed>) = 0 [pid 15159] <... chdir resumed>) = 0 [pid 15171] <... chdir resumed>) = 0 [pid 15160] ioctl(4, LOOP_CLR_FD [pid 15159] ioctl(4, LOOP_CLR_FD [pid 15171] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15160] <... ioctl resumed>) = 0 [pid 15159] <... ioctl resumed>) = 0 [pid 15171] <... prctl resumed>) = 0 [pid 15160] close(4 [pid 15159] close(4 [pid 15171] setpgid(0, 0 [pid 15165] <... ioctl resumed>) = 0 [pid 15162] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15160] <... close resumed>) = 0 [pid 15159] <... close resumed>) = 0 [pid 15171] <... setpgid resumed>) = 0 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15159] <... futex resumed>) = 1 [pid 15171] <... openat resumed>) = 3 [pid 15159] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] write(3, "1000", 4) = 4 [pid 15171] close(3) = 0 [pid 15171] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15171] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15171] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15171] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15172], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15172 [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15165] close(3) = 0 [pid 15165] mkdir("./bus", 0777 [pid 15162] <... openat resumed>) = 3 [pid 15165] <... mkdir resumed>) = 0 [pid 15162] chdir("./bus") = 0 [pid 15162] ioctl(4, LOOP_CLR_FD) = 0 [pid 15162] close(4) = 0 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15165] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15158] <... futex resumed>) = 0 [pid 15156] <... futex resumed>) = 0 [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... futex resumed>) = 0 [pid 15158] <... futex resumed>) = 1 [pid 15160] <... futex resumed>) = 1 [pid 15159] chdir("./file0" [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] <... futex resumed>) = 0 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] chdir("./file0" [pid 15159] <... chdir resumed>) = 0 [pid 15160] <... chdir resumed>) = 0 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15158] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = 1 [pid 15159] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = 0 [pid 15160] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 15158] <... futex resumed>) = 0 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15160] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] <... futex resumed>) = 0 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] <... open resumed>) = 4 [pid 15159] <... open resumed>) = 4 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = 0 [pid 15160] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15159] <... futex resumed>) = 1 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15158] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15159] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = 0 [pid 15160] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15159] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15158] <... futex resumed>) = 0 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] <... openat resumed>) = 5 [pid 15159] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... openat resumed>) = 5 [pid 15160] <... futex resumed>) = 1 [pid 15155] <... futex resumed>) = 0 [pid 15160] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15160] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15159] <... futex resumed>) = 1 [pid 15158] <... futex resumed>) = 0 [pid 15155] <... futex resumed>) = 0 [pid 15160] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15159] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15172 attached [pid 15172] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15172] memfd_create("syzkaller", 0) = 3 [pid 15172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15160] <... write resumed>) = 196608 [pid 15158] <... futex resumed>) = 0 [pid 15159] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15159] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15162] <... futex resumed>) = 0 [pid 15162] chdir("./file0") = 0 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15156] <... futex resumed>) = 0 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15162] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... futex resumed>) = 1 [pid 15158] <... futex resumed>) = 0 [pid 15155] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = 1 [pid 15159] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15158] <... futex resumed>) = 0 [pid 15155] <... futex resumed>) = 0 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15159] <... mount resumed>) = 0 [pid 15160] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15160] <... mount resumed>) = 0 [pid 15159] <... futex resumed>) = 1 [pid 15158] <... futex resumed>) = 0 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = 1 [pid 15159] <... open resumed>) = 6 [pid 15158] <... futex resumed>) = 0 [pid 15160] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] <... futex resumed>) = 0 [pid 15160] <... open resumed>) = 6 [pid 15159] <... futex resumed>) = 0 [pid 15158] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15158] <... futex resumed>) = 0 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = 0 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15162] <... open resumed>) = 4 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15156] <... futex resumed>) = 0 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15162] <... futex resumed>) = 0 [pid 15162] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15156] <... futex resumed>) = 0 [pid 15162] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15172] <... write resumed>) = 1048576 [ 267.723977][T15159] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/537/bus supports timestamps until 2038 (0x7fffffff) [ 267.744328][T15162] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/534/bus supports timestamps until 2038 (0x7fffffff) [ 267.754119][T15165] loop1: detected capacity change from 0 to 2048 [pid 15172] munmap(0x7f1c2a016000, 1048576 [pid 15162] <... write resumed>) = 196608 [pid 15172] <... munmap resumed>) = 0 [pid 15165] <... mount resumed>) = 0 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15165] chdir("./bus") = 0 [pid 15165] ioctl(4, LOOP_CLR_FD) = 0 [pid 15165] close(4) = 0 [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15165] chdir("./file0" [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] <... chdir resumed>) = 0 [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15161] <... futex resumed>) = 0 [pid 15165] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15172] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 15172] ioctl(4, LOOP_SET_FD, 3 [pid 15162] <... futex resumed>) = 1 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15172] <... ioctl resumed>) = 0 [pid 15172] close(3) = 0 [pid 15172] mkdir("./bus", 0777 [pid 15156] <... futex resumed>) = 0 [pid 15172] <... mkdir resumed>) = 0 [pid 15172] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15165] <... open resumed>) = 4 [pid 15163] <... mount resumed>) = 0 [pid 15160] <... write resumed>) = 1048576 [pid 15159] <... write resumed>) = 1048576 [pid 15158] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] <... futex resumed>) = 1 [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] <... futex resumed>) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = 0 [pid 15159] <... futex resumed>) = 0 [pid 15158] <... futex resumed>) = 0 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] <... futex resumed>) = 0 [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [ 267.800460][T15165] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/539/bus supports timestamps until 2038 (0x7fffffff) [ 267.811415][T15163] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/534/bus supports timestamps until 2038 (0x7fffffff) [ 267.822507][T15172] loop4: detected capacity change from 0 to 2048 [pid 15160] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15159] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15163] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15162] <... futex resumed>) = 0 [pid 15161] <... futex resumed>) = 0 [pid 15163] <... openat resumed>) = 3 [pid 15162] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15163] chdir("./bus" [pid 15162] <... mount resumed>) = 0 [pid 15163] <... chdir resumed>) = 0 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] ioctl(4, LOOP_CLR_FD [pid 15162] <... futex resumed>) = 1 [pid 15163] <... ioctl resumed>) = 0 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15163] close(4) = 0 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15165] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15157] <... futex resumed>) = 0 [pid 15156] <... futex resumed>) = 0 [pid 15165] <... openat resumed>) = 5 [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] <... futex resumed>) = 0 [pid 15162] <... futex resumed>) = 0 [pid 15157] <... futex resumed>) = 1 [pid 15156] <... futex resumed>) = 1 [pid 15160] <... openat resumed>) = 7 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15160] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15165] <... futex resumed>) = 1 [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15163] chdir("./file0") = 0 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15162] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] <... futex resumed>) = 0 [pid 15157] <... futex resumed>) = 1 [pid 15163] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15163] <... open resumed>) = 4 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15157] <... futex resumed>) = 0 [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15161] <... futex resumed>) = 0 [pid 15157] <... futex resumed>) = 0 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15155] <... futex resumed>) = 0 [pid 15163] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15156] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15155] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... openat resumed>) = 7 [pid 15165] <... futex resumed>) = 0 [pid 15163] <... openat resumed>) = 5 [pid 15161] <... futex resumed>) = 1 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15155] <... futex resumed>) = 1 [pid 15165] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15159] <... futex resumed>) = 1 [pid 15158] <... futex resumed>) = 0 [pid 15156] <... futex resumed>) = 1 [pid 15155] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] <... write resumed>) = 196608 [pid 15159] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15158] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15158] <... futex resumed>) = 0 [pid 15165] <... futex resumed>) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15159] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15158] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... openat resumed>) = 8 [pid 15165] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15161] <... futex resumed>) = 0 [pid 15159] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15159] <... futex resumed>) = 1 [pid 15158] <... futex resumed>) = 0 [pid 15165] <... mount resumed>) = 0 [pid 15159] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15158] exit_group(0 [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15159] <... futex resumed>) = ? [pid 15158] <... exit_group resumed>) = ? [pid 15165] <... futex resumed>) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15159] +++ exited with 0 +++ [pid 15158] +++ exited with 0 +++ [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15161] <... futex resumed>) = 0 [pid 15165] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] <... open resumed>) = 6 [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15161] <... futex resumed>) = 0 [pid 15165] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15172] <... mount resumed>) = 0 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15162] <... futex resumed>) = 0 [pid 15160] <... futex resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15158, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 15163] <... futex resumed>) = 1 [pid 15162] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15157] <... futex resumed>) = 0 [pid 15172] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15160] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 267.842109][T15160] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.856504][T15159] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.870812][T15160] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 267.874659][T15159] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 267.889412][T15172] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/540/bus supports timestamps until 2038 (0x7fffffff) [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15163] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15163] <... write resumed>) = 196608 [pid 412] umount2("./537", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15160] <... openat resumed>) = 8 [pid 15163] <... futex resumed>) = 1 [pid 15160] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15157] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... openat resumed>) = 3 [pid 15163] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 412] fstat(3, [pid 15160] <... futex resumed>) = 1 [pid 15155] <... futex resumed>) = 0 [pid 15163] <... mount resumed>) = 0 [pid 15160] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15155] exit_group(0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15165] <... write resumed>) = 1048576 [pid 15155] <... exit_group resumed>) = ? [pid 412] getdents64(3, [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15161] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15172] <... openat resumed>) = 3 [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15172] chdir("./bus") = 0 [pid 15172] ioctl(4, LOOP_CLR_FD) = 0 [pid 15172] close(4) = 0 [pid 15165] <... futex resumed>) = 0 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15161] <... futex resumed>) = 1 [pid 15160] <... futex resumed>) = ? [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15163] <... futex resumed>) = 1 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15160] +++ exited with 0 +++ [pid 15155] +++ exited with 0 +++ [pid 412] lstat("./537/binderfs", [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./537/binderfs" [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15155, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... unlink resumed>) = 0 [pid 410] umount2("./543", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15172] <... futex resumed>) = 1 [pid 15171] <... futex resumed>) = 0 [pid 412] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] openat(AT_FDCWD, "./543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15172] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15157] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 15172] chdir("./file0" [pid 410] fstat(3, [pid 15172] <... chdir resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] getdents64(3, [pid 15172] <... futex resumed>) = 0 [pid 15171] <... futex resumed>) = 0 [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15163] <... futex resumed>) = 0 [pid 15157] <... futex resumed>) = 1 [pid 410] umount2("./543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15171] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15163] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15156] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] <... open resumed>) = 6 [pid 15156] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] lstat("./543/binderfs", [pid 15172] <... futex resumed>) = 0 [pid 15171] <... futex resumed>) = 1 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15172] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15163] <... futex resumed>) = 1 [pid 15157] <... futex resumed>) = 0 [pid 15156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 410] unlink("./543/binderfs" [pid 15172] <... open resumed>) = 4 [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 410] <... unlink resumed>) = 0 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15157] <... futex resumed>) = 0 [pid 15156] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 410] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15172] <... futex resumed>) = 1 [pid 15171] <... futex resumed>) = 0 [pid 15163] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15156] <... mprotect resumed>) = 0 [pid 15156] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15179], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15179 [pid 15156] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15156] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15162] <... write resumed>) = 1048576 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15172] <... futex resumed>) = 0 [pid 15171] <... futex resumed>) = 1 [pid 15172] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15172] <... openat resumed>) = 5 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15171] <... futex resumed>) = 0 [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15172] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15171] <... futex resumed>) = 0 [pid 15172] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15179 attached [pid 15172] <... write resumed>) = 196608 [pid 15165] <... openat resumed>) = 7 [pid 15179] set_robust_list(0x7f1c2a1159e0, 24 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15179] <... set_robust_list resumed>) = 0 [pid 15172] <... futex resumed>) = 1 [pid 15171] <... futex resumed>) = 0 [pid 15165] <... futex resumed>) = 1 [pid 15161] <... futex resumed>) = 0 [pid 15179] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15161] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15172] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15171] <... futex resumed>) = 0 [pid 15165] <... openat resumed>) = 8 [pid 15161] <... futex resumed>) = 0 [ 267.927226][T15165] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 267.946325][T15165] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 267.959089][T15179] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15163] <... write resumed>) = 1048576 [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15157] <... futex resumed>) = 0 [pid 15157] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15157] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15163] <... futex resumed>) = 1 [pid 15163] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15172] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15165] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15161] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15172] <... mount resumed>) = 0 [pid 15165] <... futex resumed>) = 0 [pid 15161] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15161] exit_group(0 [pid 15172] <... futex resumed>) = 1 [pid 15171] <... futex resumed>) = 0 [pid 15165] <... futex resumed>) = ? [pid 15161] <... exit_group resumed>) = ? [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15165] +++ exited with 0 +++ [pid 15161] +++ exited with 0 +++ [pid 15172] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15171] <... futex resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15161, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 15172] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 15172] <... open resumed>) = 6 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15171] <... futex resumed>) = 0 [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15172] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15171] <... futex resumed>) = 0 [pid 15172] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... restart_syscall resumed>) = 0 [pid 408] umount2("./539", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./539/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./539/binderfs") = 0 [pid 408] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15179] <... openat resumed>) = 7 [pid 15179] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15156] <... futex resumed>) = 0 [pid 15156] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15162] <... futex resumed>) = 0 [pid 15156] <... futex resumed>) = 1 [pid 15162] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15156] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15162] <... openat resumed>) = 8 [pid 15162] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15156] <... futex resumed>) = 0 [pid 15162] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15156] exit_group(0 [pid 15162] <... futex resumed>) = ? [pid 15156] <... exit_group resumed>) = ? [pid 15162] +++ exited with 0 +++ [pid 15179] <... futex resumed>) = ? [pid 15179] +++ exited with 0 +++ [pid 15156] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15156, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./534", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./534/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./534/binderfs") = 0 [pid 409] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = 0 [pid 15172] <... write resumed>) = 1048576 [pid 412] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./537/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15171] <... futex resumed>) = 0 [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./537/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15172] <... futex resumed>) = 1 [pid 15172] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... openat resumed>) = 4 [ 267.973162][T15179] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 267.980909][T15163] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.003237][T15163] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 412] fstat(4, [pid 15157] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 15157] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(4, [pid 15157] <... futex resumed>) = 0 [pid 410] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15157] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15157] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 412] getdents64(4, [pid 15157] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15157] <... mprotect resumed>) = 0 [pid 412] close(4 [pid 15157] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] <... close resumed>) = 0 [pid 412] rmdir("./537/bus" [pid 15157] <... clone resumed>, parent_tid=[15180], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15180 [pid 15157] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... rmdir resumed>) = 0 [pid 15157] <... futex resumed>) = 0 [pid 412] getdents64(3, [pid 15157] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./537"./strace-static-x86_64: Process 15180 attached [pid 15163] <... openat resumed>) = 7 [pid 412] <... rmdir resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] mkdir("./538", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15181 [pid 410] lstat("./543/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./543/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./543/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./543") = 0 [pid 410] mkdir("./544", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15163] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 15163] <... futex resumed>) = 0 [pid 15163] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15180] set_robust_list(0x7f1c2a1159e0, 24 [pid 15172] <... openat resumed>) = 7 ./strace-static-x86_64: Process 15182 attached ./strace-static-x86_64: Process 15181 attached [pid 15182] set_robust_list(0x555555f755e0, 24 [pid 15180] <... set_robust_list resumed>) = 0 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15182 [pid 15180] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15172] <... futex resumed>) = 1 [pid 15171] <... futex resumed>) = 0 [pid 15180] <... openat resumed>) = 8 [pid 15172] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15171] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15180] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15172] <... openat resumed>) = 8 [pid 15171] <... futex resumed>) = 0 [pid 15180] <... futex resumed>) = 1 [pid 15172] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15171] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15157] <... futex resumed>) = 0 [pid 15180] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15172] <... futex resumed>) = 0 [pid 15171] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15157] exit_group(0 [pid 15180] <... futex resumed>) = ? [pid 15172] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15171] exit_group(0 [pid 15163] <... futex resumed>) = ? [pid 15157] <... exit_group resumed>) = ? [pid 15180] +++ exited with 0 +++ [pid 15172] <... futex resumed>) = ? [pid 15171] <... exit_group resumed>) = ? [pid 15172] +++ exited with 0 +++ [pid 15171] +++ exited with 0 +++ [pid 15163] +++ exited with 0 +++ [pid 15157] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15171, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15157, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 411] <... restart_syscall resumed>) = 0 [pid 407] <... restart_syscall resumed>) = 0 [pid 411] umount2("./540", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] umount2("./534", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] openat(AT_FDCWD, "./540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... openat resumed>) = 3 [pid 407] openat(AT_FDCWD, "./534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] fstat(3, [pid 407] <... openat resumed>) = 3 [pid 15182] <... set_robust_list resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] fstat(3, [pid 15182] chdir("./544" [pid 411] getdents64(3, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15182] <... chdir resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] getdents64(3, [pid 15182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 411] umount2("./540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15182] <... prctl resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15182] setpgid(0, 0 [pid 411] lstat("./540/binderfs", [pid 408] <... umount2 resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15182] <... setpgid resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] lstat("./534/binderfs", [pid 15182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 411] unlink("./540/binderfs" [pid 408] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15182] <... openat resumed>) = 3 [pid 411] <... unlink resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] unlink("./534/binderfs" [pid 15182] write(3, "1000", 4 [pid 411] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] lstat("./539/bus", [pid 407] <... unlink resumed>) = 0 [pid 15182] <... write resumed>) = 4 [pid 15181] set_robust_list(0x555555f755e0, 24 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15182] close(3 [pid 409] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15182] <... close resumed>) = 0 [pid 15181] <... set_robust_list resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] chdir("./538" [pid 408] openat(AT_FDCWD, "./539/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15181] <... chdir resumed>) = 0 [pid 408] <... openat resumed>) = 4 [pid 15182] <... mmap resumed>) = 0x7f1c32416000 [pid 15181] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 408] fstat(4, [pid 15182] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15181] <... prctl resumed>) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15182] <... mprotect resumed>) = 0 [pid 15181] setpgid(0, 0 [pid 408] getdents64(4, [pid 15182] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15181] <... setpgid resumed>) = 0 [pid 409] lstat("./534/bus", [pid 15181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15182] <... clone resumed>, parent_tid=[15183], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15183 [pid 15181] <... openat resumed>) = 3 [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] write(3, "1000", 4 [pid 15182] <... futex resumed>) = 0 [pid 15181] <... write resumed>) = 4 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15181] close(3) = 0 [pid 15181] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15181] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15181] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15184], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15184 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15184 attached [pid 15184] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15184] memfd_create("syzkaller", 0) = 3 [pid 15184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] rmdir("./539/bus") = 0 [pid 409] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] close(3) = 0 [pid 409] openat(AT_FDCWD, "./534/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] rmdir("./539") = 0 [pid 408] mkdir("./540", 0777 [pid 409] <... openat resumed>) = 4 [pid 408] <... mkdir resumed>) = 0 [pid 409] fstat(4, [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] getdents64(4, [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15186 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./534/bus") = 0 ./strace-static-x86_64: Process 15186 attached [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./534") = 0 [pid 409] mkdir("./535", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 15183 attached [pid 15186] set_robust_list(0x555555f755e0, 24 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15186] <... set_robust_list resumed>) = 0 [pid 15183] set_robust_list(0x7f1c324369e0, 24 [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15187 [pid 15183] <... set_robust_list resumed>) = 0 [pid 15183] memfd_create("syzkaller", 0 [pid 15186] chdir("./540") = 0 [pid 15186] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15183] <... memfd_create resumed>) = 3 [pid 15186] <... prctl resumed>) = 0 [pid 15183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15186] setpgid(0, 0 [pid 15183] <... mmap resumed>) = 0x7f1c2a016000 [pid 15186] <... setpgid resumed>) = 0 [pid 15184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15186] write(3, "1000", 4) = 4 [pid 15186] close(3./strace-static-x86_64: Process 15187 attached [pid 15187] set_robust_list(0x555555f755e0, 24) = 0 [pid 15187] chdir("./535" [pid 15186] <... close resumed>) = 0 [pid 15186] symlink("/dev/binderfs", "./binderfs" [pid 15187] <... chdir resumed>) = 0 [pid 15187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15187] setpgid(0, 0) = 0 [pid 15187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15186] <... symlink resumed>) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15187] <... openat resumed>) = 3 [pid 15187] write(3, "1000", 4) = 4 [pid 15187] close(3) = 0 [pid 15186] <... futex resumed>) = 0 [pid 15186] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15186] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15187] symlink("/dev/binderfs", "./binderfs" [pid 15186] <... mprotect resumed>) = 0 [pid 15186] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15187] <... symlink resumed>) = 0 [pid 15186] <... clone resumed>, parent_tid=[15188], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15188 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15187] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15187] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15187] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15189], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15189 [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15184] <... write resumed>) = 1048576 [pid 15184] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15184] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 268.016553][T15172] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.033475][T15172] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 15184] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15189 attached ./strace-static-x86_64: Process 15188 attached [pid 15183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15188] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15188] memfd_create("syzkaller", 0) = 3 [pid 15188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15189] set_robust_list(0x7f1c324369e0, 24 [pid 15188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15184] <... ioctl resumed>) = 0 [pid 15189] <... set_robust_list resumed>) = 0 [pid 15184] close(3 [pid 15183] <... write resumed>) = 1048576 [pid 15189] memfd_create("syzkaller", 0 [pid 15184] <... close resumed>) = 0 [pid 15183] munmap(0x7f1c2a016000, 1048576 [pid 15189] <... memfd_create resumed>) = 3 [pid 15184] mkdir("./bus", 0777 [pid 15183] <... munmap resumed>) = 0 [pid 15189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15184] <... mkdir resumed>) = 0 [pid 15183] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15188] <... write resumed>) = 1048576 [pid 15184] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15183] <... openat resumed>) = 4 [pid 15183] ioctl(4, LOOP_SET_FD, 3 [pid 15188] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15188] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15188] ioctl(4, LOOP_SET_FD, 3 [pid 15189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15183] <... ioctl resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./540/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./540/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./540/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./540") = 0 [pid 411] mkdir("./541", 0777) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 15188] <... ioctl resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 407] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15189] <... write resumed>) = 1048576 [pid 15188] close(3 [pid 15183] close(3 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15192 [pid 407] lstat("./534/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./534/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./534/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./534/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./534") = 0 [pid 407] mkdir("./535", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15193 [pid 15188] <... close resumed>) = 0 [pid 15188] mkdir("./bus", 0777) = 0 [pid 15188] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15189] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15189] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 268.083940][T15184] loop5: detected capacity change from 0 to 2048 [ 268.098221][T15183] loop3: detected capacity change from 0 to 2048 [ 268.099932][T15188] loop1: detected capacity change from 0 to 2048 [ 268.118073][T15184] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/538/bus supports timestamps until 2038 (0x7fffffff) [pid 15189] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15189] close(3) = 0 [pid 15189] mkdir("./bus", 0777) = 0 [pid 15189] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15192 attached [pid 15192] set_robust_list(0x555555f755e0, 24) = 0 [pid 15192] chdir("./541") = 0 [pid 15192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15192] setpgid(0, 0) = 0 [pid 15192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15192] write(3, "1000", 4) = 4 [pid 15192] close(3) = 0 [pid 15192] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15183] <... close resumed>) = 0 [pid 15183] mkdir("./bus", 0777 [pid 15192] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15183] <... mkdir resumed>) = 0 [pid 15183] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15192] <... mmap resumed>) = 0x7f1c32416000 [pid 15192] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15192] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15195], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15195 [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15195 attached [pid 15195] set_robust_list(0x7f1c324369e0, 24./strace-static-x86_64: Process 15193 attached ) = 0 [pid 15193] set_robust_list(0x555555f755e0, 24) = 0 [pid 15193] chdir("./535") = 0 [pid 15193] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15193] setpgid(0, 0) = 0 [pid 15193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15193] write(3, "1000", 4) = 4 [pid 15193] close(3) = 0 [pid 15193] symlink("/dev/binderfs", "./binderfs" [pid 15195] memfd_create("syzkaller", 0) = 3 [pid 15193] <... symlink resumed>) = 0 [pid 15195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15195] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15195] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 15195] ioctl(4, LOOP_SET_FD, 3 [pid 15193] <... futex resumed>) = 0 [pid 15193] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15195] <... ioctl resumed>) = 0 [pid 15188] <... mount resumed>) = 0 [pid 15184] <... mount resumed>) = 0 [pid 15195] close(3 [pid 15184] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15195] <... close resumed>) = 0 [pid 15184] <... openat resumed>) = 3 [pid 15195] mkdir("./bus", 0777 [pid 15184] chdir("./bus" [pid 15195] <... mkdir resumed>) = 0 [pid 15184] <... chdir resumed>) = 0 [pid 15195] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15184] ioctl(4, LOOP_CLR_FD) = 0 [pid 15184] close(4) = 0 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15184] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15188] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15188] chdir("./bus") = 0 [pid 15188] ioctl(4, LOOP_CLR_FD) = 0 [pid 15188] close(4) = 0 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15188] <... futex resumed>) = 1 [pid 15188] chdir("./file0") = 0 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15188] <... futex resumed>) = 1 [pid 15188] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15181] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15184] <... futex resumed>) = 0 [pid 15181] <... futex resumed>) = 1 [pid 15184] chdir("./file0" [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] <... chdir resumed>) = 0 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15181] <... futex resumed>) = 0 [pid 15184] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15184] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15181] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] <... open resumed>) = 4 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15181] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15184] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] <... openat resumed>) = 5 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15181] <... futex resumed>) = 0 [pid 15184] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] <... write resumed>) = 196608 [pid 15189] <... mount resumed>) = 0 [pid 15189] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15189] chdir("./bus") = 0 [pid 15189] ioctl(4, LOOP_CLR_FD) = 0 [pid 15189] close(4) = 0 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15188] <... open resumed>) = 4 [pid 15187] <... futex resumed>) = 0 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] <... futex resumed>) = 1 [pid 15187] <... futex resumed>) = 0 [pid 15186] <... futex resumed>) = 0 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15186] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15189] chdir("./file0" [pid 15188] <... openat resumed>) = 5 [pid 15189] <... chdir resumed>) = 0 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15187] <... futex resumed>) = 0 [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15189] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15188] <... futex resumed>) = 1 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15193] <... mmap resumed>) = 0x7f1c32416000 [pid 15193] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15193] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15188] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15193] <... clone resumed>, parent_tid=[15202], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15202 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15181] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15188] <... write resumed>) = 196608 [pid 15184] <... mount resumed>) = 0 [ 268.127336][T15189] loop2: detected capacity change from 0 to 2048 [ 268.151253][T15188] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/540/bus supports timestamps until 2038 (0x7fffffff) [ 268.160333][T15195] loop4: detected capacity change from 0 to 2048 [ 268.170605][T15189] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/535/bus supports timestamps until 2038 (0x7fffffff) [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15181] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15181] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15189] <... open resumed>) = 4 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15187] <... futex resumed>) = 0 [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15189] <... futex resumed>) = 0 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15189] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15187] <... futex resumed>) = 0 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15189] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15187] <... futex resumed>) = 0 [pid 15189] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 15202 attached [pid 15202] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15202] memfd_create("syzkaller", 0) = 3 [pid 15202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15202] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15202] ioctl(4, LOOP_SET_FD, 3 [pid 15189] <... write resumed>) = 196608 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15189] <... futex resumed>) = 1 [pid 15188] <... futex resumed>) = 0 [pid 15187] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15188] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15189] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15187] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15188] <... mount resumed>) = 0 [pid 15189] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] <... write resumed>) = 1048576 [pid 15181] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15189] <... mount resumed>) = 0 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] <... futex resumed>) = 1 [pid 15186] <... futex resumed>) = 0 [pid 15184] <... futex resumed>) = 0 [pid 15181] <... futex resumed>) = 0 [pid 15189] <... futex resumed>) = 1 [pid 15188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15187] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15184] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15181] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15202] <... ioctl resumed>) = 0 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15188] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15181] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15202] close(3 [pid 15189] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15188] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15187] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] <... mount resumed>) = 0 [pid 15181] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15189] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15188] <... open resumed>) = 6 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15181] <... mprotect resumed>) = 0 [pid 15189] <... open resumed>) = 6 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] <... futex resumed>) = 1 [pid 15186] <... futex resumed>) = 0 [pid 15189] <... futex resumed>) = 1 [pid 15188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15187] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] <... clone resumed>, parent_tid=[15204], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15204 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15188] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15204 attached [pid 15202] <... close resumed>) = 0 [pid 15195] <... mount resumed>) = 0 [pid 15189] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15188] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15187] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15181] <... futex resumed>) = 0 [pid 15204] set_robust_list(0x7f1c2a1159e0, 24 [pid 15202] mkdir("./bus", 0777 [pid 15195] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15183] <... openat resumed>) = 3 [pid 15204] <... set_robust_list resumed>) = 0 [pid 15202] <... mkdir resumed>) = 0 [pid 15195] <... openat resumed>) = 3 [pid 15183] chdir("./bus" [pid 15204] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 268.219825][T15183] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/544/bus supports timestamps until 2038 (0x7fffffff) [ 268.241213][T15195] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/541/bus supports timestamps until 2038 (0x7fffffff) [ 268.246606][T15202] loop0: detected capacity change from 0 to 2048 [pid 15202] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15195] chdir("./bus" [pid 15189] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] <... chdir resumed>) = 0 [pid 15181] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] <... chdir resumed>) = 0 [pid 15183] ioctl(4, LOOP_CLR_FD [pid 15195] ioctl(4, LOOP_CLR_FD [pid 15183] <... ioctl resumed>) = 0 [pid 15195] <... ioctl resumed>) = 0 [pid 15183] close(4 [pid 15195] close(4 [pid 15183] <... close resumed>) = 0 [pid 15195] <... close resumed>) = 0 [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] <... futex resumed>) = 1 [pid 15195] <... futex resumed>) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15183] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15182] <... futex resumed>) = 0 [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15192] <... futex resumed>) = 0 [pid 15195] chdir("./file0" [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... chdir resumed>) = 0 [pid 15182] <... futex resumed>) = 1 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] <... futex resumed>) = 0 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] <... futex resumed>) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15183] chdir("./file0" [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15192] <... futex resumed>) = 0 [pid 15183] <... chdir resumed>) = 0 [pid 15195] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... open resumed>) = 4 [pid 15183] <... futex resumed>) = 1 [pid 15182] <... futex resumed>) = 0 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... futex resumed>) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15183] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15182] <... futex resumed>) = 0 [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15192] <... futex resumed>) = 0 [pid 15188] <... write resumed>) = 1048576 [pid 15195] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] <... open resumed>) = 4 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... openat resumed>) = 5 [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] <... futex resumed>) = 1 [pid 15186] <... futex resumed>) = 0 [pid 15183] <... futex resumed>) = 1 [pid 15182] <... futex resumed>) = 0 [pid 15195] <... futex resumed>) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15188] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = 0 [pid 15183] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15182] <... futex resumed>) = 0 [pid 15195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15192] <... futex resumed>) = 0 [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15183] <... openat resumed>) = 5 [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... write resumed>) = 196608 [pid 15183] <... futex resumed>) = 1 [pid 15182] <... futex resumed>) = 0 [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15182] <... futex resumed>) = 0 [ 268.281573][T15204] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... mount resumed>) = 0 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15189] <... write resumed>) = 1048576 [pid 15188] <... openat resumed>) = 7 [pid 15183] <... write resumed>) = 196608 [pid 15195] <... futex resumed>) = 1 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15188] <... futex resumed>) = 1 [pid 15188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15202] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15202] chdir("./bus") = 0 [pid 15202] ioctl(4, LOOP_CLR_FD) = 0 [pid 15202] close(4) = 0 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [pid 15202] chdir("./file0" [pid 15204] <... openat resumed>) = 7 [pid 15202] <... chdir resumed>) = 0 [pid 15192] <... futex resumed>) = 0 [pid 15187] <... futex resumed>) = 0 [pid 15186] <... futex resumed>) = 0 [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] <... futex resumed>) = 1 [pid 15182] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... futex resumed>) = 0 [pid 15192] <... futex resumed>) = 1 [pid 15189] <... futex resumed>) = 0 [pid 15188] <... futex resumed>) = 0 [pid 15187] <... futex resumed>) = 1 [pid 15186] <... futex resumed>) = 1 [pid 15184] <... futex resumed>) = 0 [pid 15183] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] <... futex resumed>) = 1 [pid 15195] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15189] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15188] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15186] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15183] <... mount resumed>) = 0 [pid 15182] <... futex resumed>) = 0 [pid 15181] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15188] <... openat resumed>) = 8 [pid 15204] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] <... mount resumed>) = 0 [pid 15188] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15184] <... openat resumed>) = 8 [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15188] <... futex resumed>) = 0 [pid 15188] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15204] <... futex resumed>) = 0 [pid 15204] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [pid 15202] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [pid 15202] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [ 268.325869][T15188] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.327957][T15202] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/535/bus supports timestamps until 2038 (0x7fffffff) [ 268.339872][T15188] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 268.352156][T15204] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 15202] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [pid 15202] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [pid 15202] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] <... futex resumed>) = 1 [pid 15202] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15182] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15186] exit_group(0 [pid 15184] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15186] <... exit_group resumed>) = ? [pid 15183] <... futex resumed>) = 0 [pid 15195] <... futex resumed>) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15184] <... futex resumed>) = 1 [pid 15182] <... futex resumed>) = 0 [pid 15181] <... futex resumed>) = 0 [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15181] exit_group(0 [pid 15192] <... futex resumed>) = 0 [pid 15184] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15204] <... futex resumed>) = ? [pid 15195] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15184] <... futex resumed>) = ? [pid 15183] <... open resumed>) = 6 [pid 15181] <... exit_group resumed>) = ? [pid 15204] +++ exited with 0 +++ [pid 15195] <... open resumed>) = 6 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15188] <... futex resumed>) = ? [pid 15184] +++ exited with 0 +++ [pid 15195] <... futex resumed>) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15188] +++ exited with 0 +++ [pid 15186] +++ exited with 0 +++ [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15181] +++ exited with 0 +++ [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] <... futex resumed>) = 1 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15181, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15186, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15192] <... futex resumed>) = 0 [pid 15182] <... futex resumed>) = 0 [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15182] <... futex resumed>) = 0 [pid 15195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./540", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./540/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./540/binderfs") = 0 [pid 408] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./538", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./538/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./538/binderfs") = 0 [pid 412] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15183] <... write resumed>) = 1048576 [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15183] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15182] <... futex resumed>) = 0 [pid 15182] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15182] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15189] <... openat resumed>) = 7 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15187] <... futex resumed>) = 0 [pid 15187] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15189] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15187] <... futex resumed>) = 0 [pid 15187] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15189] <... openat resumed>) = 8 [pid 15189] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15187] <... futex resumed>) = 0 [pid 15189] <... futex resumed>) = 1 [pid 15189] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15187] exit_group(0) = ? [pid 15189] <... futex resumed>) = ? [pid 15202] <... write resumed>) = 1048576 [pid 15195] <... write resumed>) = 1048576 [pid 15189] +++ exited with 0 +++ [pid 15187] +++ exited with 0 +++ [pid 15183] <... futex resumed>) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15187, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] umount2("./535", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./535/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./535/binderfs" [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15183] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 409] <... unlink resumed>) = 0 [pid 409] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15202] <... futex resumed>) = 1 [pid 15193] <... futex resumed>) = 0 [pid 15193] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15202] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15192] <... futex resumed>) = 0 [pid 15192] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 268.372472][T15189] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.387085][T15189] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 268.431962][T15183] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.433114][T15202] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.447329][T15195] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.460575][T15183] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15192] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] <... futex resumed>) = 1 [pid 15195] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15193] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15192] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15182] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15193] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15192] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15182] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15193] <... futex resumed>) = 0 [pid 15192] <... futex resumed>) = 0 [pid 15182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15193] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15192] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15193] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15182] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15192] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15193] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15182] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15192] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15193] <... mprotect resumed>) = 0 [pid 15182] <... mprotect resumed>) = 0 [pid 15192] <... mprotect resumed>) = 0 [pid 15193] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15182] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15192] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 15207 attached [pid 15207] set_robust_list(0x7f1c2a1159e0, 24 [pid 15182] <... clone resumed>, parent_tid=[15208], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15208 [pid 15192] <... clone resumed>, parent_tid=[15209], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15209 [pid 15193] <... clone resumed>, parent_tid=[15207], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15207 [pid 15182] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15193] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15192] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15182] <... futex resumed>) = 0 [pid 15193] <... futex resumed>) = 0 [pid 15192] <... futex resumed>) = 0 [pid 15182] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15193] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15192] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15195] <... openat resumed>) = 7 [pid 15195] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15195] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15207] <... set_robust_list resumed>) = 0 [pid 15207] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 15209 attached [pid 15209] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15209] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15209] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15192] <... futex resumed>) = 0 [pid 15209] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15192] exit_group(0) = ? [pid 15209] <... futex resumed>) = ? [pid 15195] <... futex resumed>) = ? [pid 15209] +++ exited with 0 +++ [pid 15195] +++ exited with 0 +++ [pid 15192] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15192, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] umount2("./541", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = 0 [pid 412] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./538/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./538/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./538/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./538") = 0 [pid 412] mkdir("./539", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15210 ./strace-static-x86_64: Process 15210 attached [pid 15210] set_robust_list(0x555555f755e0, 24) = 0 [pid 15210] chdir("./539") = 0 [pid 15210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15210] setpgid(0, 0) = 0 [pid 15210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15210] write(3, "1000", 4) = 4 [pid 15210] close(3) = 0 [pid 15210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15210] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15210] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15210] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15183] <... openat resumed>) = 7 [pid 411] openat(AT_FDCWD, "./541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15183] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 3 [pid 15210] <... clone resumed>, parent_tid=[15211], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15211 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15211 attached [pid 15211] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15211] memfd_create("syzkaller", 0) = 3 [pid 15211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15183] <... futex resumed>) = 0 [pid 15183] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./541/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./541/binderfs") = 0 [pid 411] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./540/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./540/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./540/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./540") = 0 [pid 408] mkdir("./541", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15212 [pid 15211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15211] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15211] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 268.473844][T15195] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 268.494614][T15202] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 15211] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15212 attached ./strace-static-x86_64: Process 15208 attached [pid 15202] <... openat resumed>) = 7 [pid 15208] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15208] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15208] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15182] <... futex resumed>) = 0 [pid 15182] exit_group(0 [pid 15183] <... futex resumed>) = ? [pid 15182] <... exit_group resumed>) = ? [pid 15183] +++ exited with 0 +++ [pid 15208] <... futex resumed>) = ? [pid 15208] +++ exited with 0 +++ [pid 15182] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15182, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 410] umount2("./544", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./544/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./544/binderfs") = 0 [pid 410] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15212] set_robust_list(0x555555f755e0, 24 [pid 15211] <... ioctl resumed>) = 0 [pid 15207] <... openat resumed>) = 8 [pid 15202] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = 0 [pid 15207] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15212] <... set_robust_list resumed>) = 0 [pid 15211] close(3 [pid 15207] <... futex resumed>) = 1 [pid 15202] <... futex resumed>) = 0 [pid 15193] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15207] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15193] exit_group(0 [pid 409] lstat("./535/bus", [pid 15207] <... futex resumed>) = ? [pid 15193] <... exit_group resumed>) = ? [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15207] +++ exited with 0 +++ [pid 409] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./535/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./535/bus" [pid 15212] chdir("./541" [pid 409] <... rmdir resumed>) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./535" [pid 15212] <... chdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 409] mkdir("./536", 0777 [pid 15212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 15212] setpgid(0, 0 [pid 15211] <... close resumed>) = 0 [pid 15202] +++ exited with 0 +++ [pid 15193] +++ exited with 0 +++ [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15213 [pid 15211] mkdir("./bus", 0777 [pid 15212] <... setpgid resumed>) = 0 [pid 15212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15211] <... mkdir resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 15212] <... openat resumed>) = 3 [pid 15212] write(3, "1000", 4) = 4 [pid 15211] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15212] close(3) = 0 [pid 15212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 411] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15193, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./541/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] umount2("./535", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] openat(AT_FDCWD, "./541/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... openat resumed>) = 4 [pid 407] openat(AT_FDCWD, "./535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] fstat(4, [pid 407] <... openat resumed>) = 3 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] fstat(3, [pid 411] getdents64(4, [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(3, [pid 411] getdents64(4, [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15212] <... futex resumed>) = 0 [pid 411] close(4 [pid 407] umount2("./535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15212] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... close resumed>) = 0 [pid 407] lstat("./535/binderfs", [pid 15212] <... mmap resumed>) = 0x7f1c32416000 [pid 411] rmdir("./541/bus" [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15212] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 407] unlink("./535/binderfs" [pid 15212] <... mprotect resumed>) = 0 [pid 411] <... rmdir resumed>) = 0 [pid 15212] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] getdents64(3, [pid 407] <... unlink resumed>) = 0 [pid 407] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15212] <... clone resumed>, parent_tid=[15214], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15214 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15214 attached [pid 411] close(3 [pid 15214] set_robust_list(0x7f1c324369e0, 24 [pid 411] <... close resumed>) = 0 [pid 15214] <... set_robust_list resumed>) = 0 [pid 15214] memfd_create("syzkaller", 0) = 3 [pid 15214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] rmdir("./541") = 0 [pid 411] mkdir("./542", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15215 ./strace-static-x86_64: Process 15213 attached [pid 15213] set_robust_list(0x555555f755e0, 24./strace-static-x86_64: Process 15215 attached ) = 0 [pid 15213] chdir("./536" [pid 15215] set_robust_list(0x555555f755e0, 24 [pid 15213] <... chdir resumed>) = 0 [pid 15213] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15213] setpgid(0, 0 [pid 15215] <... set_robust_list resumed>) = 0 [pid 15215] chdir("./542") = 0 [pid 15213] <... setpgid resumed>) = 0 [pid 15213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15215] setpgid(0, 0) = 0 [pid 15215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15215] write(3, "1000", 4) = 4 [pid 15214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15215] close(3) = 0 [pid 15215] symlink("/dev/binderfs", "./binderfs" [pid 15213] write(3, "1000", 4 [pid 15215] <... symlink resumed>) = 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15213] <... write resumed>) = 4 [pid 15215] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15213] close(3 [pid 15215] <... mmap resumed>) = 0x7f1c32416000 [pid 15213] <... close resumed>) = 0 [pid 15215] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15213] symlink("/dev/binderfs", "./binderfs" [pid 15215] <... mprotect resumed>) = 0 [pid 15213] <... symlink resumed>) = 0 [pid 15215] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15215] <... clone resumed>, parent_tid=[15218], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15218 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15213] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15213] <... mmap resumed>) = 0x7f1c32416000 [pid 15213] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15214] <... write resumed>) = 1048576 [pid 15213] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15219], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15219 [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15219 attached [ 268.523861][T15211] loop5: detected capacity change from 0 to 2048 [pid 15219] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15219] memfd_create("syzkaller", 0) = 3 [pid 15219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 15218 attached [pid 15218] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15218] memfd_create("syzkaller", 0) = 3 [pid 15218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] <... umount2 resumed>) = 0 [pid 15214] munmap(0x7f1c2a016000, 1048576 [pid 410] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15214] <... munmap resumed>) = 0 [pid 15211] <... mount resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15214] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 410] lstat("./544/bus", [pid 15211] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15214] <... openat resumed>) = 4 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15214] ioctl(4, LOOP_SET_FD, 3 [pid 15211] <... openat resumed>) = 3 [pid 410] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15219] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15211] chdir("./bus" [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./544/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15211] <... chdir resumed>) = 0 [pid 15211] ioctl(4, LOOP_CLR_FD [pid 410] <... openat resumed>) = 4 [pid 15211] <... ioctl resumed>) = 0 [pid 410] fstat(4, [pid 15211] close(4 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15211] <... close resumed>) = 0 [pid 15214] <... ioctl resumed>) = 0 [pid 410] getdents64(4, [pid 15214] close(3 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, [pid 15214] <... close resumed>) = 0 [pid 15211] <... futex resumed>) = 1 [pid 15214] mkdir("./bus", 0777 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15211] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] close(4 [pid 15210] <... futex resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./544/bus" [pid 15214] <... mkdir resumed>) = 0 [pid 15219] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... rmdir resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 15210] <... futex resumed>) = 1 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./535/bus", [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./544") = 0 [pid 410] mkdir("./545", 0777 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./535/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... mkdir resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 407] openat(AT_FDCWD, "./535/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... openat resumed>) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15220 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./535/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./535") = 0 [pid 407] mkdir("./536", 0777 [pid 15219] <... openat resumed>) = 4 [pid 15214] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... mkdir resumed>) = 0 [pid 15219] ioctl(4, LOOP_SET_FD, 3 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 268.567133][T15211] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/539/bus supports timestamps until 2038 (0x7fffffff) [ 268.581845][T15214] loop1: detected capacity change from 0 to 2048 [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15221 [pid 15211] <... futex resumed>) = 0 [pid 15211] chdir("./file0") = 0 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15211] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15211] <... open resumed>) = 4 [pid 15210] <... futex resumed>) = 0 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15211] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15211] <... openat resumed>) = 5 [pid 15210] <... futex resumed>) = 0 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15211] <... futex resumed>) = 0 [pid 15210] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15211] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15221 attached ./strace-static-x86_64: Process 15220 attached [pid 15219] <... ioctl resumed>) = 0 [pid 15218] <... write resumed>) = 1048576 [pid 15210] <... futex resumed>) = 0 [pid 15221] set_robust_list(0x555555f755e0, 24 [pid 15220] set_robust_list(0x555555f755e0, 24 [pid 15219] close(3 [pid 15218] munmap(0x7f1c2a016000, 1048576 [pid 15221] <... set_robust_list resumed>) = 0 [pid 15220] <... set_robust_list resumed>) = 0 [pid 15219] <... close resumed>) = 0 [pid 15218] <... munmap resumed>) = 0 [pid 15221] chdir("./536" [pid 15220] chdir("./545" [pid 15219] mkdir("./bus", 0777 [pid 15218] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15221] <... chdir resumed>) = 0 [pid 15220] <... chdir resumed>) = 0 [pid 15219] <... mkdir resumed>) = 0 [pid 15218] <... openat resumed>) = 4 [pid 15221] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15220] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15219] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15218] ioctl(4, LOOP_SET_FD, 3 [pid 15221] <... prctl resumed>) = 0 [pid 15220] <... prctl resumed>) = 0 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15221] setpgid(0, 0 [pid 15220] setpgid(0, 0 [pid 15221] <... setpgid resumed>) = 0 [pid 15220] <... setpgid resumed>) = 0 [pid 15221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15221] <... openat resumed>) = 3 [pid 15220] <... openat resumed>) = 3 [pid 15218] <... ioctl resumed>) = 0 [pid 15221] write(3, "1000", 4 [pid 15220] write(3, "1000", 4 [pid 15221] <... write resumed>) = 4 [pid 15220] <... write resumed>) = 4 [pid 15218] close(3 [pid 15221] close(3 [pid 15220] close(3 [pid 15221] <... close resumed>) = 0 [pid 15220] <... close resumed>) = 0 [pid 15218] <... close resumed>) = 0 [pid 15221] symlink("/dev/binderfs", "./binderfs" [pid 15220] symlink("/dev/binderfs", "./binderfs" [pid 15221] <... symlink resumed>) = 0 [pid 15220] <... symlink resumed>) = 0 [pid 15218] mkdir("./bus", 0777 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] <... mkdir resumed>) = 0 [pid 15221] <... futex resumed>) = 0 [pid 15220] <... futex resumed>) = 0 [pid 15218] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15211] <... write resumed>) = 196608 [pid 15221] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15220] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... mmap resumed>) = 0x7f1c32416000 [pid 15220] <... mmap resumed>) = 0x7f1c32416000 [pid 15211] <... futex resumed>) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15221] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15220] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... mprotect resumed>) = 0 [pid 15220] <... mprotect resumed>) = 0 [pid 15211] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15210] <... futex resumed>) = 0 [pid 15221] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15220] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15211] <... mount resumed>) = 0 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... clone resumed>, parent_tid=[15223], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15223 [pid 15220] <... clone resumed>, parent_tid=[15224], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15224 [pid 15211] <... futex resumed>) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15211] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] <... futex resumed>) = 0 [pid 15220] <... futex resumed>) = 0 [pid 15211] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15224 attached ./strace-static-x86_64: Process 15223 attached [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15211] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15211] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15224] memfd_create("syzkaller", 0) = 3 [pid 15224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [ 268.612792][T15219] loop2: detected capacity change from 0 to 2048 [ 268.629580][T15218] loop4: detected capacity change from 0 to 2048 [pid 15223] set_robust_list(0x7f1c324369e0, 24 [pid 15211] <... write resumed>) = 1048576 [pid 15223] <... set_robust_list resumed>) = 0 [pid 15223] memfd_create("syzkaller", 0) = 3 [pid 15223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15214] <... mount resumed>) = 0 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] <... write resumed>) = 1048576 [pid 15224] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15224] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 15224] ioctl(4, LOOP_SET_FD, 3 [pid 15223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15214] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15211] <... futex resumed>) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15224] <... ioctl resumed>) = 0 [pid 15224] close(3) = 0 [pid 15224] mkdir("./bus", 0777) = 0 [pid 15224] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15218] <... mount resumed>) = 0 [pid 15218] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15218] chdir("./bus") = 0 [pid 15218] ioctl(4, LOOP_CLR_FD) = 0 [pid 15218] close(4 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15218] <... close resumed>) = 0 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15215] <... futex resumed>) = 0 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15218] <... futex resumed>) = 1 [pid 15218] chdir("./file0") = 0 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15215] <... futex resumed>) = 0 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15218] <... futex resumed>) = 1 [pid 15218] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15219] <... mount resumed>) = 0 [pid 15219] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15219] chdir("./bus") = 0 [pid 15219] ioctl(4, LOOP_CLR_FD) = 0 [pid 15219] close(4 [pid 15223] <... write resumed>) = 1048576 [pid 15214] <... openat resumed>) = 3 [pid 15211] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15218] <... open resumed>) = 4 [pid 15214] chdir("./bus") = 0 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] ioctl(4, LOOP_CLR_FD [pid 15218] <... futex resumed>) = 1 [pid 15215] <... futex resumed>) = 0 [pid 15218] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] <... ioctl resumed>) = 0 [pid 15215] <... futex resumed>) = 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15218] <... openat resumed>) = 5 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15215] <... futex resumed>) = 0 [pid 15214] close(4 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15215] <... futex resumed>) = 0 [pid 15214] <... close resumed>) = 0 [ 268.661598][T15214] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/541/bus supports timestamps until 2038 (0x7fffffff) [ 268.674466][T15218] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/542/bus supports timestamps until 2038 (0x7fffffff) [ 268.677413][T15224] loop3: detected capacity change from 0 to 2048 [ 268.687789][T15219] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/536/bus supports timestamps until 2038 (0x7fffffff) [pid 15218] <... write resumed>) = 196608 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15219] <... close resumed>) = 0 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15215] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] <... futex resumed>) = 0 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15223] munmap(0x7f1c2a016000, 1048576 [pid 15219] <... futex resumed>) = 1 [pid 15218] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15215] <... futex resumed>) = 0 [pid 15213] <... futex resumed>) = 0 [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15223] <... munmap resumed>) = 0 [pid 15219] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15218] <... mount resumed>) = 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15214] <... futex resumed>) = 1 [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15212] <... futex resumed>) = 0 [pid 15219] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15223] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15219] chdir("./file0" [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15213] <... futex resumed>) = 0 [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15223] <... openat resumed>) = 4 [pid 15223] ioctl(4, LOOP_SET_FD, 3 [pid 15219] <... chdir resumed>) = 0 [pid 15218] <... futex resumed>) = 1 [pid 15215] <... futex resumed>) = 0 [pid 15214] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15212] <... futex resumed>) = 0 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] chdir("./file0" [pid 15213] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15219] <... futex resumed>) = 0 [pid 15218] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15215] <... futex resumed>) = 0 [pid 15214] <... chdir resumed>) = 0 [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15219] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15218] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15213] <... futex resumed>) = 0 [pid 15219] <... open resumed>) = 4 [pid 15218] <... open resumed>) = 6 [pid 15214] <... futex resumed>) = 1 [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15212] <... futex resumed>) = 0 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15213] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15219] <... futex resumed>) = 0 [pid 15218] <... futex resumed>) = 1 [pid 15215] <... futex resumed>) = 0 [pid 15214] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15212] <... futex resumed>) = 0 [pid 15219] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15213] <... futex resumed>) = 0 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... ioctl resumed>) = 0 [pid 15219] <... openat resumed>) = 5 [pid 15223] close(3) = 0 [pid 15223] mkdir("./bus", 0777) = 0 [pid 15223] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15215] <... futex resumed>) = 0 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15218] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15211] <... openat resumed>) = 7 [pid 15218] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] <... open resumed>) = 4 [pid 15211] <... futex resumed>) = 1 [pid 15211] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15219] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15210] <... futex resumed>) = 0 [pid 15210] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15211] <... futex resumed>) = 0 [pid 15210] <... futex resumed>) = 1 [pid 15211] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15210] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15211] <... openat resumed>) = 8 [pid 15211] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15210] <... futex resumed>) = 0 [pid 15211] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15210] exit_group(0 [pid 15211] <... futex resumed>) = ? [pid 15210] <... exit_group resumed>) = ? [pid 15211] +++ exited with 0 +++ [pid 15210] +++ exited with 0 +++ [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15214] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15213] <... futex resumed>) = 0 [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15219] <... futex resumed>) = 0 [pid 15213] <... futex resumed>) = 1 [pid 15219] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15219] <... write resumed>) = 196608 [pid 15212] <... futex resumed>) = 0 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15213] <... futex resumed>) = 0 [pid 15219] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15219] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15213] <... futex resumed>) = 0 [pid 15219] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15219] <... mount resumed>) = 0 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15213] <... futex resumed>) = 0 [pid 15219] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15219] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15213] <... futex resumed>) = 0 [pid 15219] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15219] <... open resumed>) = 6 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15213] <... futex resumed>) = 0 [pid 15219] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15219] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15213] <... futex resumed>) = 0 [pid 15219] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [ 268.719723][T15211] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.734865][T15211] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 268.735727][T15223] loop0: detected capacity change from 0 to 2048 [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15210, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 15214] <... futex resumed>) = 0 [pid 15212] <... futex resumed>) = 1 [pid 15214] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15214] <... openat resumed>) = 5 [pid 412] umount2("./539", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15214] <... futex resumed>) = 1 [pid 15212] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15224] <... mount resumed>) = 0 [pid 15224] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15224] chdir("./bus") = 0 [pid 15224] ioctl(4, LOOP_CLR_FD) = 0 [pid 15224] close(4 [pid 15219] <... write resumed>) = 1048576 [pid 15218] <... write resumed>) = 1048576 [pid 15214] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 3 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15213] <... futex resumed>) = 0 [pid 15219] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15215] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15214] <... write resumed>) = 196608 [pid 15213] <... futex resumed>) = 0 [pid 15212] <... futex resumed>) = 0 [pid 412] fstat(3, [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... close resumed>) = 0 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15220] <... futex resumed>) = 0 [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... futex resumed>) = 1 [pid 15224] chdir("./file0") = 0 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15220] <... futex resumed>) = 0 [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... futex resumed>) = 1 [pid 15224] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15218] <... futex resumed>) = 0 [ 268.762413][T15224] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/545/bus supports timestamps until 2038 (0x7fffffff) [ 268.788700][T15219] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.802517][T15223] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/536/bus supports timestamps until 2038 (0x7fffffff) [pid 15218] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15223] <... mount resumed>) = 0 [pid 15219] <... openat resumed>) = 7 [pid 15215] <... futex resumed>) = 0 [pid 15214] <... futex resumed>) = 0 [pid 15212] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15214] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, [pid 15214] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15212] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15214] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15214] <... mount resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] lstat("./539/binderfs", [pid 15214] <... futex resumed>) = 1 [pid 15212] <... futex resumed>) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15214] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./539/binderfs" [pid 15214] <... open resumed>) = 6 [pid 15212] <... futex resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15214] <... futex resumed>) = 0 [pid 15212] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15214] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15223] chdir("./bus") = 0 [pid 15223] ioctl(4, LOOP_CLR_FD) = 0 [pid 15223] close(4 [pid 15224] <... open resumed>) = 4 [pid 15223] <... close resumed>) = 0 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15220] <... futex resumed>) = 0 [pid 15224] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15220] <... futex resumed>) = 0 [pid 15224] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... openat resumed>) = 5 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15220] <... futex resumed>) = 0 [pid 15224] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15220] <... futex resumed>) = 0 [pid 15224] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... write resumed>) = 196608 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15220] <... futex resumed>) = 0 [pid 15224] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] <... mount resumed>) = 0 [pid 15220] <... futex resumed>) = 0 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... futex resumed>) = 0 [pid 15220] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15224] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15220] <... futex resumed>) = 0 [pid 15224] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... open resumed>) = 6 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15220] <... futex resumed>) = 0 [pid 15224] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15224] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15220] <... futex resumed>) = 0 [pid 15224] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15213] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15213] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] chdir("./file0") = 0 [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15213] <... futex resumed>) = 0 [pid 15213] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=48000000} [pid 15219] <... futex resumed>) = 1 [pid 15219] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15219] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15213] <... futex resumed>) = 0 [pid 15213] exit_group(0) = ? [pid 15219] <... futex resumed>) = ? [pid 15219] +++ exited with 0 +++ [pid 15213] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15213, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 15214] <... write resumed>) = 1048576 [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15212] <... futex resumed>) = 0 [pid 409] umount2("./536", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15214] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15214] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15212] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15214] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... open resumed>) = 4 [pid 409] openat(AT_FDCWD, "./536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15218] <... openat resumed>) = 7 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [ 268.814893][T15219] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 268.815379][T15218] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.849601][T15218] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15221] <... futex resumed>) = 0 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] <... futex resumed>) = 1 [pid 15223] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 409] <... openat resumed>) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, [pid 15215] <... futex resumed>) = 0 [pid 15215] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15218] <... futex resumed>) = 0 [pid 15215] <... futex resumed>) = 1 [pid 409] umount2("./536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./536/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15224] <... write resumed>) = 1048576 [pid 409] unlink("./536/binderfs" [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15218] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15215] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... futex resumed>) = 1 [pid 15224] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15218] <... openat resumed>) = 8 [pid 15218] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15215] <... futex resumed>) = 0 [pid 15218] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15220] <... futex resumed>) = 0 [pid 15215] exit_group(0 [pid 409] <... unlink resumed>) = 0 [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15220] <... futex resumed>) = 1 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... futex resumed>) = 0 [pid 15218] <... futex resumed>) = ? [pid 15215] <... exit_group resumed>) = ? [pid 15224] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15218] +++ exited with 0 +++ [pid 15215] +++ exited with 0 +++ [pid 412] <... umount2 resumed>) = 0 [pid 15223] <... write resumed>) = 1048576 [pid 412] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15215, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 15214] <... openat resumed>) = 7 [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15212] <... futex resumed>) = 0 [pid 15212] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15212] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15214] <... futex resumed>) = 1 [pid 15214] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15214] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15212] <... futex resumed>) = 0 [pid 15212] exit_group(0) = ? [pid 15214] <... futex resumed>) = ? [pid 15221] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] lstat("./539/bus", [pid 15223] <... futex resumed>) = 0 [pid 15221] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./542", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15223] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 412] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15224] <... openat resumed>) = 7 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15214] +++ exited with 0 +++ [pid 15212] +++ exited with 0 +++ [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15223] <... futex resumed>) = 0 [pid 15221] <... futex resumed>) = 1 [pid 412] openat(AT_FDCWD, "./539/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 3 [pid 15223] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... openat resumed>) = 4 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15212, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15220] <... futex resumed>) = 0 [pid 15220] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15220] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15224] <... futex resumed>) = 1 [ 268.865306][T15214] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.882540][T15224] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.885674][T15214] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 268.911390][T15224] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15224] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15224] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15220] <... futex resumed>) = 0 [pid 15220] exit_group(0) = ? [pid 15224] <... futex resumed>) = ? [pid 411] fstat(3, [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 412] fstat(4, [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... restart_syscall resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] getdents64(4, [pid 411] umount2("./542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] umount2("./541", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] close(4 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... close resumed>) = 0 [pid 411] lstat("./542/binderfs", [pid 412] rmdir("./539/bus" [pid 408] openat(AT_FDCWD, "./541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 411] unlink("./542/binderfs" [pid 408] <... openat resumed>) = 3 [pid 412] getdents64(3, [pid 15224] +++ exited with 0 +++ [pid 15220] +++ exited with 0 +++ [pid 411] <... unlink resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15220, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 411] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] fstat(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] umount2("./545", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] getdents64(3, [pid 410] openat(AT_FDCWD, "./545", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] close(3 [pid 410] <... openat resumed>) = 3 [pid 408] umount2("./541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] fstat(3, [pid 412] <... close resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] rmdir("./539" [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] getdents64(3, [pid 412] <... rmdir resumed>) = 0 [pid 408] lstat("./541/binderfs", [pid 412] mkdir("./540", 0777 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 410] umount2("./545/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] unlink("./541/binderfs" [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... unlink resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 410] lstat("./545/binderfs", [pid 408] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] ioctl(3, LOOP_CLR_FD [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] unlink("./545/binderfs" [pid 412] close(3 [pid 410] <... unlink resumed>) = 0 [pid 412] <... close resumed>) = 0 [pid 410] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15234 ./strace-static-x86_64: Process 15234 attached [pid 15234] set_robust_list(0x555555f755e0, 24) = 0 [pid 15234] chdir("./540") = 0 [pid 15234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15234] setpgid(0, 0) = 0 [pid 15234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15234] write(3, "1000", 4) = 4 [pid 15234] close(3) = 0 [pid 15234] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15234] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15234] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15234] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15235], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15235 [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15235 attached [pid 15235] set_robust_list(0x7f1c324369e0, 24 [pid 15223] <... openat resumed>) = 7 [pid 15235] <... set_robust_list resumed>) = 0 [pid 15235] memfd_create("syzkaller", 0) = 3 [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15223] <... futex resumed>) = 1 [pid 15221] <... futex resumed>) = 0 [pid 15223] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15221] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15223] <... openat resumed>) = 8 [pid 15221] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15223] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15221] <... futex resumed>) = 0 [pid 15223] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15221] exit_group(0 [pid 15223] <... futex resumed>) = ? [pid 15221] <... exit_group resumed>) = ? [pid 15223] +++ exited with 0 +++ [pid 15221] +++ exited with 0 +++ [pid 15235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15221, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 15235] <... write resumed>) = 1048576 [pid 407] umount2("./536", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15235] munmap(0x7f1c2a016000, 1048576 [pid 407] openat(AT_FDCWD, "./536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, [pid 15235] <... munmap resumed>) = 0 [pid 15235] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15235] ioctl(4, LOOP_SET_FD, 3 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./536/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./536/binderfs") = 0 [pid 407] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./536/bus", [pid 15235] <... ioctl resumed>) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15235] close(3) = 0 [pid 409] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15235] mkdir("./bus", 0777 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./536/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15235] <... mkdir resumed>) = 0 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4 [pid 15235] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./536/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./536") = 0 [pid 409] mkdir("./537", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD [pid 411] <... umount2 resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15236 ./strace-static-x86_64: Process 15236 attached [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = 0 [pid 411] lstat("./542/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./541/bus", [pid 411] openat(AT_FDCWD, "./542/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... openat resumed>) = 4 [pid 411] fstat(4, [pid 408] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] getdents64(4, [pid 408] openat(AT_FDCWD, "./541/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... openat resumed>) = 4 [pid 411] getdents64(4, [pid 408] fstat(4, [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15236] set_robust_list(0x555555f755e0, 24) = 0 [pid 15236] chdir("./537") = 0 [pid 411] close(4 [pid 408] getdents64(4, [pid 411] <... close resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] rmdir("./542/bus" [pid 408] getdents64(4, [pid 15236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15236] setpgid(0, 0 [pid 411] <... rmdir resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] getdents64(3, [pid 408] close(4 [pid 15236] <... setpgid resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... close resumed>) = 0 [pid 411] close(3 [pid 408] rmdir("./541/bus" [pid 411] <... close resumed>) = 0 [pid 15236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 411] rmdir("./542" [pid 408] <... rmdir resumed>) = 0 [pid 15236] write(3, "1000", 4) = 4 [pid 15236] close(3) = 0 [pid 15236] symlink("/dev/binderfs", "./binderfs" [pid 411] <... rmdir resumed>) = 0 [pid 408] getdents64(3, [pid 15236] <... symlink resumed>) = 0 [pid 411] mkdir("./543", 0777 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15236] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 408] close(3) = 0 [pid 15236] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 408] rmdir("./541" [pid 15236] <... mprotect resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 15236] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 408] <... rmdir resumed>) = 0 [pid 15236] <... clone resumed>, parent_tid=[15237], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15237 [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15237 attached ) = 0 [pid 411] <... openat resumed>) = 3 [pid 408] mkdir("./542", 0777 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15237] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15237] memfd_create("syzkaller", 0 [pid 411] ioctl(3, LOOP_CLR_FD [pid 15237] <... memfd_create resumed>) = 3 [pid 408] <... mkdir resumed>) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] close(3 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 411] <... close resumed>) = 0 [pid 15237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... openat resumed>) = 3 [pid 408] ioctl(3, LOOP_CLR_FD [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15238 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 15238 attached [pid 15238] set_robust_list(0x555555f755e0, 24) = 0 [pid 15238] chdir("./543") = 0 [pid 15238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15240 [pid 15238] setpgid(0, 0) = 0 [pid 15238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15238] write(3, "1000", 4) = 4 [pid 15238] close(3) = 0 [pid 15238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15238] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [ 268.925002][T15223] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 268.942093][T15223] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 268.964089][T15235] loop5: detected capacity change from 0 to 2048 [pid 15238] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15241], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15241 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 15240 attached ) = 1048576 [pid 15237] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15237] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 15237] ioctl(4, LOOP_SET_FD, 3 [pid 407] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 15241 attached [pid 15240] set_robust_list(0x555555f755e0, 24 [pid 15237] <... ioctl resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 407] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15241] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15241] memfd_create("syzkaller", 0) = 3 [pid 15241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] lstat("./536/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./536/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] openat(AT_FDCWD, "./536/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] lstat("./545/bus", [pid 407] getdents64(4, [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./545/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./545/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./545") = 0 [pid 410] mkdir("./546", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15243 ./strace-static-x86_64: Process 15243 attached [pid 15243] set_robust_list(0x555555f755e0, 24) = 0 [pid 15243] chdir("./546") = 0 [pid 15243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15243] setpgid(0, 0) = 0 [pid 15243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15243] write(3, "1000", 4) = 4 [pid 15243] close(3) = 0 [pid 15243] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15243] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15243] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15243] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] getdents64(4, [pid 15241] <... write resumed>) = 1048576 [pid 15240] <... set_robust_list resumed>) = 0 [pid 15237] close(3 [pid 15235] <... mount resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 ./strace-static-x86_64: Process 15244 attached [pid 15243] <... clone resumed>, parent_tid=[15244], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15244 [pid 15241] munmap(0x7f1c2a016000, 1048576 [pid 407] rmdir("./536/bus" [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15235] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15235] chdir("./bus") = 0 [pid 15235] ioctl(4, LOOP_CLR_FD) = 0 [pid 15235] close(4 [pid 407] <... rmdir resumed>) = 0 [pid 15235] <... close resumed>) = 0 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] getdents64(3, [pid 15234] <... futex resumed>) = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 15235] chdir("./file0" [pid 407] rmdir("./536" [pid 15235] <... chdir resumed>) = 0 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15235] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15237] <... close resumed>) = 0 [pid 15234] <... futex resumed>) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] mkdir("./bus", 0777 [pid 15234] <... futex resumed>) = 1 [pid 407] mkdir("./537", 0777 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15237] <... mkdir resumed>) = 0 [pid 15237] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15240] chdir("./542" [pid 407] <... openat resumed>) = 3 [pid 15240] <... chdir resumed>) = 0 [pid 15240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15240] setpgid(0, 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 15240] <... setpgid resumed>) = 0 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 407] close(3) = 0 [pid 15240] <... openat resumed>) = 3 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15240] write(3, "1000", 4) = 4 [pid 15240] close(3) = 0 [pid 15240] symlink("/dev/binderfs", "./binderfs" [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15245 [pid 15240] <... symlink resumed>) = 0 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15240] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15240] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15240] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15246], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15246 [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15246 attached [pid 15246] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15246] memfd_create("syzkaller", 0) = 3 [pid 15246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15235] <... futex resumed>) = 0 [pid 15235] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15244] set_robust_list(0x7f1c324369e0, 24 [pid 15241] <... munmap resumed>) = 0 [pid 15235] <... open resumed>) = 4 [pid 15244] <... set_robust_list resumed>) = 0 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15244] memfd_create("syzkaller", 0 [pid 15235] <... futex resumed>) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15241] <... openat resumed>) = 4 [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15235] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15244] <... memfd_create resumed>) = 3 [pid 15244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15241] ioctl(4, LOOP_SET_FD, 3 [pid 15235] <... openat resumed>) = 5 [ 269.011796][T15237] loop2: detected capacity change from 0 to 2048 [ 269.012568][T15235] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/540/bus supports timestamps until 2038 (0x7fffffff) [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... mmap resumed>) = 0x7f1c2a016000 [pid 15246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15246] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15246] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15246] ioctl(4, LOOP_SET_FD, 3 [pid 15235] <... futex resumed>) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15235] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15246] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 15245 attached [pid 15246] close(3) = 0 [pid 15245] set_robust_list(0x555555f755e0, 24 [pid 15246] mkdir("./bus", 0777 [pid 15245] <... set_robust_list resumed>) = 0 [pid 15241] <... ioctl resumed>) = 0 [pid 15246] <... mkdir resumed>) = 0 [pid 15245] chdir("./537" [pid 15246] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15241] close(3 [pid 15245] <... chdir resumed>) = 0 [pid 15245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15241] <... close resumed>) = 0 [pid 15245] <... prctl resumed>) = 0 [pid 15245] setpgid(0, 0 [pid 15241] mkdir("./bus", 0777 [pid 15245] <... setpgid resumed>) = 0 [pid 15245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15245] write(3, "1000", 4) = 4 [pid 15245] close(3 [pid 15241] <... mkdir resumed>) = 0 [pid 15245] <... close resumed>) = 0 [pid 15244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15235] <... write resumed>) = 196608 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15245] symlink("/dev/binderfs", "./binderfs" [pid 15244] <... write resumed>) = 1048576 [pid 15241] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15246] <... mount resumed>) = 0 [pid 15245] <... symlink resumed>) = 0 [pid 15237] <... mount resumed>) = 0 [pid 15235] <... futex resumed>) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15246] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15235] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] munmap(0x7f1c2a016000, 1048576 [pid 15246] <... openat resumed>) = 3 [pid 15245] <... futex resumed>) = 0 [pid 15234] <... futex resumed>) = 0 [pid 15246] chdir("./bus" [pid 15245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15244] <... munmap resumed>) = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15246] <... chdir resumed>) = 0 [pid 15245] <... mmap resumed>) = 0x7f1c32416000 [pid 15246] ioctl(4, LOOP_CLR_FD [pid 15245] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15244] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15246] <... ioctl resumed>) = 0 [pid 15245] <... mprotect resumed>) = 0 [pid 15246] close(4 [pid 15245] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15244] <... openat resumed>) = 4 [pid 15246] <... close resumed>) = 0 [pid 15245] <... clone resumed>, parent_tid=[15252], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15252 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15252 attached [ 269.062474][T15241] loop4: detected capacity change from 0 to 2048 [ 269.066135][T15246] loop1: detected capacity change from 0 to 2048 [ 269.087450][T15237] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/537/bus supports timestamps until 2038 (0x7fffffff) [ 269.090641][T15246] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/542/bus supports timestamps until 2038 (0x7fffffff) [pid 15252] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] ioctl(4, LOOP_SET_FD, 3 [pid 15237] <... openat resumed>) = 3 [pid 15235] <... mount resumed>) = 0 [pid 15252] memfd_create("syzkaller", 0 [pid 15246] <... futex resumed>) = 1 [pid 15244] <... ioctl resumed>) = 0 [pid 15240] <... futex resumed>) = 0 [pid 15237] chdir("./bus" [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15252] <... memfd_create resumed>) = 3 [pid 15246] chdir("./file0" [pid 15241] <... mount resumed>) = 0 [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] <... chdir resumed>) = 0 [pid 15235] <... futex resumed>) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15246] <... chdir resumed>) = 0 [pid 15244] close(3 [pid 15241] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15240] <... futex resumed>) = 0 [pid 15237] ioctl(4, LOOP_CLR_FD [pid 15235] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] <... openat resumed>) = 3 [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] <... ioctl resumed>) = 0 [pid 15252] <... mmap resumed>) = 0x7f1c2a016000 [pid 15235] <... open resumed>) = 6 [pid 15234] <... futex resumed>) = 0 [pid 15241] chdir("./bus") = 0 [pid 15246] <... futex resumed>) = 0 [pid 15240] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15237] close(4 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] ioctl(4, LOOP_CLR_FD) = 0 [pid 15241] close(4) = 0 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15238] <... futex resumed>) = 0 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 1 [pid 15241] chdir("./file0" [pid 15244] <... close resumed>) = 0 [pid 15244] mkdir("./bus", 0777) = 0 [pid 15244] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] <... futex resumed>) = 0 [pid 15240] <... futex resumed>) = 1 [pid 15246] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] <... close resumed>) = 0 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15236] <... futex resumed>) = 0 [pid 15237] chdir("./file0" [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15235] <... futex resumed>) = 0 [pid 15235] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15234] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15235] <... futex resumed>) = 0 [pid 15234] <... futex resumed>) = 1 [pid 15235] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15246] <... open resumed>) = 4 [pid 15237] <... chdir resumed>) = 0 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15236] <... futex resumed>) = 0 [pid 15237] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15236] <... futex resumed>) = 0 [pid 15246] <... futex resumed>) = 1 [pid 15240] <... futex resumed>) = 0 [pid 15237] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 269.121298][T15241] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/543/bus supports timestamps until 2038 (0x7fffffff) [ 269.133464][T15244] loop3: detected capacity change from 0 to 2048 [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15241] <... chdir resumed>) = 0 [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] <... open resumed>) = 4 [pid 15252] <... write resumed>) = 1048576 [pid 15246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15240] <... futex resumed>) = 0 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15238] <... futex resumed>) = 0 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 1 [pid 15241] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15252] munmap(0x7f1c2a016000, 1048576 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15246] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15252] <... munmap resumed>) = 0 [pid 15246] <... openat resumed>) = 5 [pid 15237] <... futex resumed>) = 1 [pid 15236] <... futex resumed>) = 0 [pid 15252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15252] ioctl(4, LOOP_SET_FD, 3 [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] <... open resumed>) = 4 [pid 15237] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] <... ioctl resumed>) = 0 [pid 15246] <... futex resumed>) = 1 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] <... futex resumed>) = 0 [pid 15237] <... openat resumed>) = 5 [pid 15235] <... write resumed>) = 1048576 [pid 15252] close(3 [pid 15246] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15252] <... close resumed>) = 0 [pid 15240] <... futex resumed>) = 0 [pid 15252] mkdir("./bus", 0777) = 0 [pid 15252] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15246] <... write resumed>) = 196608 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] <... futex resumed>) = 1 [pid 15236] <... futex resumed>) = 0 [pid 15237] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15236] <... futex resumed>) = 0 [pid 15237] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 1 [pid 15238] <... futex resumed>) = 0 [pid 15241] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15238] <... futex resumed>) = 0 [pid 15241] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... openat resumed>) = 5 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15238] <... futex resumed>) = 0 [pid 15241] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15238] <... futex resumed>) = 0 [pid 15241] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] <... write resumed>) = 196608 [pid 15237] <... write resumed>) = 196608 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] <... futex resumed>) = 1 [pid 15240] <... futex resumed>) = 0 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15235] <... futex resumed>) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] <... futex resumed>) = 1 [pid 15236] <... futex resumed>) = 0 [pid 15235] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15234] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15240] <... futex resumed>) = 0 [pid 15237] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15234] <... futex resumed>) = 0 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15236] <... futex resumed>) = 0 [pid 15234] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15246] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15237] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15246] <... mount resumed>) = 0 [pid 15237] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15240] <... futex resumed>) = 0 [pid 15237] <... mount resumed>) = 0 [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15240] <... futex resumed>) = 0 [pid 15237] <... futex resumed>) = 1 [pid 15235] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15236] <... futex resumed>) = 0 [pid 15246] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15235] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15246] <... open resumed>) = 6 [pid 15237] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15236] <... futex resumed>) = 0 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15246] <... futex resumed>) = 1 [pid 15240] <... futex resumed>) = 0 [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15237] <... open resumed>) = 6 [pid 15246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15240] <... futex resumed>) = 0 [pid 15246] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15238] <... futex resumed>) = 0 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 1 [pid 15241] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15238] <... futex resumed>) = 0 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 1 [pid 15241] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15238] <... futex resumed>) = 0 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 1 [pid 15241] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15237] <... futex resumed>) = 1 [pid 15236] <... futex resumed>) = 0 [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 269.161847][T15252] loop0: detected capacity change from 0 to 2048 [ 269.194767][T15235] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15237] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15241] <... write resumed>) = 1048576 [pid 15244] <... mount resumed>) = 0 [pid 15244] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15244] chdir("./bus") = 0 [pid 15244] ioctl(4, LOOP_CLR_FD) = 0 [pid 15244] close(4) = 0 [pid 15238] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15238] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15238] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15238] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15259], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15259 [pid 15238] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15238] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15243] <... futex resumed>) = 0 [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] <... futex resumed>) = 1 [pid 15244] chdir("./file0") = 0 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15243] <... futex resumed>) = 0 [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] <... futex resumed>) = 1 [pid 15244] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15252] <... mount resumed>) = 0 [pid 15252] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15252] chdir("./bus") = 0 [pid 15252] ioctl(4, LOOP_CLR_FD) = 0 [pid 15252] close(4) = 0 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15252] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15234] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15245] <... futex resumed>) = 0 [pid 15240] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15234] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15236] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15236] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15245] <... futex resumed>) = 1 [pid 15252] <... futex resumed>) = 0 [pid 15240] <... futex resumed>) = 0 [pid 15234] <... futex resumed>) = 0 [pid 15252] chdir("./file0" [pid 15236] <... futex resumed>) = 0 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 0 [pid 15240] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15252] <... chdir resumed>) = 0 [pid 15240] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15236] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15234] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... open resumed>) = 4 [pid 15240] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15236] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15234] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15252] <... futex resumed>) = 1 [pid 15245] <... futex resumed>) = 0 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15240] <... mprotect resumed>) = 0 [pid 15237] <... write resumed>) = 1048576 [pid 15236] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15234] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15236] <... mprotect resumed>) = 0 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15234] <... mprotect resumed>) = 0 [pid 15245] <... futex resumed>) = 0 [pid 15236] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15252] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15244] <... futex resumed>) = 1 [pid 15243] <... futex resumed>) = 0 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15234] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15243] <... futex resumed>) = 0 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15236] <... clone resumed>, parent_tid=[15261], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15261 [pid 15234] <... clone resumed>, parent_tid=[15262], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15262 [pid 15236] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15234] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] <... clone resumed>, parent_tid=[15260], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15260 [pid 15244] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15237] <... futex resumed>) = 0 [pid 15252] <... open resumed>) = 4 [pid 15240] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15236] <... futex resumed>) = 0 [pid 15234] <... futex resumed>) = 0 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... openat resumed>) = 5 [pid 15240] <... futex resumed>) = 0 [pid 15237] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15236] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15234] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] <... futex resumed>) = 1 [pid 15245] <... futex resumed>) = 0 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... futex resumed>) = 1 [pid 15243] <... futex resumed>) = 0 [pid 15252] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15245] <... futex resumed>) = 0 [pid 15244] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15252] <... openat resumed>) = 5 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15243] <... futex resumed>) = 0 [pid 15244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15245] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15244] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] <... futex resumed>) = 0 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... write resumed>) = 196608 [pid 15252] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15245] <... futex resumed>) = 0 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15262 attached ./strace-static-x86_64: Process 15261 attached ./strace-static-x86_64: Process 15260 attached ./strace-static-x86_64: Process 15259 attached [pid 15252] <... write resumed>) = 196608 [pid 15246] <... write resumed>) = 1048576 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15235] <... openat resumed>) = 7 [pid 15262] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15262] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15262] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15234] <... futex resumed>) = 0 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... futex resumed>) = 1 [pid 15243] <... futex resumed>) = 0 [pid 15252] <... futex resumed>) = 1 [pid 15245] <... futex resumed>) = 0 [pid 15235] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15252] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15246] <... futex resumed>) = 0 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15235] <... futex resumed>) = 0 [pid 15261] set_robust_list(0x7f1c2a1159e0, 24 [pid 15260] set_robust_list(0x7f1c2a1159e0, 24 [pid 15259] set_robust_list(0x7f1c2a1159e0, 24 [pid 15252] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15245] <... futex resumed>) = 0 [pid 15244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15243] <... futex resumed>) = 0 [pid 15235] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15262] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15261] <... set_robust_list resumed>) = 0 [pid 15261] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15252] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15260] <... set_robust_list resumed>) = 0 [pid 15259] <... set_robust_list resumed>) = 0 [pid 15252] <... mount resumed>) = 0 [pid 15244] <... mount resumed>) = 0 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15234] exit_group(0 [pid 15252] <... futex resumed>) = 1 [pid 15245] <... futex resumed>) = 0 [pid 15244] <... futex resumed>) = 1 [pid 15243] <... futex resumed>) = 0 [pid 15235] <... futex resumed>) = ? [pid 15234] <... exit_group resumed>) = ? [ 269.200476][T15252] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/537/bus supports timestamps until 2038 (0x7fffffff) [ 269.215342][T15244] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/546/bus supports timestamps until 2038 (0x7fffffff) [ 269.221318][T15235] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 15260] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15252] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15238] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15235] +++ exited with 0 +++ [pid 15262] <... futex resumed>) = ? [pid 15252] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15245] <... futex resumed>) = 0 [pid 15244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15243] <... futex resumed>) = 0 [pid 15238] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15262] +++ exited with 0 +++ [pid 15252] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15241] <... futex resumed>) = 0 [pid 15238] <... futex resumed>) = 1 [pid 15234] +++ exited with 0 +++ [pid 15252] <... open resumed>) = 6 [pid 15244] <... open resumed>) = 6 [pid 15241] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15238] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15261] <... openat resumed>) = 7 [pid 15259] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15236] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15234, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15261] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15252] <... futex resumed>) = 1 [pid 15245] <... futex resumed>) = 0 [pid 15244] <... futex resumed>) = 1 [pid 15243] <... futex resumed>) = 0 [pid 15240] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15236] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [ 269.258518][T15261] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.260425][T15260] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.272641][T15261] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 269.290870][T15241] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 15261] <... futex resumed>) = 0 [pid 15252] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15246] <... futex resumed>) = 0 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] <... futex resumed>) = 1 [pid 15237] <... futex resumed>) = 0 [pid 15236] <... futex resumed>) = 1 [pid 412] <... restart_syscall resumed>) = 0 [pid 15261] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15260] <... openat resumed>) = 7 [pid 15252] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15246] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15245] <... futex resumed>) = 0 [pid 15244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15243] <... futex resumed>) = 0 [pid 15240] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15236] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15246] <... openat resumed>) = 8 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15237] <... openat resumed>) = 8 [pid 15260] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15259] <... openat resumed>) = 8 [pid 15246] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15241] <... openat resumed>) = 7 [pid 15237] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./540", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15260] <... futex resumed>) = 0 [pid 15259] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15246] <... futex resumed>) = 1 [pid 15240] <... futex resumed>) = 0 [pid 15237] <... futex resumed>) = 1 [pid 15236] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15260] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15259] <... futex resumed>) = 0 [pid 15246] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15241] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15240] exit_group(0 [pid 15237] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15236] exit_group(0 [pid 412] openat(AT_FDCWD, "./540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15261] <... futex resumed>) = ? [pid 15260] <... futex resumed>) = ? [pid 15259] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15246] <... futex resumed>) = ? [pid 15240] <... exit_group resumed>) = ? [pid 15237] <... futex resumed>) = ? [pid 15236] <... exit_group resumed>) = ? [pid 412] <... openat resumed>) = 3 [pid 15261] +++ exited with 0 +++ [pid 15260] +++ exited with 0 +++ [pid 15241] <... futex resumed>) = 1 [pid 15238] <... futex resumed>) = 0 [pid 15241] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15246] +++ exited with 0 +++ [pid 15238] exit_group(0 [pid 15259] <... futex resumed>) = ? [pid 15241] <... futex resumed>) = ? [pid 15240] +++ exited with 0 +++ [pid 15238] <... exit_group resumed>) = ? [pid 15237] +++ exited with 0 +++ [pid 15236] +++ exited with 0 +++ [pid 412] fstat(3, [pid 15259] +++ exited with 0 +++ [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15236, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15240, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 15241] +++ exited with 0 +++ [pid 15238] +++ exited with 0 +++ [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15238, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 412] umount2("./540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./537", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./542", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./540/binderfs", [pid 409] openat(AT_FDCWD, "./537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15252] <... write resumed>) = 1048576 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] <... openat resumed>) = 3 [pid 408] <... openat resumed>) = 3 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./540/binderfs" [pid 409] fstat(3, [pid 408] fstat(3, [pid 15252] <... futex resumed>) = 1 [pid 15245] <... futex resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15252] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(3, [pid 408] getdents64(3, [pid 15245] <... futex resumed>) = 0 [pid 15244] <... write resumed>) = 1048576 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15244] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] umount2("./543", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./543/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./543/binderfs") = 0 [pid 411] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./537/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./537/binderfs") = 0 [pid 409] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./542/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./542/binderfs") = 0 [pid 408] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15243] <... futex resumed>) = 0 [ 269.295208][T15260] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 269.317357][T15241] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 269.344888][T15252] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15244] <... futex resumed>) = 0 [pid 15243] <... futex resumed>) = 1 [pid 15244] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] <... openat resumed>) = 7 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15245] <... futex resumed>) = 0 [pid 15245] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15245] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15252] <... futex resumed>) = 1 [pid 15252] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15252] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15245] <... futex resumed>) = 0 [pid 15245] exit_group(0) = ? [pid 15252] <... futex resumed>) = ? [pid 15252] +++ exited with 0 +++ [pid 15245] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15245, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 407] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 15244] <... openat resumed>) = 7 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15243] <... futex resumed>) = 0 [pid 407] umount2("./537", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15243] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15243] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15244] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15244] <... openat resumed>) = 8 [pid 15244] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15243] <... futex resumed>) = 0 [pid 15243] exit_group(0) = ? [pid 15244] <... futex resumed>) = ? [pid 15244] +++ exited with 0 +++ [pid 15243] +++ exited with 0 +++ [pid 407] <... openat resumed>) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./537/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./537/binderfs") = 0 [pid 407] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = 0 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15243, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] umount2("./546", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] lstat("./542/bus", [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./546", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... openat resumed>) = 3 [pid 410] fstat(3, [pid 408] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] openat(AT_FDCWD, "./542/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] umount2("./546/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... openat resumed>) = 4 [pid 410] lstat("./546/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./546/binderfs") = 0 [pid 410] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./542/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./542") = 0 [pid 408] mkdir("./543", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15263 ./strace-static-x86_64: Process 15263 attached [pid 15263] set_robust_list(0x555555f755e0, 24) = 0 [pid 15263] chdir("./543") = 0 [pid 15263] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15263] setpgid(0, 0) = 0 [pid 15263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15263] write(3, "1000", 4) = 4 [pid 15263] close(3) = 0 [pid 15263] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15263] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15263] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15263] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 15264 attached , parent_tid=[15264], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15264 [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15264] set_robust_list(0x7f1c324369e0, 24 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15264] <... set_robust_list resumed>) = 0 [pid 15264] memfd_create("syzkaller", 0) = 3 [pid 15264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15264] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15264] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 269.359396][T15252] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 269.363334][T15244] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.388280][T15244] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 15264] close(3 [pid 412] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./540/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./540/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./540/bus") = 0 [pid 407] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] lstat("./537/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15264] <... close resumed>) = 0 [pid 412] getdents64(3, [pid 409] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] lstat("./537/bus", [pid 15264] mkdir("./bus", 0777 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] openat(AT_FDCWD, "./537/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] umount2("./537/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... openat resumed>) = 4 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] fstat(4, [pid 407] openat(AT_FDCWD, "./537/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... openat resumed>) = 4 [pid 409] getdents64(4, [pid 407] fstat(4, [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 407] getdents64(4, [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(3 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] close(4 [pid 407] getdents64(4, [pid 412] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] rmdir("./537/bus" [pid 407] close(4 [pid 412] rmdir("./540" [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./537/bus" [pid 409] <... rmdir resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 409] getdents64(3, [pid 407] <... rmdir resumed>) = 0 [pid 15264] <... mkdir resumed>) = 0 [pid 407] getdents64(3, [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3 [pid 407] close(3 [pid 409] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 409] rmdir("./537" [pid 407] rmdir("./537" [pid 412] mkdir("./541", 0777 [pid 409] <... rmdir resumed>) = 0 [pid 15264] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] <... mkdir resumed>) = 0 [pid 409] mkdir("./538", 0777 [pid 407] <... rmdir resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 407] mkdir("./538", 0777 [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 407] <... mkdir resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 407] <... openat resumed>) = 3 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... openat resumed>) = 3 [pid 407] ioctl(3, LOOP_CLR_FD [pid 409] ioctl(3, LOOP_CLR_FD [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 410] <... umount2 resumed>) = 0 [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 409] close(3 [pid 407] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15265 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15267 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15266 [pid 410] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./546/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./546/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, ./strace-static-x86_64: Process 15265 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15265] set_robust_list(0x555555f755e0, 24 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./546/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] close(3 [pid 411] lstat("./543/bus", [pid 410] <... close resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] rmdir("./546" [pid 411] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... rmdir resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] mkdir("./547", 0777 [pid 411] openat(AT_FDCWD, "./543/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... mkdir resumed>) = 0 [pid 411] <... openat resumed>) = 4 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 411] fstat(4, [pid 410] <... openat resumed>) = 3 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] ioctl(3, LOOP_CLR_FD [pid 411] getdents64(4, [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] close(3 [pid 411] getdents64(4, [pid 410] <... close resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] close(4) = 0 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15270 [pid 411] rmdir("./543/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./543") = 0 [pid 411] mkdir("./544", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 15271 attached ./strace-static-x86_64: Process 15267 attached ./strace-static-x86_64: Process 15270 attached ./strace-static-x86_64: Process 15266 attached [pid 15265] <... set_robust_list resumed>) = 0 [pid 15264] <... mount resumed>) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15271 [pid 15271] set_robust_list(0x555555f755e0, 24 [pid 15270] set_robust_list(0x555555f755e0, 24 [pid 15267] set_robust_list(0x555555f755e0, 24 [pid 15266] set_robust_list(0x555555f755e0, 24 [pid 15265] chdir("./538" [pid 15264] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15271] <... set_robust_list resumed>) = 0 [pid 15270] <... set_robust_list resumed>) = 0 [pid 15267] <... set_robust_list resumed>) = 0 [pid 15266] <... set_robust_list resumed>) = 0 [pid 15265] <... chdir resumed>) = 0 [pid 15264] <... openat resumed>) = 3 [pid 15271] chdir("./544" [pid 15270] chdir("./547" [pid 15267] chdir("./541" [pid 15266] chdir("./538" [pid 15265] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15264] chdir("./bus" [pid 15271] <... chdir resumed>) = 0 [pid 15270] <... chdir resumed>) = 0 [pid 15267] <... chdir resumed>) = 0 [pid 15266] <... chdir resumed>) = 0 [pid 15265] <... prctl resumed>) = 0 [pid 15264] <... chdir resumed>) = 0 [pid 15271] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15266] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15271] <... prctl resumed>) = 0 [pid 15270] <... prctl resumed>) = 0 [pid 15266] <... prctl resumed>) = 0 [pid 15265] setpgid(0, 0 [pid 15264] ioctl(4, LOOP_CLR_FD [pid 15271] setpgid(0, 0 [pid 15270] setpgid(0, 0 [pid 15266] setpgid(0, 0 [pid 15265] <... setpgid resumed>) = 0 [pid 15271] <... setpgid resumed>) = 0 [pid 15270] <... setpgid resumed>) = 0 [pid 15266] <... setpgid resumed>) = 0 [pid 15264] <... ioctl resumed>) = 0 [pid 15271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15267] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15264] close(4 [pid 15271] <... openat resumed>) = 3 [pid 15270] <... openat resumed>) = 3 [pid 15267] <... prctl resumed>) = 0 [pid 15265] <... openat resumed>) = 3 [pid 15271] write(3, "1000", 4 [pid 15270] write(3, "1000", 4 [pid 15267] setpgid(0, 0 [pid 15266] <... openat resumed>) = 3 [pid 15265] write(3, "1000", 4 [pid 15264] <... close resumed>) = 0 [pid 15271] <... write resumed>) = 4 [pid 15270] <... write resumed>) = 4 [pid 15267] <... setpgid resumed>) = 0 [pid 15266] write(3, "1000", 4 [pid 15265] <... write resumed>) = 4 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] close(3 [pid 15270] close(3 [pid 15267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15266] <... write resumed>) = 4 [pid 15265] close(3 [pid 15264] <... futex resumed>) = 1 [pid 15263] <... futex resumed>) = 0 [pid 15271] <... close resumed>) = 0 [pid 15270] <... close resumed>) = 0 [pid 15267] <... openat resumed>) = 3 [pid 15266] close(3 [pid 15265] <... close resumed>) = 0 [pid 15264] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] symlink("/dev/binderfs", "./binderfs" [pid 15270] symlink("/dev/binderfs", "./binderfs" [pid 15267] write(3, "1000", 4 [pid 15266] <... close resumed>) = 0 [pid 15265] symlink("/dev/binderfs", "./binderfs" [pid 15264] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15263] <... futex resumed>) = 0 [pid 15271] <... symlink resumed>) = 0 [pid 15270] <... symlink resumed>) = 0 [pid 15267] <... write resumed>) = 4 [pid 15266] symlink("/dev/binderfs", "./binderfs" [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15267] close(3 [pid 15266] <... symlink resumed>) = 0 [pid 15265] <... symlink resumed>) = 0 [pid 15264] chdir("./file0" [pid 15271] <... futex resumed>) = 0 [pid 15270] <... futex resumed>) = 0 [pid 15267] <... close resumed>) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15264] <... chdir resumed>) = 0 [pid 15271] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15270] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15267] symlink("/dev/binderfs", "./binderfs" [pid 15266] <... futex resumed>) = 0 [pid 15265] <... futex resumed>) = 0 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] <... mmap resumed>) = 0x7f1c32416000 [pid 15270] <... mmap resumed>) = 0x7f1c32416000 [pid 15267] <... symlink resumed>) = 0 [pid 15266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15265] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15264] <... futex resumed>) = 1 [pid 15263] <... futex resumed>) = 0 [pid 15271] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15270] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... mmap resumed>) = 0x7f1c32416000 [pid 15265] <... mmap resumed>) = 0x7f1c32416000 [pid 15264] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] <... mprotect resumed>) = 0 [pid 15270] <... mprotect resumed>) = 0 [pid 15267] <... futex resumed>) = 0 [pid 15263] <... futex resumed>) = 0 [pid 15271] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15270] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15267] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15266] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15265] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15264] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15267] <... mmap resumed>) = 0x7f1c32416000 [pid 15266] <... mprotect resumed>) = 0 [pid 15265] <... mprotect resumed>) = 0 [pid 15264] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000./strace-static-x86_64: Process 15273 attached ./strace-static-x86_64: Process 15272 attached [pid 15271] <... clone resumed>, parent_tid=[15272], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15272 [pid 15270] <... clone resumed>, parent_tid=[15273], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15273 [pid 15266] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15265] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15273] set_robust_list(0x7f1c324369e0, 24 [pid 15272] set_robust_list(0x7f1c324369e0, 24 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15273] <... set_robust_list resumed>) = 0 [pid 15272] <... set_robust_list resumed>) = 0 [pid 15271] <... futex resumed>) = 0 [pid 15270] <... futex resumed>) = 0 [pid 15266] <... clone resumed>, parent_tid=[15274], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15274 [pid 15265] <... clone resumed>, parent_tid=[15275], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15275 [pid 15273] memfd_create("syzkaller", 0 [pid 15272] memfd_create("syzkaller", 0 [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15273] <... memfd_create resumed>) = 3 [pid 15272] <... memfd_create resumed>) = 3 [pid 15266] <... futex resumed>) = 0 [pid 15265] <... futex resumed>) = 0 [pid 15273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15273] <... mmap resumed>) = 0x7f1c2a016000 [pid 15272] <... mmap resumed>) = 0x7f1c2a016000 [pid 15267] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15264] <... open resumed>) = 4 ./strace-static-x86_64: Process 15275 attached ./strace-static-x86_64: Process 15274 attached [pid 15267] <... mprotect resumed>) = 0 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15275] set_robust_list(0x7f1c324369e0, 24 [pid 15274] set_robust_list(0x7f1c324369e0, 24 [pid 15267] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15264] <... futex resumed>) = 1 [pid 15263] <... futex resumed>) = 0 ./strace-static-x86_64: Process 15276 attached [pid 15275] <... set_robust_list resumed>) = 0 [pid 15274] <... set_robust_list resumed>) = 0 [pid 15272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15264] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15276] set_robust_list(0x7f1c324369e0, 24 [pid 15275] memfd_create("syzkaller", 0 [pid 15274] memfd_create("syzkaller", 0 [pid 15272] <... write resumed>) = 1048576 [pid 15267] <... clone resumed>, parent_tid=[15276], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15276 [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15276] <... set_robust_list resumed>) = 0 [pid 15272] munmap(0x7f1c2a016000, 1048576 [pid 15276] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15272] <... munmap resumed>) = 0 [pid 15264] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15263] <... futex resumed>) = 0 [pid 15276] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15272] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15276] memfd_create("syzkaller", 0 [pid 15272] <... openat resumed>) = 4 [pid 15267] <... futex resumed>) = 0 [pid 15264] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 269.425182][T15264] loop1: detected capacity change from 0 to 2048 [ 269.452338][T15264] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/543/bus supports timestamps until 2038 (0x7fffffff) [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] <... memfd_create resumed>) = 3 [pid 15276] <... memfd_create resumed>) = 3 [pid 15272] ioctl(4, LOOP_SET_FD, 3 [pid 15276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15274] <... memfd_create resumed>) = 3 [pid 15273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15264] <... openat resumed>) = 5 [pid 15276] <... mmap resumed>) = 0x7f1c2a016000 [pid 15275] <... mmap resumed>) = 0x7f1c2a016000 [pid 15274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15273] <... write resumed>) = 1048576 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15272] <... ioctl resumed>) = 0 [pid 15272] close(3) = 0 [pid 15272] mkdir("./bus", 0777) = 0 [pid 15272] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15264] <... futex resumed>) = 1 [pid 15264] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15263] <... futex resumed>) = 0 [pid 15274] <... mmap resumed>) = 0x7f1c2a016000 [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15264] <... futex resumed>) = 0 [pid 15263] <... futex resumed>) = 1 [pid 15264] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15264] <... write resumed>) = 196608 [pid 15276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15263] <... futex resumed>) = 0 [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15264] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15263] <... futex resumed>) = 0 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15264] <... mount resumed>) = 0 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15263] <... futex resumed>) = 0 [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15264] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15263] <... futex resumed>) = 0 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15264] <... open resumed>) = 6 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15263] <... futex resumed>) = 0 [pid 15264] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] <... write resumed>) = 1048576 [pid 15276] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15276] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15276] ioctl(4, LOOP_SET_FD, 3 [pid 15274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15276] <... ioctl resumed>) = 0 [pid 15276] close(3) = 0 [pid 15276] mkdir("./bus", 0777) = 0 [pid 15276] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15273] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15273] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 15273] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15274] <... write resumed>) = 1048576 [pid 15273] close(3) = 0 [pid 15273] mkdir("./bus", 0777) = 0 [pid 15273] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15274] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15274] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 269.497016][T15272] loop4: detected capacity change from 0 to 2048 [ 269.517724][T15276] loop5: detected capacity change from 0 to 2048 [ 269.528012][T15273] loop3: detected capacity change from 0 to 2048 [pid 15274] ioctl(4, LOOP_SET_FD, 3 [pid 15275] <... write resumed>) = 1048576 [pid 15275] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15274] <... ioctl resumed>) = 0 [pid 15275] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15274] close(3 [pid 15275] <... openat resumed>) = 4 [pid 15274] <... close resumed>) = 0 [pid 15275] ioctl(4, LOOP_SET_FD, 3 [pid 15274] mkdir("./bus", 0777) = 0 [pid 15274] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15275] <... ioctl resumed>) = 0 [pid 15263] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15275] close(3) = 0 [pid 15275] mkdir("./bus", 0777) = 0 [pid 15263] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15275] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15263] <... futex resumed>) = 0 [pid 15263] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15263] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15263] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15282], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15282 [pid 15263] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15263] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15282 attached [pid 15282] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15282] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15264] <... write resumed>) = 1048576 [ 269.546945][T15274] loop2: detected capacity change from 0 to 2048 [ 269.557183][T15275] loop0: detected capacity change from 0 to 2048 [ 269.572703][T15282] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15273] <... mount resumed>) = 0 [pid 15273] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15273] chdir("./bus") = 0 [pid 15273] ioctl(4, LOOP_CLR_FD) = 0 [pid 15273] close(4) = 0 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] chdir("./file0") = 0 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15273] <... futex resumed>) = 1 [pid 15273] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15263] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15263] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] <... mount resumed>) = 0 [pid 15276] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15276] chdir("./bus") = 0 [pid 15276] ioctl(4, LOOP_CLR_FD) = 0 [pid 15276] close(4) = 0 [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15276] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15272] <... mount resumed>) = 0 [pid 15272] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15272] chdir("./bus") = 0 [pid 15272] ioctl(4, LOOP_CLR_FD) = 0 [pid 15272] close(4) = 0 [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] <... futex resumed>) = 0 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15272] <... futex resumed>) = 1 [pid 15272] chdir("./file0") = 0 [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] <... futex resumed>) = 0 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15272] <... futex resumed>) = 1 [pid 15272] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15264] <... futex resumed>) = 1 [pid 15264] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15267] <... futex resumed>) = 0 [pid 15263] <... futex resumed>) = 0 [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15263] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=46000000} [pid 15267] <... futex resumed>) = 1 [pid 15276] <... futex resumed>) = 0 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] chdir("./file0" [pid 15273] <... write resumed>) = 1048576 [pid 15276] <... chdir resumed>) = 0 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [ 269.584650][T15276] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/541/bus supports timestamps until 2038 (0x7fffffff) [ 269.586940][T15273] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/547/bus supports timestamps until 2038 (0x7fffffff) [ 269.603733][T15272] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/544/bus supports timestamps until 2038 (0x7fffffff) [ 269.631096][T15282] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15273] <... futex resumed>) = 1 [pid 15270] <... futex resumed>) = 0 [pid 15270] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15273] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15270] <... futex resumed>) = 0 [pid 15276] <... futex resumed>) = 1 [pid 15275] <... mount resumed>) = 0 [pid 15270] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15267] <... futex resumed>) = 0 [pid 15276] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15276] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15267] <... futex resumed>) = 0 [pid 15276] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] <... open resumed>) = 4 [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15267] <... futex resumed>) = 0 [pid 15276] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15276] <... openat resumed>) = 5 [pid 15267] <... futex resumed>) = 0 [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] <... futex resumed>) = 0 [pid 15267] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15276] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15276] <... write resumed>) = 196608 [pid 15267] <... futex resumed>) = 0 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15282] <... openat resumed>) = 7 [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15275] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15272] <... open resumed>) = 4 [pid 15264] <... openat resumed>) = 8 [pid 15263] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15274] <... mount resumed>) = 0 [pid 15274] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15274] chdir("./bus") = 0 [pid 15274] ioctl(4, LOOP_CLR_FD) = 0 [pid 15274] close(4) = 0 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] chdir("./file0") = 0 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15271] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15271] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15264] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] <... futex resumed>) = 0 [pid 15264] <... futex resumed>) = 0 [pid 15264] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15271] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15271] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15271] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15288], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15288 [pid 15271] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15282] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15276] <... futex resumed>) = 1 [pid 15275] <... openat resumed>) = 3 [pid 15271] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15267] <... futex resumed>) = 0 [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15282] <... futex resumed>) = 0 [pid 15282] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15276] <... mount resumed>) = 0 [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15275] chdir("./bus" [pid 15267] <... futex resumed>) = 0 [pid 15263] exit_group(0 [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15264] <... futex resumed>) = ? [pid 15263] <... exit_group resumed>) = ? [pid 15267] <... futex resumed>) = 0 [pid 15264] +++ exited with 0 +++ [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15282] <... futex resumed>) = ? [pid 15276] <... open resumed>) = 6 [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15275] <... chdir resumed>) = 0 [pid 15267] <... futex resumed>) = 0 [pid 15276] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15267] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15267] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15276] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15275] ioctl(4, LOOP_CLR_FD [pid 15272] <... futex resumed>) = 0 [pid 15276] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15282] +++ exited with 0 +++ [pid 15263] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15263, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 408] umount2("./543", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./543/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./543/binderfs") = 0 [pid 408] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15275] <... ioctl resumed>) = 0 [pid 15272] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15275] close(4) = 0 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15265] <... futex resumed>) = 0 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] chdir("./file0") = 0 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15265] <... futex resumed>) = 0 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15265] <... futex resumed>) = 0 [pid 15275] <... futex resumed>) = 1 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 15288 attached ) = 5 [pid 15288] set_robust_list(0x7f1c2a1159e0, 24 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15288] <... set_robust_list resumed>) = 0 [pid 15265] <... futex resumed>) = 0 [pid 15275] <... futex resumed>) = 1 [pid 15288] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15275] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15288] <... openat resumed>) = 5 [pid 15288] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15270] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15270] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15270] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15289], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15289 [pid 15270] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15270] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15271] <... futex resumed>) = 0 [pid 15288] <... futex resumed>) = 1 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15272] <... futex resumed>) = 0 [pid 15288] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15272] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15271] <... futex resumed>) = 0 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15272] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15272] <... mount resumed>) = 0 [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15271] <... futex resumed>) = 0 [pid 15272] <... futex resumed>) = 1 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15272] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15271] <... futex resumed>) = 0 [pid 15272] <... open resumed>) = 6 [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15271] <... futex resumed>) = 0 [pid 15275] <... write resumed>) = 196608 [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15272] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15271] <... futex resumed>) = 0 [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15265] <... futex resumed>) = 0 [pid 15275] <... futex resumed>) = 1 [pid 15275] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] <... mount resumed>) = 0 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15265] <... futex resumed>) = 0 [pid 15275] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15275] <... open resumed>) = 6 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15265] <... futex resumed>) = 0 [pid 15275] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15289 attached [pid 15289] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 269.631457][T15275] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/538/bus supports timestamps until 2038 (0x7fffffff) [ 269.649238][T15273] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.661167][T15274] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/538/bus supports timestamps until 2038 (0x7fffffff) [ 269.666278][T15273] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15289] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15274] <... write resumed>) = 1048576 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15289] <... openat resumed>) = 8 [pid 15274] <... futex resumed>) = 1 [pid 15273] <... openat resumed>) = 7 [pid 15289] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15274] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15289] <... futex resumed>) = 1 [pid 15273] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15270] <... futex resumed>) = 0 [pid 15289] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15266] <... futex resumed>) = 0 [pid 15270] exit_group(0 [pid 15273] <... futex resumed>) = ? [pid 15270] <... exit_group resumed>) = ? [pid 15289] <... futex resumed>) = ? [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15289] +++ exited with 0 +++ [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 0 [pid 15274] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15273] +++ exited with 0 +++ [pid 15270] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15270, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 410] umount2("./547", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./547", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./547/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./547/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./547/binderfs") = 0 [ 269.732777][T15274] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.750223][T15274] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 410] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15267] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15267] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = 0 [pid 15267] <... futex resumed>) = 0 [pid 15267] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15274] <... openat resumed>) = 7 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15266] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15274] <... futex resumed>) = 1 [pid 15274] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15274] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15266] <... futex resumed>) = 0 [pid 15266] exit_group(0) = ? [pid 15274] <... futex resumed>) = ? [pid 15274] +++ exited with 0 +++ [pid 15266] +++ exited with 0 +++ [pid 15267] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15267] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15266, si_uid=0, si_status=0, si_utime=1, si_stime=2} --- [pid 15267] <... mprotect resumed>) = 0 [pid 408] lstat("./543/bus", [pid 15267] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 15267] <... clone resumed>, parent_tid=[15290], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15290 [pid 15267] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15267] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./538", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./538/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./538/binderfs") = 0 [pid 409] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 15290 attached [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15290] set_robust_list(0x7f1c2a1159e0, 24 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./543/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15290] <... set_robust_list resumed>) = 0 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, [pid 15290] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./543/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./543") = 0 [pid 408] mkdir("./544", 0777 [pid 15271] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15265] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... mkdir resumed>) = 0 [pid 15271] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15265] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15288] <... futex resumed>) = 0 [pid 15271] <... futex resumed>) = 1 [pid 15265] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15288] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15271] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15265] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15276] <... write resumed>) = 1048576 [pid 15275] <... write resumed>) = 1048576 [pid 15272] <... write resumed>) = 1048576 [pid 15265] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] <... openat resumed>) = 3 [pid 15290] <... openat resumed>) = 7 [pid 15290] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15267] <... futex resumed>) = 0 [pid 15267] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15267] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15290] <... futex resumed>) = 1 [pid 15290] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15290] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15267] <... futex resumed>) = 0 [pid 15290] <... futex resumed>) = 1 [pid 15290] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15276] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15276] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15275] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15267] exit_group(0 [pid 15276] <... futex resumed>) = ? [pid 15267] <... exit_group resumed>) = ? [pid 15276] +++ exited with 0 +++ [pid 15290] <... futex resumed>) = ? [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15265] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] <... umount2 resumed>) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 15272] <... futex resumed>) = 0 [pid 15265] <... mprotect resumed>) = 0 [pid 409] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15272] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15265] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] close(3 [pid 15290] +++ exited with 0 +++ [pid 15288] <... openat resumed>) = 7 [pid 15267] +++ exited with 0 +++ [pid 15265] <... clone resumed>, parent_tid=[15291], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15291 [pid 409] lstat("./538/bus", [pid 408] <... close resumed>) = 0 [pid 15265] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15267, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15265] <... futex resumed>) = 0 [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 409] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15265] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... restart_syscall resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 15292 attached [pid 15292] set_robust_list(0x555555f755e0, 24) = 0 [pid 409] openat(AT_FDCWD, "./538/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15292 [pid 412] umount2("./541", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... openat resumed>) = 4 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] fstat(4, [pid 412] openat(AT_FDCWD, "./541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15288] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 3 [pid 409] getdents64(4, ./strace-static-x86_64: Process 15291 attached [pid 15288] <... futex resumed>) = 1 [pid 15271] <... futex resumed>) = 0 [pid 412] fstat(3, [pid 15271] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15291] set_robust_list(0x7f1c2a1159e0, 24 [pid 15288] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15272] <... futex resumed>) = 0 [pid 15271] <... futex resumed>) = 1 [pid 412] getdents64(3, [pid 409] getdents64(4, [pid 15292] chdir("./544" [pid 15291] <... set_robust_list resumed>) = 0 [pid 15272] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15271] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15292] <... chdir resumed>) = 0 [pid 15291] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15292] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15272] <... openat resumed>) = 8 [pid 412] umount2("./541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] close(4 [pid 15272] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15292] <... prctl resumed>) = 0 [pid 15272] <... futex resumed>) = 1 [pid 15271] <... futex resumed>) = 0 [pid 412] lstat("./541/binderfs", [pid 409] <... close resumed>) = 0 [pid 15272] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15271] exit_group(0 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] rmdir("./538/bus" [pid 15292] setpgid(0, 0 [pid 15288] <... futex resumed>) = ? [pid 15272] <... futex resumed>) = ? [pid 15271] <... exit_group resumed>) = ? [pid 412] unlink("./541/binderfs" [pid 15292] <... setpgid resumed>) = 0 [pid 15288] +++ exited with 0 +++ [pid 15272] +++ exited with 0 +++ [pid 15271] +++ exited with 0 +++ [pid 412] <... unlink resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15271, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./544", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./544/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./544/binderfs") = 0 [ 269.770101][T15290] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.784819][T15288] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.793033][T15290] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 269.803125][T15288] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 411] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15292] write(3, "1000", 4) = 4 [pid 15292] close(3) = 0 [pid 15292] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15292] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15292] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15292] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15293], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15293 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15293 attached [pid 15293] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15293] memfd_create("syzkaller", 0 [pid 412] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] getdents64(3, [pid 410] <... umount2 resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] close(3 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... close resumed>) = 0 [pid 410] lstat("./547/bus", [pid 409] rmdir("./538" [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... rmdir resumed>) = 0 [pid 15293] <... memfd_create resumed>) = 3 [pid 15293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./547/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] mkdir("./539", 0777 [pid 410] <... openat resumed>) = 4 [pid 15291] <... openat resumed>) = 7 [pid 410] fstat(4, [pid 409] <... mkdir resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15291] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15265] <... futex resumed>) = 0 [pid 410] getdents64(4, [pid 409] <... openat resumed>) = 3 [pid 15265] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15291] <... futex resumed>) = 1 [pid 15275] <... futex resumed>) = 0 [pid 15265] <... futex resumed>) = 1 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] ioctl(3, LOOP_CLR_FD [pid 15291] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15265] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] getdents64(4, [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(3 [pid 410] close(4 [pid 409] <... close resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] rmdir("./547/bus"./strace-static-x86_64: Process 15294 attached [pid 15275] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] <... rmdir resumed>) = 0 [pid 410] getdents64(3, [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15294 [pid 15294] set_robust_list(0x555555f755e0, 24 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15294] <... set_robust_list resumed>) = 0 [pid 410] close(3 [pid 15294] chdir("./539" [pid 15275] <... openat resumed>) = 8 [pid 410] <... close resumed>) = 0 [pid 15294] <... chdir resumed>) = 0 [pid 410] rmdir("./547" [pid 15294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15275] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... rmdir resumed>) = 0 [pid 15294] setpgid(0, 0 [pid 15275] <... futex resumed>) = 1 [pid 15265] <... futex resumed>) = 0 [pid 410] mkdir("./548", 0777 [pid 15294] <... setpgid resumed>) = 0 [pid 15265] exit_group(0 [pid 15294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15291] <... futex resumed>) = ? [pid 15265] <... exit_group resumed>) = ? [pid 410] <... mkdir resumed>) = 0 [pid 15275] +++ exited with 0 +++ [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15294] <... openat resumed>) = 3 [pid 15291] +++ exited with 0 +++ [pid 15265] +++ exited with 0 +++ [pid 410] <... openat resumed>) = 3 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15265, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 15294] write(3, "1000", 4 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 15294] <... write resumed>) = 4 [pid 410] close(3 [pid 15294] close(3 [pid 410] <... close resumed>) = 0 [pid 407] umount2("./538", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15294] <... close resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 15295 attached [pid 15294] symlink("/dev/binderfs", "./binderfs" [pid 407] openat(AT_FDCWD, "./538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15295 [pid 407] <... openat resumed>) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15295] set_robust_list(0x555555f755e0, 24 [pid 15294] <... symlink resumed>) = 0 [pid 407] getdents64(3, [pid 15295] <... set_robust_list resumed>) = 0 [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15295] chdir("./548" [pid 15294] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 15295] <... chdir resumed>) = 0 [pid 15294] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] umount2("./538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15295] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15294] <... mmap resumed>) = 0x7f1c32416000 [pid 15294] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15295] <... prctl resumed>) = 0 [pid 407] lstat("./538/binderfs", [pid 15294] <... mprotect resumed>) = 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15295] setpgid(0, 0 [pid 15294] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] unlink("./538/binderfs" [pid 15295] <... setpgid resumed>) = 0 [pid 15294] <... clone resumed>, parent_tid=[15296], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15296 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 407] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 15296 attached [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 407] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15295] <... openat resumed>) = 3 [pid 15294] <... futex resumed>) = 0 [pid 15295] write(3, "1000", 4 [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 412] lstat("./541/bus", [pid 411] lstat("./544/bus", [pid 15296] set_robust_list(0x7f1c324369e0, 24 [pid 15295] <... write resumed>) = 4 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15296] <... set_robust_list resumed>) = 0 [pid 15295] close(3 [pid 15293] <... write resumed>) = 1048576 [pid 15296] memfd_create("syzkaller", 0 [pid 15295] <... close resumed>) = 0 [pid 15296] <... memfd_create resumed>) = 3 [pid 15295] symlink("/dev/binderfs", "./binderfs" [pid 15296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15295] <... symlink resumed>) = 0 [pid 15296] <... mmap resumed>) = 0x7f1c2a016000 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15293] munmap(0x7f1c2a016000, 1048576 [pid 412] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15295] <... mmap resumed>) = 0x7f1c32416000 [pid 412] openat(AT_FDCWD, "./541/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] openat(AT_FDCWD, "./544/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15295] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 412] <... openat resumed>) = 4 [pid 411] <... openat resumed>) = 4 [pid 15295] <... mprotect resumed>) = 0 [pid 15293] <... munmap resumed>) = 0 [pid 412] fstat(4, [pid 411] fstat(4, [pid 15295] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15293] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 412] getdents64(4, [pid 411] getdents64(4, ./strace-static-x86_64: Process 15297 attached [ 269.826975][T15291] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 269.843682][T15291] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 15296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15295] <... clone resumed>, parent_tid=[15297], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15297 [pid 15293] <... openat resumed>) = 4 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15293] ioctl(4, LOOP_SET_FD, 3 [pid 412] getdents64(4, [pid 411] getdents64(4, [pid 15297] set_robust_list(0x7f1c324369e0, 24 [pid 15296] <... write resumed>) = 1048576 [pid 15295] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15297] <... set_robust_list resumed>) = 0 [pid 15296] munmap(0x7f1c2a016000, 1048576 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15297] memfd_create("syzkaller", 0 [pid 15296] <... munmap resumed>) = 0 [pid 15297] <... memfd_create resumed>) = 3 [pid 15296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15296] <... openat resumed>) = 4 [pid 15297] <... mmap resumed>) = 0x7f1c2a016000 [pid 15296] ioctl(4, LOOP_SET_FD, 3 [pid 15297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15293] <... ioctl resumed>) = 0 [pid 412] close(4 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15293] close(3 [pid 412] <... close resumed>) = 0 [pid 411] close(4 [pid 15293] <... close resumed>) = 0 [pid 412] rmdir("./541/bus" [pid 411] <... close resumed>) = 0 [pid 15293] mkdir("./bus", 0777 [pid 412] <... rmdir resumed>) = 0 [pid 411] rmdir("./544/bus" [pid 15296] <... ioctl resumed>) = 0 [pid 15293] <... mkdir resumed>) = 0 [pid 412] getdents64(3, [pid 411] <... rmdir resumed>) = 0 [pid 15293] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] getdents64(3, [pid 412] close(3 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] <... close resumed>) = 0 [pid 411] close(3 [pid 412] rmdir("./541" [pid 411] <... close resumed>) = 0 [pid 412] <... rmdir resumed>) = 0 [pid 411] rmdir("./544" [pid 412] mkdir("./542", 0777 [pid 411] <... rmdir resumed>) = 0 [pid 412] <... mkdir resumed>) = 0 [pid 411] mkdir("./545", 0777 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 411] <... mkdir resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 412] ioctl(3, LOOP_CLR_FD [pid 411] <... openat resumed>) = 3 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 411] ioctl(3, LOOP_CLR_FD [pid 412] close(3 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] <... close resumed>) = 0 [pid 411] close(3 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 411] <... close resumed>) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15298 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15299 ./strace-static-x86_64: Process 15298 attached [pid 15298] set_robust_list(0x555555f755e0, 24) = 0 [pid 15298] chdir("./542") = 0 [pid 15298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15298] setpgid(0, 0) = 0 [pid 15298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15298] write(3, "1000", 4) = 4 [pid 15298] close(3) = 0 [pid 15298] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15298] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15298] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15300], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15300 [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15300 attached [pid 15300] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15300] memfd_create("syzkaller", 0 [pid 407] <... umount2 resumed>) = 0 [pid 407] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./538/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./538/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./538/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./538/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./538") = 0 [pid 407] mkdir("./539", 0777 [pid 15296] close(3) = 0 [pid 407] <... mkdir resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 15296] mkdir("./bus", 0777 [pid 407] <... close resumed>) = 0 [pid 15296] <... mkdir resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15302 [pid 15300] <... memfd_create resumed>) = 3 [pid 15300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15296] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15297] <... write resumed>) = 1048576 [pid 15297] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15297] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 15299 attached ) = 4 [pid 15297] ioctl(4, LOOP_SET_FD, 3 [ 269.891829][T15293] loop1: detected capacity change from 0 to 2048 [ 269.896460][T15296] loop2: detected capacity change from 0 to 2048 [pid 15299] set_robust_list(0x555555f755e0, 24 [pid 15300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15300] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15300] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15300] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15302 attached [pid 15299] <... set_robust_list resumed>) = 0 [pid 15299] chdir("./545") = 0 [pid 15299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15300] <... ioctl resumed>) = 0 [pid 15300] close(3) = 0 [pid 15300] mkdir("./bus", 0777) = 0 [pid 15300] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15293] <... mount resumed>) = 0 [pid 15299] setpgid(0, 0) = 0 [pid 15293] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15293] <... openat resumed>) = 3 [pid 15299] <... openat resumed>) = 3 [pid 15293] chdir("./bus") = 0 [pid 15299] write(3, "1000", 4 [pid 15293] ioctl(4, LOOP_CLR_FD [pid 15299] <... write resumed>) = 4 [pid 15293] <... ioctl resumed>) = 0 [pid 15299] close(3 [pid 15293] close(4 [pid 15299] <... close resumed>) = 0 [pid 15293] <... close resumed>) = 0 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15292] <... futex resumed>) = 0 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15299] symlink("/dev/binderfs", "./binderfs" [pid 15292] <... futex resumed>) = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15299] <... symlink resumed>) = 0 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15293] <... futex resumed>) = 1 [pid 15299] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15293] chdir("./file0" [pid 15299] <... mprotect resumed>) = 0 [pid 15299] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15293] <... chdir resumed>) = 0 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15292] <... futex resumed>) = 0 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15293] <... futex resumed>) = 1 [pid 15299] <... clone resumed>, parent_tid=[15305], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15305 [pid 15293] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... ioctl resumed>) = 0 [pid 15297] close(3) = 0 [pid 15297] mkdir("./bus", 0777) = 0 [pid 15297] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15302] set_robust_list(0x555555f755e0, 24) = 0 [pid 15299] <... futex resumed>) = 0 [pid 15293] <... open resumed>) = 4 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15302] chdir("./539") = 0 [pid 15302] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 15305 attached ) = 0 [pid 15305] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15302] setpgid(0, 0) = 0 [pid 15305] memfd_create("syzkaller", 0) = 3 [pid 15302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15302] <... openat resumed>) = 3 [pid 15302] write(3, "1000", 4 [pid 15305] <... mmap resumed>) = 0x7f1c2a016000 [pid 15302] <... write resumed>) = 4 [pid 15302] close(3) = 0 [pid 15302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15302] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15302] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15307], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15307 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15293] <... futex resumed>) = 1 [pid 15292] <... futex resumed>) = 0 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15293] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15292] <... futex resumed>) = 0 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15293] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651./strace-static-x86_64: Process 15307 attached [pid 15307] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [ 269.937030][T15297] loop3: detected capacity change from 0 to 2048 [ 269.944405][T15293] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/544/bus supports timestamps until 2038 (0x7fffffff) [ 269.945001][T15300] loop5: detected capacity change from 0 to 2048 [pid 15307] memfd_create("syzkaller", 0) = 3 [pid 15305] <... write resumed>) = 1048576 [pid 15293] <... write resumed>) = 196608 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15292] <... futex resumed>) = 0 [pid 15293] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15293] <... mount resumed>) = 0 [pid 15292] <... futex resumed>) = 0 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15293] <... futex resumed>) = 0 [pid 15292] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15293] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15293] <... open resumed>) = 6 [pid 15292] <... futex resumed>) = 0 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15293] <... futex resumed>) = 0 [pid 15292] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15293] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15305] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15307] <... mmap resumed>) = 0x7f1c2a016000 [pid 15305] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15297] <... mount resumed>) = 0 [pid 15296] <... mount resumed>) = 0 [pid 15307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15305] <... openat resumed>) = 4 [pid 15297] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15296] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15305] ioctl(4, LOOP_SET_FD, 3 [pid 15300] <... mount resumed>) = 0 [pid 15293] <... write resumed>) = 1048576 [pid 15297] <... openat resumed>) = 3 [pid 15297] chdir("./bus") = 0 [pid 15297] ioctl(4, LOOP_CLR_FD [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... ioctl resumed>) = 0 [pid 15296] <... openat resumed>) = 3 [pid 15297] close(4 [pid 15293] <... futex resumed>) = 1 [pid 15292] <... futex resumed>) = 0 [pid 15297] <... close resumed>) = 0 [pid 15296] chdir("./bus") = 0 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] ioctl(4, LOOP_CLR_FD [pid 15297] <... futex resumed>) = 1 [pid 15296] <... ioctl resumed>) = 0 [pid 15296] close(4 [pid 15297] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15296] <... close resumed>) = 0 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15305] <... ioctl resumed>) = 0 [pid 15305] close(3) = 0 [pid 15305] mkdir("./bus", 0777) = 0 [pid 15305] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15300] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15300] chdir("./bus") = 0 [pid 15300] ioctl(4, LOOP_CLR_FD) = 0 [pid 15300] close(4) = 0 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] <... futex resumed>) = 0 [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] <... futex resumed>) = 1 [pid 15300] chdir("./file0") = 0 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] <... futex resumed>) = 0 [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] <... futex resumed>) = 1 [pid 15300] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15292] <... futex resumed>) = 0 [pid 15297] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = 0 [pid 15295] <... futex resumed>) = 1 [pid 15294] <... futex resumed>) = 1 [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15297] chdir("./file0" [pid 15296] chdir("./file0" [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15297] <... chdir resumed>) = 0 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] <... chdir resumed>) = 0 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... futex resumed>) = 1 [pid 15295] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = 1 [pid 15294] <... futex resumed>) = 0 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15296] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15294] <... futex resumed>) = 0 [pid 15295] <... futex resumed>) = 0 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 269.989658][T15296] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/539/bus supports timestamps until 2038 (0x7fffffff) [ 269.989841][T15297] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/548/bus supports timestamps until 2038 (0x7fffffff) [ 270.015426][T15300] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/542/bus supports timestamps until 2038 (0x7fffffff) [ 270.021141][T15305] loop4: detected capacity change from 0 to 2048 [pid 15293] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15297] <... open resumed>) = 4 [pid 15296] <... open resumed>) = 4 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... write resumed>) = 1048576 [pid 15307] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15307] ioctl(4, LOOP_SET_FD, 3 [pid 15300] <... open resumed>) = 4 [pid 15297] <... futex resumed>) = 1 [pid 15296] <... futex resumed>) = 1 [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15297] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15296] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15300] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15298] <... futex resumed>) = 0 [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 15300] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15296] <... openat resumed>) = 5 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15297] <... openat resumed>) = 5 [pid 15307] <... ioctl resumed>) = 0 [pid 15307] close(3 [pid 15300] <... openat resumed>) = 5 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... close resumed>) = 0 [pid 15307] mkdir("./bus", 0777 [pid 15300] <... futex resumed>) = 1 [pid 15298] <... futex resumed>) = 0 [pid 15297] <... futex resumed>) = 1 [pid 15296] <... futex resumed>) = 1 [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 15300] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... mkdir resumed>) = 0 [pid 15300] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15298] <... futex resumed>) = 0 [pid 15295] <... futex resumed>) = 0 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] <... futex resumed>) = 0 [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15297] <... write resumed>) = 196608 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15297] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15296] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15300] <... write resumed>) = 196608 [pid 15296] <... write resumed>) = 196608 [pid 15295] <... futex resumed>) = 0 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15293] <... openat resumed>) = 7 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15293] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15294] <... futex resumed>) = 0 [pid 15292] <... futex resumed>) = 0 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15292] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] <... futex resumed>) = 1 [pid 15300] <... futex resumed>) = 1 [pid 15297] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = 0 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] <... futex resumed>) = 1 [pid 15292] <... futex resumed>) = 1 [pid 15297] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15292] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15296] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15297] <... mount resumed>) = 0 [pid 15298] <... futex resumed>) = 0 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] <... mount resumed>) = 0 [pid 15297] <... futex resumed>) = 1 [pid 15295] <... futex resumed>) = 0 [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15300] <... futex resumed>) = 0 [pid 15295] <... futex resumed>) = 0 [pid 15300] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15297] <... open resumed>) = 6 [pid 15296] <... futex resumed>) = 1 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] <... futex resumed>) = 0 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] <... mount resumed>) = 0 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... futex resumed>) = 1 [pid 15296] <... open resumed>) = 6 [pid 15295] <... futex resumed>) = 0 [pid 15300] <... futex resumed>) = 1 [pid 15298] <... futex resumed>) = 0 [pid 15297] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15300] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15296] <... futex resumed>) = 1 [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 15300] <... open resumed>) = 6 [pid 15298] <... futex resumed>) = 0 [pid 15297] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15293] <... futex resumed>) = 0 [pid 15293] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15293] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15293] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15296] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15294] <... futex resumed>) = 0 [pid 15292] <... futex resumed>) = 0 [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15296] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15292] exit_group(0 [pid 15300] <... futex resumed>) = 1 [pid 15298] <... futex resumed>) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=44000000} [ 270.040816][T15293] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.055213][T15293] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 270.058487][T15307] loop0: detected capacity change from 0 to 2048 [pid 15300] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15293] <... futex resumed>) = ? [pid 15292] <... exit_group resumed>) = ? [pid 15293] +++ exited with 0 +++ [pid 15292] +++ exited with 0 +++ [pid 15305] <... mount resumed>) = 0 [pid 15305] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15305] chdir("./bus") = 0 [pid 15305] ioctl(4, LOOP_CLR_FD) = 0 [pid 15305] close(4) = 0 [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15299] <... futex resumed>) = 0 [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15305] <... futex resumed>) = 0 [pid 15299] <... futex resumed>) = 1 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15292, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 15305] chdir("./file0" [pid 408] umount2("./544", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15305] <... chdir resumed>) = 0 [pid 408] umount2("./544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15305] <... futex resumed>) = 1 [pid 15299] <... futex resumed>) = 0 [pid 408] lstat("./544/binderfs", [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15305] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15299] <... futex resumed>) = 0 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] unlink("./544/binderfs") = 0 [pid 15305] <... open resumed>) = 4 [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15305] <... futex resumed>) = 1 [pid 15299] <... futex resumed>) = 0 [pid 15305] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15305] <... openat resumed>) = 5 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15299] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15305] <... futex resumed>) = 0 [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15305] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15299] <... futex resumed>) = 0 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15305] <... write resumed>) = 196608 [pid 15300] <... write resumed>) = 1048576 [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] <... futex resumed>) = 0 [pid 15298] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] <... futex resumed>) = 1 [ 270.100472][T15305] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/545/bus supports timestamps until 2038 (0x7fffffff) [ 270.128748][T15307] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/539/bus supports timestamps until 2038 (0x7fffffff) [pid 15300] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15307] <... mount resumed>) = 0 [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... write resumed>) = 1048576 [pid 15296] <... write resumed>) = 1048576 [pid 15295] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15294] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15305] <... futex resumed>) = 1 [pid 15299] <... futex resumed>) = 0 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15305] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = 0 [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 15305] <... mount resumed>) = 0 [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15307] <... openat resumed>) = 3 [pid 15307] chdir("./bus") = 0 [pid 15307] ioctl(4, LOOP_CLR_FD) = 0 [pid 15307] close(4 [pid 15297] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15296] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15295] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15305] <... futex resumed>) = 0 [pid 15299] <... futex resumed>) = 1 [pid 15307] <... close resumed>) = 0 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15307] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15302] <... futex resumed>) = 0 [pid 15305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15305] <... futex resumed>) = 0 [pid 15299] <... futex resumed>) = 1 [pid 15305] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15305] <... open resumed>) = 6 [pid 15298] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 15305] <... futex resumed>) = 1 [pid 15299] <... futex resumed>) = 0 [pid 15298] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15305] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15299] <... futex resumed>) = 0 [pid 15298] <... futex resumed>) = 0 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15298] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15298] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15298] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15317], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15317 [pid 15298] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15298] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... futex resumed>) = 0 [pid 15302] <... futex resumed>) = 1 [pid 15300] <... openat resumed>) = 7 ./strace-static-x86_64: Process 15317 attached [pid 15317] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15317] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15317] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15298] <... futex resumed>) = 0 [pid 15317] <... futex resumed>) = 1 [pid 15317] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15307] chdir("./file0") = 0 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 270.132622][T15300] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.157785][T15297] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.158533][T15300] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 270.174640][T15296] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15307] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... futex resumed>) = 0 [pid 15302] <... futex resumed>) = 1 [pid 15307] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15300] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15300] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15298] exit_group(0 [pid 15300] <... futex resumed>) = ? [pid 15298] <... exit_group resumed>) = ? [pid 15300] +++ exited with 0 +++ [pid 15307] <... open resumed>) = 4 [pid 15317] <... futex resumed>) = ? [pid 15317] +++ exited with 0 +++ [pid 15298] +++ exited with 0 +++ [pid 15305] <... write resumed>) = 1048576 [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15299] <... futex resumed>) = 0 [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15305] <... futex resumed>) = 1 [pid 15305] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15297] <... openat resumed>) = 7 [pid 15296] <... openat resumed>) = 7 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15298, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15307] <... futex resumed>) = 1 [pid 15302] <... futex resumed>) = 0 [pid 15307] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... openat resumed>) = 5 [pid 15302] <... futex resumed>) = 0 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15307] <... futex resumed>) = 0 [pid 15302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15307] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... write resumed>) = 196608 [pid 15302] <... futex resumed>) = 0 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./542", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./542/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./542/binderfs") = 0 [pid 412] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15302] <... futex resumed>) = 0 [pid 15307] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15294] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 408] <... umount2 resumed>) = 0 [pid 15307] <... mount resumed>) = 0 [pid 15305] <... openat resumed>) = 7 [pid 15302] <... futex resumed>) = 0 [pid 15297] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15294] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15297] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = 0 [pid 15295] <... futex resumed>) = 0 [pid 15294] <... futex resumed>) = 0 [pid 408] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15307] <... futex resumed>) = 0 [pid 15302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15297] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15296] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15294] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15307] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] lstat("./544/bus", [pid 15307] <... open resumed>) = 6 [pid 15302] <... futex resumed>) = 0 [pid 15295] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15295] <... mprotect resumed>) = 0 [pid 15307] <... futex resumed>) = 0 [pid 15302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15296] <... openat resumed>) = 8 [pid 15295] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15307] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = 1 [pid 15295] <... clone resumed>, parent_tid=[15318], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15318 [pid 15294] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 15318 attached [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15296] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15295] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15294] exit_group(0 [pid 408] openat(AT_FDCWD, "./544/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15305] <... futex resumed>) = 1 [pid 15299] <... futex resumed>) = 0 [pid 15296] <... futex resumed>) = ? [pid 15295] <... futex resumed>) = 0 [pid 15294] <... exit_group resumed>) = ? [pid 15305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15299] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15296] +++ exited with 0 +++ [pid 15295] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... openat resumed>) = 4 [pid 15305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15299] <... futex resumed>) = 0 [pid 15294] +++ exited with 0 +++ [pid 15305] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15299] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15294, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 15305] <... openat resumed>) = 8 [pid 15305] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15299] <... futex resumed>) = 0 [pid 15305] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15299] exit_group(0 [pid 15305] <... futex resumed>) = ? [pid 15299] <... exit_group resumed>) = ? [pid 15305] +++ exited with 0 +++ [pid 15299] +++ exited with 0 +++ [pid 15318] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15318] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 408] fstat(4, [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15299, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15318] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15295] <... futex resumed>) = 0 [pid 15295] exit_group(0 [pid 15297] <... futex resumed>) = ? [pid 15295] <... exit_group resumed>) = ? [pid 15297] +++ exited with 0 +++ [pid 411] <... restart_syscall resumed>) = 0 [pid 408] getdents64(4, [pid 15318] <... futex resumed>) = ? [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] umount2("./545", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./539", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] getdents64(4, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./545", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] openat(AT_FDCWD, "./539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... openat resumed>) = 3 [pid 409] <... openat resumed>) = 3 [pid 411] fstat(3, [pid 409] fstat(3, [pid 408] close(4 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15318] +++ exited with 0 +++ [pid 15295] +++ exited with 0 +++ [pid 408] <... close resumed>) = 0 [pid 411] getdents64(3, [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15295, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 409] getdents64(3, [pid 408] rmdir("./544/bus" [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./545/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./548", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] lstat("./545/binderfs", [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./539/binderfs", [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] openat(AT_FDCWD, "./548", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 411] unlink("./545/binderfs" [pid 410] <... openat resumed>) = 3 [pid 409] unlink("./539/binderfs" [pid 408] getdents64(3, [pid 411] <... unlink resumed>) = 0 [pid 410] fstat(3, [pid 409] <... unlink resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./548/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] close(3 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... close resumed>) = 0 [pid 410] lstat("./548/binderfs", [pid 408] rmdir("./544" [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 410] unlink("./548/binderfs" [pid 408] mkdir("./545", 0777 [pid 410] <... unlink resumed>) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 410] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15319 ./strace-static-x86_64: Process 15319 attached [pid 15307] <... write resumed>) = 1048576 [pid 412] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 15319] set_robust_list(0x555555f755e0, 24 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./542/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 270.196582][T15297] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 270.205872][T15296] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 270.209276][T15305] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.228696][T15305] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 412] openat(AT_FDCWD, "./542/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15307] <... futex resumed>) = 1 [pid 15302] <... futex resumed>) = 0 [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] fstat(4, [pid 15307] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15319] <... set_robust_list resumed>) = 0 [pid 412] getdents64(4, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./542/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./542") = 0 [pid 412] mkdir("./543", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15320 [pid 410] lstat("./548/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./548/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./548/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./548") = 0 [pid 410] mkdir("./549", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15319] chdir("./545") = 0 [pid 15319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15319] setpgid(0, 0) = 0 [pid 15319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15319] write(3, "1000", 4) = 4 [pid 15319] close(3) = 0 [pid 15319] symlink("/dev/binderfs", "./binderfs" [pid 411] <... umount2 resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 409] <... umount2 resumed>) = 0 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15321 [pid 411] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./539/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./539/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15319] <... symlink resumed>) = 0 [pid 409] <... openat resumed>) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(4, [pid 15319] <... futex resumed>) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15319] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 409] getdents64(4, [pid 15319] <... mmap resumed>) = 0x7f1c32416000 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 15321 attached ./strace-static-x86_64: Process 15320 attached [pid 15319] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 411] lstat("./545/bus", [pid 409] close(4 [pid 15321] set_robust_list(0x555555f755e0, 24 [pid 15320] set_robust_list(0x555555f755e0, 24 [pid 15319] <... mprotect resumed>) = 0 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... close resumed>) = 0 [pid 15321] <... set_robust_list resumed>) = 0 [pid 15320] <... set_robust_list resumed>) = 0 [pid 15319] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] rmdir("./539/bus" [pid 15321] chdir("./549" [pid 15320] chdir("./543" [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... rmdir resumed>) = 0 [pid 15321] <... chdir resumed>) = 0 [pid 15320] <... chdir resumed>) = 0 [pid 15319] <... clone resumed>, parent_tid=[15322], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15322 [pid 411] openat(AT_FDCWD, "./545/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] getdents64(3, [pid 15321] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15320] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 4 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15321] <... prctl resumed>) = 0 [pid 15320] <... prctl resumed>) = 0 [pid 15319] <... futex resumed>) = 0 [pid 411] fstat(4, [pid 409] close(3 [pid 15321] setpgid(0, 0 [pid 15320] setpgid(0, 0 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... close resumed>) = 0 [pid 15321] <... setpgid resumed>) = 0 [pid 15320] <... setpgid resumed>) = 0 [pid 411] getdents64(4, [pid 409] rmdir("./539"./strace-static-x86_64: Process 15322 attached [pid 15321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15307] <... openat resumed>) = 7 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... rmdir resumed>) = 0 [pid 15322] set_robust_list(0x7f1c324369e0, 24 [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15321] <... openat resumed>) = 3 [pid 15320] <... openat resumed>) = 3 [pid 15321] write(3, "1000", 4 [pid 15320] write(3, "1000", 4 [pid 15321] <... write resumed>) = 4 [pid 15320] <... write resumed>) = 4 [pid 411] getdents64(4, [pid 409] mkdir("./540", 0777 [pid 15322] <... set_robust_list resumed>) = 0 [pid 15321] close(3 [pid 15320] close(3 [pid 15307] <... futex resumed>) = 1 [pid 15302] <... futex resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15322] memfd_create("syzkaller", 0 [pid 15307] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15302] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] <... memfd_create resumed>) = 3 [pid 15321] <... close resumed>) = 0 [pid 15320] <... close resumed>) = 0 [pid 15307] <... openat resumed>) = 8 [pid 15302] <... futex resumed>) = 0 [pid 411] close(4 [pid 409] <... mkdir resumed>) = 0 [pid 15322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15321] symlink("/dev/binderfs", "./binderfs" [pid 15320] symlink("/dev/binderfs", "./binderfs" [pid 15307] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15302] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15322] <... mmap resumed>) = 0x7f1c2a016000 [pid 15307] <... futex resumed>) = 0 [pid 15302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] <... close resumed>) = 0 [pid 15321] <... symlink resumed>) = 0 [pid 15320] <... symlink resumed>) = 0 [pid 15307] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15302] exit_group(0 [pid 411] rmdir("./545/bus" [pid 409] <... openat resumed>) = 3 [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15307] <... futex resumed>) = ? [pid 15302] <... exit_group resumed>) = ? [pid 411] <... rmdir resumed>) = 0 [pid 409] ioctl(3, LOOP_CLR_FD [pid 15321] <... futex resumed>) = 0 [pid 15320] <... futex resumed>) = 0 [pid 411] getdents64(3, [pid 15322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15307] +++ exited with 0 +++ [pid 15302] +++ exited with 0 +++ [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15321] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3 [pid 15321] <... mmap resumed>) = 0x7f1c32416000 [pid 15320] <... mmap resumed>) = 0x7f1c32416000 [pid 411] close(3 [pid 15321] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15320] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 409] <... close resumed>) = 0 [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15302, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 15321] <... mprotect resumed>) = 0 [pid 15320] <... mprotect resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 15321] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15320] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] rmdir("./545" [pid 407] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 15325 attached [pid 15320] <... clone resumed>, parent_tid=[15324], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15324 [pid 15321] <... clone resumed>, parent_tid=[15325], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15325 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15323 [pid 15325] set_robust_list(0x7f1c324369e0, 24 [pid 411] <... rmdir resumed>) = 0 [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] umount2("./539", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15320] <... futex resumed>) = 0 [pid 15321] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] mkdir("./546", 0777 [pid 407] openat(AT_FDCWD, "./539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [ 270.283109][T15307] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.310761][T15307] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem ./strace-static-x86_64: Process 15324 attached ./strace-static-x86_64: Process 15323 attached [pid 15325] <... set_robust_list resumed>) = 0 [pid 15322] <... write resumed>) = 1048576 [pid 411] <... mkdir resumed>) = 0 [pid 407] umount2("./539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] <... openat resumed>) = 3 [pid 407] lstat("./539/binderfs", [pid 411] ioctl(3, LOOP_CLR_FD [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] unlink("./539/binderfs" [pid 411] close(3 [pid 407] <... unlink resumed>) = 0 [pid 411] <... close resumed>) = 0 [pid 407] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15326 [pid 15322] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15322] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15322] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15326 attached [pid 15325] memfd_create("syzkaller", 0 [pid 15324] set_robust_list(0x7f1c324369e0, 24 [pid 15323] set_robust_list(0x555555f755e0, 24 [pid 15326] set_robust_list(0x555555f755e0, 24 [pid 15325] <... memfd_create resumed>) = 3 [pid 15324] <... set_robust_list resumed>) = 0 [pid 15326] <... set_robust_list resumed>) = 0 [pid 15325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15323] <... set_robust_list resumed>) = 0 [pid 15326] chdir("./546" [pid 15325] <... mmap resumed>) = 0x7f1c2a016000 [pid 15324] memfd_create("syzkaller", 0 [pid 15326] <... chdir resumed>) = 0 [pid 15323] chdir("./540" [pid 15322] <... ioctl resumed>) = 0 [pid 15322] close(3) = 0 [pid 15322] mkdir("./bus", 0777 [pid 15326] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15324] <... memfd_create resumed>) = 3 [pid 15323] <... chdir resumed>) = 0 [pid 15322] <... mkdir resumed>) = 0 [pid 15322] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15326] <... prctl resumed>) = 0 [pid 15324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15323] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15326] setpgid(0, 0 [pid 15324] <... mmap resumed>) = 0x7f1c2a016000 [pid 15323] <... prctl resumed>) = 0 [pid 15326] <... setpgid resumed>) = 0 [pid 15325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15325] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15325] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 15325] ioctl(4, LOOP_SET_FD, 3 [pid 15326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15323] setpgid(0, 0 [pid 15324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15324] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15324] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 270.347251][T15322] loop1: detected capacity change from 0 to 2048 [ 270.370833][T15325] loop3: detected capacity change from 0 to 2048 [ 270.376667][T15324] loop5: detected capacity change from 0 to 2048 [pid 15324] ioctl(4, LOOP_SET_FD, 3 [pid 15326] <... openat resumed>) = 3 [pid 15325] <... ioctl resumed>) = 0 [pid 15323] <... setpgid resumed>) = 0 [pid 15323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15326] write(3, "1000", 4 [pid 15323] <... openat resumed>) = 3 [pid 15326] <... write resumed>) = 4 [pid 15323] write(3, "1000", 4 [pid 15326] close(3 [pid 15323] <... write resumed>) = 4 [pid 15326] <... close resumed>) = 0 [pid 15323] close(3 [pid 15326] symlink("/dev/binderfs", "./binderfs" [pid 15323] <... close resumed>) = 0 [pid 15326] <... symlink resumed>) = 0 [pid 15323] symlink("/dev/binderfs", "./binderfs" [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] <... symlink resumed>) = 0 [pid 15326] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15323] <... futex resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 15326] <... mmap resumed>) = 0x7f1c32416000 [pid 15323] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15326] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15323] <... mmap resumed>) = 0x7f1c32416000 [pid 15326] <... mprotect resumed>) = 0 [pid 15323] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15326] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15323] <... mprotect resumed>) = 0 [pid 15323] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15326] <... clone resumed>, parent_tid=[15329], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15329 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] <... clone resumed>, parent_tid=[15330], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15330 [pid 15326] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15323] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./539/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./539/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./539/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4) = 0 [pid 407] rmdir("./539/bus" [pid 15325] close(3 [pid 407] <... rmdir resumed>) = 0 [pid 15325] <... close resumed>) = 0 [pid 15325] mkdir("./bus", 0777 [pid 407] getdents64(3, [pid 15325] <... mkdir resumed>) = 0 [pid 15325] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./539") = 0 [pid 407] mkdir("./540", 0777./strace-static-x86_64: Process 15330 attached ./strace-static-x86_64: Process 15329 attached ) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15331 ./strace-static-x86_64: Process 15331 attached [pid 15331] set_robust_list(0x555555f755e0, 24) = 0 [pid 15331] chdir("./540") = 0 [pid 15331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15331] setpgid(0, 0) = 0 [pid 15331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15331] write(3, "1000", 4) = 4 [pid 15331] close(3) = 0 [pid 15331] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15330] set_robust_list(0x7f1c324369e0, 24 [pid 15329] set_robust_list(0x7f1c324369e0, 24 [pid 15330] <... set_robust_list resumed>) = 0 [pid 15329] <... set_robust_list resumed>) = 0 [pid 15329] memfd_create("syzkaller", 0 [pid 15330] memfd_create("syzkaller", 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15329] <... memfd_create resumed>) = 3 [pid 15330] <... memfd_create resumed>) = 3 [pid 15330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15330] <... mmap resumed>) = 0x7f1c2a016000 [pid 15329] <... mmap resumed>) = 0x7f1c2a016000 [pid 15331] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15331] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15331] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15333], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15333 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15322] <... mount resumed>) = 0 [pid 15322] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15322] chdir("./bus") = 0 [pid 15322] ioctl(4, LOOP_CLR_FD) = 0 [pid 15322] close(4) = 0 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15319] <... futex resumed>) = 0 [pid 15322] chdir("./file0" [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] <... chdir resumed>) = 0 [pid 15319] <... futex resumed>) = 0 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15322] <... futex resumed>) = 0 [pid 15319] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15319] <... futex resumed>) = 0 [pid 15322] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... ioctl resumed>) = 0 [pid 15324] close(3) = 0 [pid 15324] mkdir("./bus", 0777) = 0 [pid 15324] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15333 attached [pid 15333] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15333] memfd_create("syzkaller", 0) = 3 [pid 15333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15322] <... open resumed>) = 4 [pid 15330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15319] <... futex resumed>) = 0 [pid 15322] <... futex resumed>) = 1 [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15319] <... futex resumed>) = 0 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15322] <... openat resumed>) = 5 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15319] <... futex resumed>) = 0 [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15319] <... futex resumed>) = 0 [ 270.386261][T15322] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/545/bus supports timestamps until 2038 (0x7fffffff) [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15322] <... write resumed>) = 196608 [pid 15333] <... write resumed>) = 1048576 [pid 15333] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15330] <... write resumed>) = 1048576 [pid 15329] <... write resumed>) = 1048576 [pid 15325] <... mount resumed>) = 0 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15325] chdir("./bus") = 0 [pid 15325] ioctl(4, LOOP_CLR_FD) = 0 [pid 15325] close(4 [pid 15333] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15330] munmap(0x7f1c2a016000, 1048576 [pid 15329] munmap(0x7f1c2a016000, 1048576 [pid 15322] <... futex resumed>) = 1 [pid 15319] <... futex resumed>) = 0 [pid 15333] <... openat resumed>) = 4 [pid 15330] <... munmap resumed>) = 0 [pid 15329] <... munmap resumed>) = 0 [pid 15322] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15333] ioctl(4, LOOP_SET_FD, 3 [pid 15330] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15329] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15322] <... mount resumed>) = 0 [pid 15319] <... futex resumed>) = 0 [pid 15330] <... openat resumed>) = 4 [pid 15329] <... openat resumed>) = 4 [pid 15325] <... close resumed>) = 0 [pid 15324] <... mount resumed>) = 0 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15330] ioctl(4, LOOP_SET_FD, 3 [pid 15329] ioctl(4, LOOP_SET_FD, 3 [pid 15322] <... futex resumed>) = 0 [pid 15333] <... ioctl resumed>) = 0 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15324] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15319] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15329] <... ioctl resumed>) = 0 [pid 15329] close(3) = 0 [pid 15329] mkdir("./bus", 0777) = 0 [pid 15329] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15333] close(3) = 0 [pid 15333] mkdir("./bus", 0777) = 0 [pid 15333] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15325] <... futex resumed>) = 1 [pid 15325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15324] <... openat resumed>) = 3 [pid 15324] chdir("./bus") = 0 [pid 15321] <... futex resumed>) = 0 [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] ioctl(4, LOOP_CLR_FD) = 0 [pid 15324] close(4) = 0 [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] <... futex resumed>) = 0 [pid 15322] <... futex resumed>) = 0 [pid 15319] <... futex resumed>) = 1 [pid 15325] chdir("./file0") = 0 [pid 15322] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15322] <... open resumed>) = 6 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15319] <... futex resumed>) = 0 [pid 15321] <... futex resumed>) = 0 [pid 15325] <... futex resumed>) = 1 [pid 15322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15322] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15321] <... futex resumed>) = 0 [pid 15322] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15319] <... futex resumed>) = 0 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15324] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15330] <... ioctl resumed>) = 0 [pid 15330] close(3) = 0 [pid 15330] mkdir("./bus", 0777) = 0 [pid 15330] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15320] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... futex resumed>) = 0 [pid 15324] chdir("./file0") = 0 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15324] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15320] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15324] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15320] <... futex resumed>) = 0 [pid 15324] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 270.440823][T15325] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/549/bus supports timestamps until 2038 (0x7fffffff) [ 270.445400][T15324] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/543/bus supports timestamps until 2038 (0x7fffffff) [ 270.462647][T15333] loop0: detected capacity change from 0 to 2048 [ 270.464979][T15329] loop4: detected capacity change from 0 to 2048 [ 270.474306][T15330] loop2: detected capacity change from 0 to 2048 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15325] <... open resumed>) = 4 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15324] <... openat resumed>) = 5 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15324] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... futex resumed>) = 0 [pid 15324] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... futex resumed>) = 1 [pid 15324] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... futex resumed>) = 1 [pid 15324] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... futex resumed>) = 1 [pid 15324] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15321] <... futex resumed>) = 0 [pid 15333] <... mount resumed>) = 0 [pid 15333] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15333] chdir("./bus") = 0 [pid 15333] ioctl(4, LOOP_CLR_FD) = 0 [pid 15333] close(4 [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15325] <... futex resumed>) = 0 [pid 15333] <... close resumed>) = 0 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [pid 15333] chdir("./file0") = 0 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [pid 15333] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15325] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15322] <... write resumed>) = 1048576 [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] <... write resumed>) = 1048576 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15320] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15320] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15324] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15333] <... open resumed>) = 4 [pid 15325] <... openat resumed>) = 5 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] <... futex resumed>) = 1 [pid 15319] <... futex resumed>) = 0 [pid 15325] <... futex resumed>) = 1 [pid 15322] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15321] <... futex resumed>) = 0 [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15319] <... futex resumed>) = 0 [pid 15325] <... write resumed>) = 196608 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [pid 15333] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [pid 15333] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [pid 15333] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [pid 15333] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] <... futex resumed>) = 0 [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] <... futex resumed>) = 1 [ 270.504591][T15333] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/540/bus supports timestamps until 2038 (0x7fffffff) [ 270.529468][T15324] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15333] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15325] <... futex resumed>) = 0 [pid 15321] <... futex resumed>) = 1 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] <... futex resumed>) = 0 [pid 15321] <... futex resumed>) = 1 [pid 15325] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15325] <... mount resumed>) = 0 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15325] <... futex resumed>) = 1 [pid 15321] <... futex resumed>) = 0 [pid 15320] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15325] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] <... futex resumed>) = 0 [pid 15325] <... open resumed>) = 6 [pid 15321] <... futex resumed>) = 0 [pid 15320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15320] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15325] <... futex resumed>) = 0 [pid 15321] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15320] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15325] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15320] <... mprotect resumed>) = 0 [pid 15321] <... futex resumed>) = 0 [pid 15320] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15320] <... clone resumed>, parent_tid=[15343], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15343 [pid 15320] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15320] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15343 attached [pid 15333] <... write resumed>) = 1048576 [pid 15329] <... mount resumed>) = 0 [pid 15325] <... write resumed>) = 1048576 [pid 15322] <... openat resumed>) = 7 [pid 15343] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15343] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15333] <... futex resumed>) = 1 [pid 15333] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15329] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15329] chdir("./bus") = 0 [pid 15329] ioctl(4, LOOP_CLR_FD) = 0 [pid 15329] close(4 [pid 15331] <... futex resumed>) = 0 [pid 15330] <... mount resumed>) = 0 [pid 15329] <... close resumed>) = 0 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15324] <... openat resumed>) = 7 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] <... futex resumed>) = 0 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] <... futex resumed>) = 1 [pid 15329] chdir("./file0") = 0 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] <... futex resumed>) = 0 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] <... futex resumed>) = 1 [pid 15329] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15330] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15331] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] <... futex resumed>) = 1 [pid 15331] <... futex resumed>) = 1 [pid 15319] <... futex resumed>) = 0 [pid 15343] <... openat resumed>) = 8 [pid 15319] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15343] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15322] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15319] <... futex resumed>) = 0 [pid 15343] <... futex resumed>) = 1 [pid 15333] <... futex resumed>) = 0 [pid 15320] <... futex resumed>) = 0 [pid 15343] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15322] <... openat resumed>) = 8 [pid 15319] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15333] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15322] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15319] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15322] <... futex resumed>) = 0 [pid 15330] <... openat resumed>) = 3 [pid 15321] <... futex resumed>) = 0 [pid 15321] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15321] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15325] <... futex resumed>) = 1 [ 270.539716][T15322] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.558631][T15322] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 270.562933][T15324] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 270.568342][T15329] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/546/bus supports timestamps until 2038 (0x7fffffff) [ 270.589393][T15330] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/540/bus supports timestamps until 2038 (0x7fffffff) [pid 15325] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15330] chdir("./bus" [pid 15329] <... open resumed>) = 4 [pid 15322] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15319] exit_group(0 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15326] <... futex resumed>) = 0 [pid 15329] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15326] <... futex resumed>) = 0 [pid 15329] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] <... openat resumed>) = 5 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15326] <... futex resumed>) = 0 [pid 15329] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15326] <... futex resumed>) = 0 [pid 15329] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] <... write resumed>) = 196608 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] <... futex resumed>) = 0 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] <... futex resumed>) = 1 [pid 15329] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] <... futex resumed>) = 0 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] <... futex resumed>) = 1 [pid 15329] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15326] <... futex resumed>) = 0 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15319] <... exit_group resumed>) = ? [pid 15329] <... futex resumed>) = 1 [pid 15322] <... futex resumed>) = ? [pid 15329] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15330] <... chdir resumed>) = 0 [pid 15330] ioctl(4, LOOP_CLR_FD) = 0 [pid 15330] close(4) = 0 [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15330] <... futex resumed>) = 1 [pid 15330] chdir("./file0") = 0 [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15330] <... futex resumed>) = 1 [pid 15330] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15324] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15324] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15322] +++ exited with 0 +++ [pid 15319] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15319, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15321] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15321] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15321] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 408] umount2("./545", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15321] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15331] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15321] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 408] openat(AT_FDCWD, "./545", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15321] <... mprotect resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 15321] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15331] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15330] <... open resumed>) = 4 [pid 15325] <... openat resumed>) = 7 [pid 15321] <... clone resumed>, parent_tid=[15344], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15344 [pid 15320] exit_group(0 [pid 408] getdents64(3, [pid 15343] <... futex resumed>) = ? [pid 15331] <... futex resumed>) = 0 [pid 15324] <... futex resumed>) = ? [pid 15320] <... exit_group resumed>) = ? [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15321] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15343] +++ exited with 0 +++ [pid 15331] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15330] <... futex resumed>) = 1 [pid 15329] <... write resumed>) = 1048576 [pid 15324] +++ exited with 0 +++ [pid 15323] <... futex resumed>) = 0 [pid 15321] <... futex resumed>) = 0 [pid 15320] +++ exited with 0 +++ [pid 408] umount2("./545/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15331] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15331] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15329] <... futex resumed>) = 1 [pid 15326] <... futex resumed>) = 0 [pid 15331] <... mprotect resumed>) = 0 [pid 15329] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 270.605755][T15333] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.607167][T15325] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.621077][T15333] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 270.643489][T15325] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 15344 attached [pid 15333] <... openat resumed>) = 7 [pid 15331] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15330] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15326] <... futex resumed>) = 0 [pid 15325] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15321] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15330] <... openat resumed>) = 5 [pid 15323] <... futex resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15320, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 408] lstat("./545/binderfs", [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15330] <... futex resumed>) = 0 [pid 15323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... restart_syscall resumed>) = 0 [pid 408] unlink("./545/binderfs" [pid 15330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... unlink resumed>) = 0 [pid 15330] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15323] <... futex resumed>) = 0 [pid 408] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15330] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./543", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15330] <... write resumed>) = 196608 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] openat(AT_FDCWD, "./543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15330] <... futex resumed>) = 1 [pid 15323] <... futex resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 15330] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] fstat(3, [pid 15330] <... mount resumed>) = 0 [pid 15323] <... futex resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(3, [pid 15330] <... futex resumed>) = 0 [pid 15323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15330] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15325] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15330] <... open resumed>) = 6 [pid 15325] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15323] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] lstat("./543/binderfs", [pid 15330] <... futex resumed>) = 0 [pid 15323] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] unlink("./543/binderfs" [pid 15330] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15323] <... futex resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 15330] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 15345 attached [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15344] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15333] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15344] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15333] <... futex resumed>) = 0 [pid 15333] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15344] <... openat resumed>) = 8 [pid 15344] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15321] <... futex resumed>) = 0 [pid 15344] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15321] exit_group(0 [pid 15344] <... futex resumed>) = ? [pid 15325] <... futex resumed>) = ? [pid 15321] <... exit_group resumed>) = ? [pid 15344] +++ exited with 0 +++ [pid 15325] +++ exited with 0 +++ [pid 15321] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15321, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 410] umount2("./549", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./549", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./549/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./549/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./549/binderfs") = 0 [pid 410] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15345] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15345] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15331] <... clone resumed>, parent_tid=[15345], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15345 [pid 15331] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15345] <... futex resumed>) = 0 [pid 15331] <... futex resumed>) = 1 [pid 15345] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15331] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15345] <... openat resumed>) = 8 [pid 15345] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15331] <... futex resumed>) = 0 [pid 15345] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15331] exit_group(0 [pid 15345] <... futex resumed>) = ? [pid 15333] <... futex resumed>) = ? [pid 15331] <... exit_group resumed>) = ? [pid 15345] +++ exited with 0 +++ [pid 15333] +++ exited with 0 +++ [pid 15331] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15331, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 407] umount2("./540", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./540/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./540/binderfs") = 0 [pid 407] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15329] <... openat resumed>) = 7 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15326] <... futex resumed>) = 0 [pid 15326] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15326] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15329] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15329] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15329] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15326] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15326] exit_group(0) = ? [pid 15329] <... futex resumed>) = ? [pid 15330] <... write resumed>) = 1048576 [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15323] <... futex resumed>) = 0 [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15330] <... futex resumed>) = 1 [ 270.664379][T15329] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.683419][T15329] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 15330] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15329] +++ exited with 0 +++ [pid 15326] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15326, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 411] umount2("./546", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./546", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./546/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./546/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./546/binderfs") = 0 [pid 411] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = 0 [pid 15330] <... openat resumed>) = 7 [pid 408] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./545/bus", [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15330] <... futex resumed>) = 1 [pid 15323] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 408] openat(AT_FDCWD, "./545/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15323] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... openat resumed>) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, [pid 15323] <... futex resumed>) = 0 [pid 412] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15323] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] getdents64(4, [pid 410] lstat("./549/bus", [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] close(4 [pid 412] lstat("./543/bus", [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... close resumed>) = 0 [pid 410] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] rmdir("./545/bus" [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... rmdir resumed>) = 0 [pid 410] openat(AT_FDCWD, "./549/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] getdents64(3, [pid 15330] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... openat resumed>) = 4 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15330] <... openat resumed>) = 8 [pid 412] openat(AT_FDCWD, "./543/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] fstat(4, [pid 408] close(3 [pid 15330] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... openat resumed>) = 4 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... close resumed>) = 0 [pid 15330] <... futex resumed>) = 1 [pid 15323] <... futex resumed>) = 0 [pid 412] fstat(4, [pid 410] getdents64(4, [pid 408] rmdir("./545" [pid 15330] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15323] exit_group(0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... rmdir resumed>) = 0 [pid 15330] <... futex resumed>) = ? [pid 15323] <... exit_group resumed>) = ? [pid 410] getdents64(4, [pid 412] getdents64(4, [pid 408] mkdir("./546", 0777 [pid 15330] +++ exited with 0 +++ [pid 15323] +++ exited with 0 +++ [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] close(3) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15346 [pid 412] getdents64(4, [pid 410] close(4 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15323, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 410] <... close resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] rmdir("./549/bus" [pid 412] close(4) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] umount2("./540", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] rmdir("./543/bus" [pid 410] getdents64(3, [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... rmdir resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] openat(AT_FDCWD, "./540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] getdents64(3, ./strace-static-x86_64: Process 15346 attached 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3 [pid 409] <... openat resumed>) = 3 [pid 412] close(3 [pid 410] <... close resumed>) = 0 [pid 409] fstat(3, [pid 410] rmdir("./549" [pid 412] <... close resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15346] set_robust_list(0x555555f755e0, 24) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] getdents64(3, [pid 412] rmdir("./543" [pid 410] mkdir("./550", 0777 [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15346] chdir("./546" [pid 412] <... rmdir resumed>) = 0 [pid 409] umount2("./540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15346] <... chdir resumed>) = 0 [pid 15346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15346] setpgid(0, 0) = 0 [pid 410] <... mkdir resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] mkdir("./544", 0777 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] lstat("./540/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15346] write(3, "1000", 4 [pid 412] <... mkdir resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 409] unlink("./540/binderfs" [pid 15346] <... write resumed>) = 4 [pid 15346] close(3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] <... unlink resumed>) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15346] <... close resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] close(3 [pid 412] ioctl(3, LOOP_CLR_FD [pid 15346] symlink("/dev/binderfs", "./binderfs") = 0 [pid 412] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] <... close resumed>) = 0 [pid 412] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15347 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15348 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15346] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15346] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15349], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15349 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] lstat("./540/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./540/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 15348 attached [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 15349 attached ./strace-static-x86_64: Process 15347 attached [pid 15348] set_robust_list(0x555555f755e0, 24 [pid 407] close(4 [pid 15348] <... set_robust_list resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 15349] set_robust_list(0x7f1c324369e0, 24 [pid 15347] set_robust_list(0x555555f755e0, 24 [pid 15348] chdir("./544" [pid 15347] <... set_robust_list resumed>) = 0 [pid 15349] <... set_robust_list resumed>) = 0 [pid 407] rmdir("./540/bus") = 0 [pid 15348] <... chdir resumed>) = 0 [pid 15348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15348] setpgid(0, 0 [pid 407] getdents64(3, [pid 15348] <... setpgid resumed>) = 0 [pid 15348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15348] write(3, "1000", 4 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15348] <... write resumed>) = 4 [pid 15348] close(3) = 0 [pid 15348] symlink("/dev/binderfs", "./binderfs" [pid 407] close(3 [pid 15348] <... symlink resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] rmdir("./540" [pid 15348] <... futex resumed>) = 0 [pid 15348] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15348] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 407] <... rmdir resumed>) = 0 [pid 15348] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] mkdir("./541", 0777 [pid 15348] <... clone resumed>, parent_tid=[15350], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15350 [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15347] chdir("./550") = 0 [pid 15347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15347] setpgid(0, 0) = 0 [pid 15347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15347] write(3, "1000", 4) = 4 [pid 407] <... mkdir resumed>) = 0 [pid 15347] close(3) = 0 [pid 15347] symlink("/dev/binderfs", "./binderfs" [pid 15349] memfd_create("syzkaller", 0 [pid 15347] <... symlink resumed>) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 15350 attached [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15350] set_robust_list(0x7f1c324369e0, 24 [pid 15349] <... memfd_create resumed>) = 3 [pid 15347] <... mmap resumed>) = 0x7f1c32416000 [pid 407] <... openat resumed>) = 3 [pid 15347] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15350] <... set_robust_list resumed>) = 0 [pid 15349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 15347] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15349] <... mmap resumed>) = 0x7f1c2a016000 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15347] <... clone resumed>, parent_tid=[15351], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15351 [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] close(3./strace-static-x86_64: Process 15351 attached [pid 15351] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15351] memfd_create("syzkaller", 0) = 3 [pid 15351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 407] <... close resumed>) = 0 [pid 15351] <... mmap resumed>) = 0x7f1c2a016000 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15352 [ 270.717635][T15330] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 270.735101][T15330] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 15351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15350] memfd_create("syzkaller", 0) = 3 [pid 15350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 411] <... umount2 resumed>) = 0 [pid 411] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./546/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./546/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./546/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./546") = 0 [pid 411] mkdir("./547", 0777) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15353 [pid 15351] <... write resumed>) = 1048576 [pid 15351] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15351] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 15351] ioctl(4, LOOP_SET_FD, 3 [pid 409] <... umount2 resumed>) = 0 [pid 409] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./540/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15351] <... ioctl resumed>) = 0 [pid 409] umount2("./540/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15351] close(3 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./540/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, [pid 15351] <... close resumed>) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4 [pid 15351] mkdir("./bus", 0777 [pid 409] <... close resumed>) = 0 [pid 409] rmdir("./540/bus" [pid 15351] <... mkdir resumed>) = 0 [pid 15351] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15352 attached [pid 15352] set_robust_list(0x555555f755e0, 24) = 0 [pid 15352] chdir("./541") = 0 [pid 15352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15352] setpgid(0, 0) = 0 [pid 15352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 409] <... rmdir resumed>) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./540" [pid 15352] <... openat resumed>) = 3 [pid 15352] write(3, "1000", 4 [pid 409] <... rmdir resumed>) = 0 [pid 15352] <... write resumed>) = 4 [pid 409] mkdir("./541", 0777 [pid 15352] close(3) = 0 [pid 15352] symlink("/dev/binderfs", "./binderfs" [pid 409] <... mkdir resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 15352] <... symlink resumed>) = 0 [pid 409] close(3 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... close resumed>) = 0 [pid 15352] <... futex resumed>) = 0 [pid 15352] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15352] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15352] <... mprotect resumed>) = 0 [pid 15352] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 15355 attached ./strace-static-x86_64: Process 15354 attached ./strace-static-x86_64: Process 15353 attached [pid 15350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15354 [pid 15355] set_robust_list(0x7f1c324369e0, 24 [pid 15354] set_robust_list(0x555555f755e0, 24 [pid 15353] set_robust_list(0x555555f755e0, 24 [pid 15352] <... clone resumed>, parent_tid=[15355], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15355 [pid 15350] <... write resumed>) = 1048576 [pid 15349] <... write resumed>) = 1048576 [pid 15354] <... set_robust_list resumed>) = 0 [pid 15353] <... set_robust_list resumed>) = 0 [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... set_robust_list resumed>) = 0 [pid 15353] chdir("./547" [pid 15354] chdir("./541" [pid 15352] <... futex resumed>) = 0 [pid 15350] munmap(0x7f1c2a016000, 1048576 [pid 15349] munmap(0x7f1c2a016000, 1048576 [pid 15354] <... chdir resumed>) = 0 [pid 15354] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15353] <... chdir resumed>) = 0 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15354] <... prctl resumed>) = 0 [pid 15350] <... munmap resumed>) = 0 [pid 15354] setpgid(0, 0 [pid 15350] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15354] <... setpgid resumed>) = 0 [pid 15353] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15353] <... prctl resumed>) = 0 [pid 15353] setpgid(0, 0 [pid 15354] <... openat resumed>) = 3 [pid 15353] <... setpgid resumed>) = 0 [pid 15354] write(3, "1000", 4 [pid 15350] <... openat resumed>) = 4 [pid 15354] <... write resumed>) = 4 [pid 15354] close(3 [pid 15350] ioctl(4, LOOP_SET_FD, 3 [pid 15354] <... close resumed>) = 0 [pid 15354] symlink("/dev/binderfs", "./binderfs" [pid 15353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15354] <... symlink resumed>) = 0 [pid 15353] <... openat resumed>) = 3 [pid 15353] write(3, "1000", 4 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15353] <... write resumed>) = 4 [pid 15353] close(3) = 0 [pid 15353] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15353] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15353] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15353] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15357], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15357 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15355] memfd_create("syzkaller", 0) = 3 [pid 15355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15354] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15354] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15354] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15359], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15359 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 270.810726][T15351] loop3: detected capacity change from 0 to 2048 [ 270.840720][T15350] loop5: detected capacity change from 0 to 2048 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15349] <... munmap resumed>) = 0 [pid 15355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 15359 attached [pid 15359] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15359] memfd_create("syzkaller", 0) = 3 [pid 15359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15355] <... write resumed>) = 1048576 [pid 15355] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15355] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 15357 attached [pid 15351] <... mount resumed>) = 0 [pid 15350] <... ioctl resumed>) = 0 [pid 15349] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15357] set_robust_list(0x7f1c324369e0, 24 [pid 15351] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15350] close(3 [pid 15349] <... openat resumed>) = 4 [pid 15357] <... set_robust_list resumed>) = 0 [pid 15350] <... close resumed>) = 0 [pid 15349] ioctl(4, LOOP_SET_FD, 3 [pid 15351] <... openat resumed>) = 3 [pid 15357] memfd_create("syzkaller", 0 [pid 15350] mkdir("./bus", 0777 [pid 15355] <... ioctl resumed>) = 0 [pid 15355] close(3) = 0 [pid 15355] mkdir("./bus", 0777) = 0 [pid 15355] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15349] <... ioctl resumed>) = 0 [pid 15350] <... mkdir resumed>) = 0 [pid 15359] <... write resumed>) = 1048576 [pid 15359] munmap(0x7f1c2a016000, 1048576 [pid 15350] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15357] <... memfd_create resumed>) = 3 [pid 15357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15351] chdir("./bus") = 0 [pid 15349] close(3 [pid 15351] ioctl(4, LOOP_CLR_FD [pid 15349] <... close resumed>) = 0 [pid 15351] <... ioctl resumed>) = 0 [pid 15349] mkdir("./bus", 0777 [pid 15351] close(4) = 0 [pid 15359] <... munmap resumed>) = 0 [pid 15357] <... write resumed>) = 1048576 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15349] <... mkdir resumed>) = 0 [pid 15351] <... futex resumed>) = 1 [pid 15347] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15351] chdir("./file0") = 0 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15347] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15351] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15357] munmap(0x7f1c2a016000, 1048576 [pid 15349] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15359] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15357] <... munmap resumed>) = 0 [pid 15359] <... openat resumed>) = 4 [pid 15357] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15359] ioctl(4, LOOP_SET_FD, 3 [pid 15357] <... openat resumed>) = 4 [pid 15357] ioctl(4, LOOP_SET_FD, 3 [pid 15351] <... open resumed>) = 4 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 270.849680][T15351] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/550/bus supports timestamps until 2038 (0x7fffffff) [ 270.858658][T15355] loop0: detected capacity change from 0 to 2048 [ 270.870654][T15349] loop1: detected capacity change from 0 to 2048 [ 270.898967][T15350] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/544/bus supports timestamps until 2038 (0x7fffffff) [pid 15351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15347] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15357] <... ioctl resumed>) = 0 [pid 15357] close(3) = 0 [pid 15357] mkdir("./bus", 0777) = 0 [pid 15357] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15351] <... futex resumed>) = 0 [pid 15347] <... futex resumed>) = 1 [pid 15351] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15351] <... futex resumed>) = 0 [pid 15351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15350] <... mount resumed>) = 0 [pid 15350] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15350] chdir("./bus") = 0 [pid 15350] ioctl(4, LOOP_CLR_FD) = 0 [pid 15350] close(4 [pid 15359] <... ioctl resumed>) = 0 [pid 15355] <... mount resumed>) = 0 [pid 15350] <... close resumed>) = 0 [pid 15349] <... mount resumed>) = 0 [pid 15347] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15351] <... futex resumed>) = 0 [pid 15349] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15351] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15349] <... openat resumed>) = 3 [pid 15349] chdir("./bus") = 0 [pid 15349] ioctl(4, LOOP_CLR_FD) = 0 [pid 15349] close(4) = 0 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15351] <... write resumed>) = 196608 [pid 15346] <... futex resumed>) = 0 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15349] <... futex resumed>) = 1 [pid 15349] chdir("./file0") = 0 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] <... futex resumed>) = 0 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15349] <... futex resumed>) = 1 [pid 15349] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15348] <... futex resumed>) = 0 [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15350] <... futex resumed>) = 1 [pid 15350] chdir("./file0") = 0 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15348] <... futex resumed>) = 0 [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... futex resumed>) = 1 [pid 15350] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15355] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15355] chdir("./bus" [pid 15351] <... futex resumed>) = 1 [pid 15347] <... futex resumed>) = 0 [pid 15359] close(3) = 0 [pid 15351] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15351] <... mount resumed>) = 0 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] mkdir("./bus", 0777 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15351] <... futex resumed>) = 0 [pid 15349] <... open resumed>) = 4 [pid 15347] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] <... mkdir resumed>) = 0 [pid 15351] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15351] <... open resumed>) = 6 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... chdir resumed>) = 0 [pid 15355] ioctl(4, LOOP_CLR_FD [pid 15351] <... futex resumed>) = 1 [pid 15349] <... futex resumed>) = 1 [pid 15347] <... futex resumed>) = 0 [pid 15346] <... futex resumed>) = 0 [pid 15351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15349] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15351] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15349] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15347] <... futex resumed>) = 0 [pid 15346] <... futex resumed>) = 0 [pid 15351] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15349] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] <... ioctl resumed>) = 0 [pid 15355] close(4) = 0 [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15352] <... futex resumed>) = 0 [pid 15355] chdir("./file0" [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... chdir resumed>) = 0 [pid 15352] <... futex resumed>) = 0 [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] <... futex resumed>) = 0 [pid 15352] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15355] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15349] <... openat resumed>) = 5 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] <... futex resumed>) = 0 [pid 15349] <... futex resumed>) = 1 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... open resumed>) = 4 [pid 15346] <... futex resumed>) = 0 [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... open resumed>) = 4 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] <... futex resumed>) = 1 [pid 15352] <... futex resumed>) = 0 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... futex resumed>) = 1 [pid 15348] <... futex resumed>) = 0 [pid 15355] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15352] <... futex resumed>) = 0 [pid 15350] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15350] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15348] <... futex resumed>) = 0 [pid 15355] <... openat resumed>) = 5 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15352] <... futex resumed>) = 0 [pid 15355] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15352] <... futex resumed>) = 0 [pid 15355] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] <... write resumed>) = 196608 [pid 15350] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15348] <... futex resumed>) = 0 [pid 15350] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15348] <... futex resumed>) = 0 [ 270.899209][T15359] loop2: detected capacity change from 0 to 2048 [ 270.911650][T15355] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/541/bus supports timestamps until 2038 (0x7fffffff) [ 270.918097][T15357] loop4: detected capacity change from 0 to 2048 [ 270.932863][T15349] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/546/bus supports timestamps until 2038 (0x7fffffff) [pid 15350] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... write resumed>) = 196608 [pid 15349] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15349] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15351] <... write resumed>) = 1048576 [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15357] <... mount resumed>) = 0 [pid 15355] <... futex resumed>) = 1 [pid 15352] <... futex resumed>) = 0 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] <... futex resumed>) = 0 [pid 15346] <... futex resumed>) = 0 [pid 15355] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... futex resumed>) = 1 [pid 15348] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15352] <... futex resumed>) = 0 [pid 15350] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] <... futex resumed>) = 1 [pid 15346] <... futex resumed>) = 1 [pid 15355] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15350] <... mount resumed>) = 0 [pid 15348] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] <... mount resumed>) = 0 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... futex resumed>) = 0 [pid 15348] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15355] <... futex resumed>) = 1 [pid 15352] <... futex resumed>) = 0 [pid 15350] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15349] <... futex resumed>) = 0 [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... open resumed>) = 6 [pid 15349] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15348] <... futex resumed>) = 0 [pid 15355] <... open resumed>) = 6 [pid 15352] <... futex resumed>) = 0 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15349] <... mount resumed>) = 0 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15350] <... futex resumed>) = 0 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15348] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15355] <... futex resumed>) = 0 [pid 15352] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15350] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15349] <... futex resumed>) = 1 [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] <... futex resumed>) = 0 [pid 15355] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15349] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15348] <... futex resumed>) = 0 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15352] <... futex resumed>) = 0 [pid 15351] <... futex resumed>) = 0 [pid 15349] <... open resumed>) = 6 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15346] <... futex resumed>) = 0 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15349] <... futex resumed>) = 0 [pid 15346] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15349] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] <... mount resumed>) = 0 [pid 15357] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15351] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15346] <... futex resumed>) = 0 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15357] <... openat resumed>) = 3 [pid 15359] <... openat resumed>) = 3 [pid 15359] chdir("./bus") = 0 [pid 15357] chdir("./bus") = 0 [pid 15359] ioctl(4, LOOP_CLR_FD) = 0 [pid 15357] ioctl(4, LOOP_CLR_FD [pid 15359] close(4 [pid 15357] <... ioctl resumed>) = 0 [pid 15359] <... close resumed>) = 0 [pid 15357] close(4) = 0 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15353] <... futex resumed>) = 0 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15354] <... futex resumed>) = 0 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] <... futex resumed>) = 1 [pid 15357] <... futex resumed>) = 1 [pid 15359] chdir("./file0" [pid 15357] chdir("./file0") = 0 [pid 15359] <... chdir resumed>) = 0 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15354] <... futex resumed>) = 0 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15359] <... futex resumed>) = 1 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15353] <... futex resumed>) = 0 [pid 15359] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15357] <... futex resumed>) = 1 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15357] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15353] <... futex resumed>) = 0 [pid 15359] <... open resumed>) = 4 [pid 15357] <... open resumed>) = 4 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] <... futex resumed>) = 1 [pid 15354] <... futex resumed>) = 0 [pid 15359] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15359] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15354] <... futex resumed>) = 0 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15359] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15357] <... futex resumed>) = 1 [pid 15357] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15353] <... futex resumed>) = 0 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... write resumed>) = 1048576 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15353] <... futex resumed>) = 1 [pid 15354] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 270.990205][T15357] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/547/bus supports timestamps until 2038 (0x7fffffff) [ 270.999849][T15359] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/541/bus supports timestamps until 2038 (0x7fffffff) [ 271.019476][T15351] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15350] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15355] <... write resumed>) = 1048576 [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15355] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15357] <... futex resumed>) = 0 [pid 15357] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15357] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15349] <... write resumed>) = 1048576 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15349] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15357] <... futex resumed>) = 0 [pid 15353] <... futex resumed>) = 1 [pid 15357] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15357] <... write resumed>) = 196608 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15352] <... futex resumed>) = 0 [pid 15348] <... futex resumed>) = 0 [pid 15347] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15346] <... futex resumed>) = 0 [pid 15357] <... futex resumed>) = 1 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15353] <... futex resumed>) = 0 [pid 15352] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15351] <... openat resumed>) = 7 [pid 15348] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... futex resumed>) = 0 [pid 15354] <... futex resumed>) = 1 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15352] <... futex resumed>) = 1 [pid 15350] <... futex resumed>) = 0 [pid 15348] <... futex resumed>) = 1 [pid 15347] <... futex resumed>) = 0 [pid 15346] <... futex resumed>) = 1 [pid 15355] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15353] <... futex resumed>) = 0 [pid 15352] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15350] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15348] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15346] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] <... futex resumed>) = 0 [pid 15357] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15351] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15349] <... futex resumed>) = 0 [ 271.052179][T15351] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 271.062651][T15355] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.067696][T15349] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15359] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15357] <... mount resumed>) = 0 [pid 15351] <... futex resumed>) = 0 [pid 15349] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15351] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15347] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15359] <... futex resumed>) = 1 [pid 15357] <... futex resumed>) = 1 [pid 15354] <... futex resumed>) = 0 [pid 15353] <... futex resumed>) = 0 [pid 15347] <... mprotect resumed>) = 0 [pid 15359] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15357] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15359] <... mount resumed>) = 0 [pid 15357] <... open resumed>) = 6 [pid 15354] <... futex resumed>) = 0 [pid 15353] <... futex resumed>) = 0 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15347] <... clone resumed>, parent_tid=[15371], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15371 [pid 15359] <... futex resumed>) = 0 [pid 15357] <... futex resumed>) = 0 [pid 15354] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15353] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15347] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15357] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15347] <... futex resumed>) = 0 [pid 15359] <... open resumed>) = 6 [pid 15354] <... futex resumed>) = 0 [pid 15353] <... futex resumed>) = 0 [pid 15347] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] <... futex resumed>) = 0 [pid 15354] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15359] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15352] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15352] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15352] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15352] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15352] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15372], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15372 [pid 15352] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15352] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15348] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15348] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15348] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15346] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15348] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15346] <... futex resumed>) = 0 [pid 15348] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15346] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15348] <... mprotect resumed>) = 0 [pid 15346] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15348] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15346] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15348] <... clone resumed>, parent_tid=[15373], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15373 [pid 15346] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15348] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] <... clone resumed>, parent_tid=[15374], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15374 [pid 15348] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15346] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15346] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15359] <... write resumed>) = 1048576 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15354] <... futex resumed>) = 0 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15357] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 15372 attached ./strace-static-x86_64: Process 15371 attached [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15355] <... openat resumed>) = 7 ./strace-static-x86_64: Process 15373 attached ./strace-static-x86_64: Process 15374 attached [pid 15372] set_robust_list(0x7f1c2a1159e0, 24 [pid 15371] set_robust_list(0x7f1c2a1159e0, 24 [pid 15357] <... futex resumed>) = 1 [pid 15355] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15353] <... futex resumed>) = 0 [pid 15350] <... openat resumed>) = 7 [pid 15349] <... openat resumed>) = 7 [pid 15359] <... futex resumed>) = 1 [pid 15372] <... set_robust_list resumed>) = 0 [pid 15371] <... set_robust_list resumed>) = 0 [pid 15357] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15355] <... futex resumed>) = 0 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15372] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15371] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15357] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15355] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15353] <... futex resumed>) = 0 [pid 15350] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15349] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15372] <... openat resumed>) = 8 [pid 15357] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15371] <... openat resumed>) = 8 [pid 15373] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15373] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15373] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15348] <... futex resumed>) = 0 [pid 15373] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15348] exit_group(0 [pid 15373] <... futex resumed>) = ? [pid 15348] <... exit_group resumed>) = ? [pid 15373] +++ exited with 0 +++ [pid 15374] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15374] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15374] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15346] <... futex resumed>) = 0 [pid 15346] exit_group(0) = ? [pid 15374] <... futex resumed>) = ? [pid 15374] +++ exited with 0 +++ [ 271.077411][T15350] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.090814][T15349] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 271.112809][T15355] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 271.121623][T15350] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 271.138522][T15357] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15359] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15372] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15371] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15350] <... futex resumed>) = ? [pid 15349] <... futex resumed>) = ? [pid 15347] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15347] exit_group(0) = ? [pid 15372] <... futex resumed>) = 1 [pid 15371] <... futex resumed>) = ? [pid 15357] <... openat resumed>) = 7 [pid 15352] <... futex resumed>) = 0 [pid 15351] <... futex resumed>) = ? [pid 15350] +++ exited with 0 +++ [pid 15349] +++ exited with 0 +++ [pid 15348] +++ exited with 0 +++ [pid 15346] +++ exited with 0 +++ [pid 15372] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15371] +++ exited with 0 +++ [pid 15352] exit_group(0 [pid 15351] +++ exited with 0 +++ [pid 15347] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15348, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15346, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15372] <... futex resumed>) = ? [pid 15355] <... futex resumed>) = ? [pid 15352] <... exit_group resumed>) = ? [pid 15372] +++ exited with 0 +++ [pid 15355] +++ exited with 0 +++ [pid 15352] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15347, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 412] umount2("./544", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./550", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./546", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15352, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 412] openat(AT_FDCWD, "./544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] openat(AT_FDCWD, "./550", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./546", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] restart_syscall(<... resuming interrupted clone ...> [pid 412] <... openat resumed>) = 3 [pid 410] <... openat resumed>) = 3 [pid 408] <... openat resumed>) = 3 [pid 412] fstat(3, [pid 410] fstat(3, [pid 408] fstat(3, [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 410] getdents64(3, [pid 408] getdents64(3, [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] <... restart_syscall resumed>) = 0 [pid 412] umount2("./544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./550/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./546/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] lstat("./544/binderfs", [pid 410] lstat("./550/binderfs", [pid 408] lstat("./546/binderfs", [pid 407] umount2("./541", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] unlink("./544/binderfs" [pid 410] unlink("./550/binderfs" [pid 408] unlink("./546/binderfs" [pid 407] openat(AT_FDCWD, "./541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] <... unlink resumed>) = 0 [pid 410] <... unlink resumed>) = 0 [pid 408] <... unlink resumed>) = 0 [pid 407] <... openat resumed>) = 3 [pid 412] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./541/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./541/binderfs") = 0 [pid 407] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15357] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15359] <... openat resumed>) = 7 [pid 15353] <... futex resumed>) = 0 [pid 15353] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15359] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15354] <... futex resumed>) = 0 [pid 15353] <... futex resumed>) = 1 [pid 15354] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15353] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15357] <... futex resumed>) = 0 [pid 15354] <... futex resumed>) = 1 [pid 15357] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15354] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15357] <... openat resumed>) = 8 [pid 15359] <... futex resumed>) = 0 [pid 15359] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15359] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15359] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15357] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15354] <... futex resumed>) = 0 [pid 15353] <... futex resumed>) = 0 [pid 15353] exit_group(0 [pid 15354] exit_group(0 [pid 15353] <... exit_group resumed>) = ? [pid 15354] <... exit_group resumed>) = ? [pid 15359] <... futex resumed>) = ? [pid 15359] +++ exited with 0 +++ [pid 15354] +++ exited with 0 +++ [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15354, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 409] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 409] umount2("./541", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./541/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./541/binderfs") = 0 [pid 409] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15357] +++ exited with 0 +++ [pid 15353] +++ exited with 0 +++ [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15353, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 411] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 411] umount2("./547", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./547", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./547/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./547/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./547/binderfs") = 0 [ 271.140922][T15359] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.152466][T15357] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 271.168098][T15359] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 411] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 411] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./547/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./547/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./547/bus") = 0 [pid 409] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] rmdir("./547") = 0 [pid 411] mkdir("./548", 0777) = 0 [pid 409] lstat("./541/bus", [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15375 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] lstat("./544/bus", [pid 410] lstat("./550/bus", [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] lstat("./546/bus", ./strace-static-x86_64: Process 15375 attached [pid 15375] set_robust_list(0x555555f755e0, 24 [pid 409] openat(AT_FDCWD, "./541/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15375] <... set_robust_list resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... openat resumed>) = 4 [pid 408] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] lstat("./541/bus", [pid 409] fstat(4, [pid 412] openat(AT_FDCWD, "./544/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 412] <... openat resumed>) = 4 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15375] chdir("./548" [pid 409] getdents64(4, [pid 412] fstat(4, [pid 15375] <... chdir resumed>) = 0 [pid 15375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15375] setpgid(0, 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] openat(AT_FDCWD, "./550/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] openat(AT_FDCWD, "./546/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] umount2("./541/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] getdents64(4, [pid 410] <... openat resumed>) = 4 [pid 409] close(4 [pid 15375] <... setpgid resumed>) = 0 [pid 408] <... openat resumed>) = 4 [pid 409] <... close resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] rmdir("./541/bus" [pid 412] getdents64(4, [pid 410] fstat(4, [pid 408] fstat(4, [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 409] <... rmdir resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] getdents64(3, [pid 407] openat(AT_FDCWD, "./541/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15375] write(3, "1000", 4) = 4 [pid 15375] close(3 [pid 412] close(4 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] getdents64(4, [pid 408] getdents64(4, [pid 407] <... openat resumed>) = 4 [pid 412] <... close resumed>) = 0 [pid 409] close(3 [pid 407] fstat(4, [pid 15375] <... close resumed>) = 0 [pid 15375] symlink("/dev/binderfs", "./binderfs" [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] rmdir("./544/bus" [pid 409] <... close resumed>) = 0 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, [pid 409] rmdir("./541" [pid 412] <... rmdir resumed>) = 0 [pid 15375] <... symlink resumed>) = 0 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 412] getdents64(3, [pid 407] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] mkdir("./542", 0777 [pid 412] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] getdents64(4, [pid 410] close(4 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15375] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 412] close(3 [pid 409] <... mkdir resumed>) = 0 [pid 407] getdents64(4, [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] <... close resumed>) = 0 [pid 410] <... close resumed>) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15375] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 412] rmdir("./544" [pid 410] rmdir("./550/bus" [pid 409] <... openat resumed>) = 3 [pid 408] close(4 [pid 407] close(4 [pid 15375] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15376], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15376 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 15376 attached [pid 412] <... rmdir resumed>) = 0 [pid 410] <... rmdir resumed>) = 0 [pid 409] ioctl(3, LOOP_CLR_FD [pid 408] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] rmdir("./541/bus") = 0 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15377 [pid 408] rmdir("./546/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] mkdir("./545", 0777 [pid 407] close(3 [pid 412] <... mkdir resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./541"./strace-static-x86_64: Process 15377 attached ) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 410] getdents64(3, [pid 408] rmdir("./546" [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] <... rmdir resumed>) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./550") = 0 [pid 407] mkdir("./542", 0777 [pid 15377] set_robust_list(0x555555f755e0, 24 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 407] <... mkdir resumed>) = 0 [pid 412] <... openat resumed>) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 408] mkdir("./547", 0777 [pid 412] <... close resumed>) = 0 [pid 408] <... mkdir resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15377] <... set_robust_list resumed>) = 0 [pid 410] mkdir("./551", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 407] <... close resumed>) = 0 [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15378 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 408] ioctl(3, LOOP_CLR_FD [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15377] chdir("./542" [pid 410] <... openat resumed>) = 3 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15376] set_robust_list(0x7f1c324369e0, 24 [pid 410] ioctl(3, LOOP_CLR_FD [pid 408] close(3 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15379 [pid 15376] <... set_robust_list resumed>) = 0 [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 408] <... close resumed>) = 0 [pid 15376] memfd_create("syzkaller", 0) = 3 [pid 410] close(3 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15376] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 410] <... close resumed>) = 0 [pid 15376] <... mmap resumed>) = 0x7f1c2a016000 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15380 ./strace-static-x86_64: Process 15380 attached ./strace-static-x86_64: Process 15379 attached ./strace-static-x86_64: Process 15378 attached [pid 15377] <... chdir resumed>) = 0 [pid 15376] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15380] set_robust_list(0x555555f755e0, 24 [pid 15377] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15378] set_robust_list(0x555555f755e0, 24 [pid 15377] <... prctl resumed>) = 0 [pid 15379] set_robust_list(0x555555f755e0, 24 [pid 15377] setpgid(0, 0 [pid 15378] <... set_robust_list resumed>) = 0 [pid 15380] <... set_robust_list resumed>) = 0 [pid 15379] <... set_robust_list resumed>) = 0 [pid 15377] <... setpgid resumed>) = 0 [pid 15380] chdir("./547" [pid 15379] chdir("./542" [pid 15378] chdir("./545" [pid 15377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15380] <... chdir resumed>) = 0 [pid 15379] <... chdir resumed>) = 0 [pid 15378] <... chdir resumed>) = 0 [pid 15377] <... openat resumed>) = 3 [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15381 [pid 15380] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15379] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15378] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15377] write(3, "1000", 4 [pid 15380] <... prctl resumed>) = 0 [pid 15379] <... prctl resumed>) = 0 [pid 15378] <... prctl resumed>) = 0 [pid 15377] <... write resumed>) = 4 [pid 15377] close(3./strace-static-x86_64: Process 15381 attached [pid 15380] setpgid(0, 0 [pid 15379] setpgid(0, 0 [pid 15378] setpgid(0, 0 [pid 15377] <... close resumed>) = 0 [pid 15377] symlink("/dev/binderfs", "./binderfs" [pid 15378] <... setpgid resumed>) = 0 [pid 15380] <... setpgid resumed>) = 0 [pid 15379] <... setpgid resumed>) = 0 [pid 15381] set_robust_list(0x555555f755e0, 24 [pid 15380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15377] <... symlink resumed>) = 0 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15377] <... futex resumed>) = 0 [pid 15378] <... openat resumed>) = 3 [pid 15381] <... set_robust_list resumed>) = 0 [pid 15380] <... openat resumed>) = 3 [pid 15379] <... openat resumed>) = 3 [pid 15378] write(3, "1000", 4 [pid 15377] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15380] write(3, "1000", 4 [pid 15379] write(3, "1000", 4 [pid 15378] <... write resumed>) = 4 [pid 15377] <... mmap resumed>) = 0x7f1c32416000 [pid 15380] <... write resumed>) = 4 [pid 15379] <... write resumed>) = 4 [pid 15378] close(3 [pid 15377] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15380] close(3 [pid 15379] close(3 [pid 15378] <... close resumed>) = 0 [pid 15377] <... mprotect resumed>) = 0 [pid 15380] <... close resumed>) = 0 [pid 15379] <... close resumed>) = 0 [pid 15378] symlink("/dev/binderfs", "./binderfs" [pid 15377] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15380] symlink("/dev/binderfs", "./binderfs" [pid 15379] symlink("/dev/binderfs", "./binderfs" [pid 15378] <... symlink resumed>) = 0 [pid 15379] <... symlink resumed>) = 0 [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] <... clone resumed>, parent_tid=[15382], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15382 [pid 15380] <... symlink resumed>) = 0 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] <... futex resumed>) = 0 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] chdir("./551" [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] <... futex resumed>) = 0 [pid 15378] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15377] <... futex resumed>) = 0 [pid 15380] <... futex resumed>) = 0 [pid 15379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15378] <... mmap resumed>) = 0x7f1c32416000 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15380] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15379] <... mmap resumed>) = 0x7f1c32416000 [pid 15378] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15380] <... mmap resumed>) = 0x7f1c32416000 [pid 15379] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15378] <... mprotect resumed>) = 0 [pid 15381] <... chdir resumed>) = 0 [pid 15380] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15379] <... mprotect resumed>) = 0 [pid 15378] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15379] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15380] <... mprotect resumed>) = 0 [pid 15381] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15380] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15378] <... clone resumed>, parent_tid=[15383], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15383 [pid 15381] <... prctl resumed>) = 0 [pid 15379] <... clone resumed>, parent_tid=[15384], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15384 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] setpgid(0, 0 [pid 15380] <... clone resumed>, parent_tid=[15385], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15385 [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] <... futex resumed>) = 0 [pid 15376] <... write resumed>) = 1048576 [pid 15376] munmap(0x7f1c2a016000, 1048576 [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15381] <... setpgid resumed>) = 0 [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] <... futex resumed>) = 0 ./strace-static-x86_64: Process 15385 attached ./strace-static-x86_64: Process 15384 attached ./strace-static-x86_64: Process 15383 attached ./strace-static-x86_64: Process 15382 attached [pid 15381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15380] <... futex resumed>) = 0 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15376] <... munmap resumed>) = 0 [pid 15385] set_robust_list(0x7f1c324369e0, 24 [pid 15384] set_robust_list(0x7f1c324369e0, 24 [pid 15383] set_robust_list(0x7f1c324369e0, 24 [pid 15382] set_robust_list(0x7f1c324369e0, 24 [pid 15381] <... openat resumed>) = 3 [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15376] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15385] <... set_robust_list resumed>) = 0 [pid 15384] <... set_robust_list resumed>) = 0 [pid 15383] <... set_robust_list resumed>) = 0 [pid 15382] <... set_robust_list resumed>) = 0 [pid 15381] write(3, "1000", 4 [pid 15376] <... openat resumed>) = 4 [pid 15385] memfd_create("syzkaller", 0 [pid 15383] memfd_create("syzkaller", 0 [pid 15382] memfd_create("syzkaller", 0 [pid 15381] <... write resumed>) = 4 [pid 15376] ioctl(4, LOOP_SET_FD, 3 [pid 15385] <... memfd_create resumed>) = 3 [pid 15383] <... memfd_create resumed>) = 3 [pid 15382] <... memfd_create resumed>) = 3 [pid 15381] close(3 [pid 15385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15384] memfd_create("syzkaller", 0) = 3 [pid 15384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15381] <... close resumed>) = 0 [pid 15385] <... mmap resumed>) = 0x7f1c2a016000 [pid 15383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15381] symlink("/dev/binderfs", "./binderfs" [pid 15384] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15385] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15383] <... mmap resumed>) = 0x7f1c2a016000 [pid 15382] <... mmap resumed>) = 0x7f1c2a016000 [pid 15381] <... symlink resumed>) = 0 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15381] <... futex resumed>) = 0 [pid 15381] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15381] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15381] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15386], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15386 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15376] <... ioctl resumed>) = 0 [pid 15376] close(3) = 0 [pid 15376] mkdir("./bus", 0777 [pid 15382] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 15386 attached [pid 15384] <... write resumed>) = 1048576 [pid 15383] <... write resumed>) = 1048576 [pid 15382] munmap(0x7f1c2a016000, 1048576 [pid 15376] <... mkdir resumed>) = 0 [pid 15386] set_robust_list(0x7f1c324369e0, 24 [pid 15384] munmap(0x7f1c2a016000, 1048576 [pid 15383] munmap(0x7f1c2a016000, 1048576 [pid 15382] <... munmap resumed>) = 0 [pid 15376] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15386] <... set_robust_list resumed>) = 0 [pid 15384] <... munmap resumed>) = 0 [pid 15383] <... munmap resumed>) = 0 [pid 15382] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15386] memfd_create("syzkaller", 0 [pid 15384] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15383] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15382] <... openat resumed>) = 4 [pid 15386] <... memfd_create resumed>) = 3 [pid 15384] <... openat resumed>) = 4 [pid 15383] <... openat resumed>) = 4 [pid 15382] ioctl(4, LOOP_SET_FD, 3 [pid 15386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15385] <... write resumed>) = 1048576 [pid 15384] ioctl(4, LOOP_SET_FD, 3 [pid 15383] ioctl(4, LOOP_SET_FD, 3 [pid 15386] <... mmap resumed>) = 0x7f1c2a016000 [pid 15385] munmap(0x7f1c2a016000, 1048576 [pid 15382] <... ioctl resumed>) = 0 [pid 15385] <... munmap resumed>) = 0 [pid 15382] close(3 [pid 15385] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15382] <... close resumed>) = 0 [pid 15385] <... openat resumed>) = 4 [pid 15382] mkdir("./bus", 0777 [ 271.296705][T15376] loop4: detected capacity change from 0 to 2048 [ 271.329275][T15382] loop2: detected capacity change from 0 to 2048 [ 271.336214][T15383] loop5: detected capacity change from 0 to 2048 [pid 15385] ioctl(4, LOOP_SET_FD, 3 [pid 15382] <... mkdir resumed>) = 0 [pid 15386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15384] <... ioctl resumed>) = 0 [pid 15383] <... ioctl resumed>) = 0 [pid 15386] <... write resumed>) = 1048576 [pid 15386] munmap(0x7f1c2a016000, 1048576 [pid 15384] close(3 [pid 15383] close(3 [pid 15386] <... munmap resumed>) = 0 [pid 15384] <... close resumed>) = 0 [pid 15383] <... close resumed>) = 0 [pid 15386] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15384] mkdir("./bus", 0777 [pid 15383] mkdir("./bus", 0777 [pid 15386] <... openat resumed>) = 4 [pid 15384] <... mkdir resumed>) = 0 [pid 15383] <... mkdir resumed>) = 0 [pid 15386] ioctl(4, LOOP_SET_FD, 3 [pid 15384] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15383] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15385] <... ioctl resumed>) = 0 [pid 15382] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15385] close(3) = 0 [pid 15385] mkdir("./bus", 0777) = 0 [pid 15385] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15386] <... ioctl resumed>) = 0 [pid 15386] close(3) = 0 [pid 15386] mkdir("./bus", 0777) = 0 [pid 15386] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15376] <... mount resumed>) = 0 [pid 15376] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15376] chdir("./bus") = 0 [pid 15376] ioctl(4, LOOP_CLR_FD) = 0 [pid 15376] close(4) = 0 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15375] <... futex resumed>) = 0 [pid 15376] chdir("./file0" [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15376] <... chdir resumed>) = 0 [pid 15375] <... futex resumed>) = 0 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... futex resumed>) = 0 [pid 15375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15376] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15376] <... open resumed>) = 4 [pid 15375] <... futex resumed>) = 0 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... futex resumed>) = 0 [pid 15375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15376] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15376] <... openat resumed>) = 5 [pid 15375] <... futex resumed>) = 0 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... futex resumed>) = 0 [pid 15375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15376] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... write resumed>) = 196608 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15376] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15375] <... futex resumed>) = 0 [ 271.345457][T15384] loop0: detected capacity change from 0 to 2048 [ 271.346101][T15385] loop1: detected capacity change from 0 to 2048 [ 271.361572][T15386] loop3: detected capacity change from 0 to 2048 [ 271.370578][T15376] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/548/bus supports timestamps until 2038 (0x7fffffff) [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15376] <... futex resumed>) = 0 [pid 15375] <... futex resumed>) = 1 [pid 15376] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... mount resumed>) = 0 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15375] <... futex resumed>) = 0 [pid 15376] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15376] <... open resumed>) = 6 [pid 15375] <... futex resumed>) = 0 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... futex resumed>) = 0 [pid 15375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15376] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... write resumed>) = 1048576 [pid 15382] <... mount resumed>) = 0 [pid 15382] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15382] chdir("./bus") = 0 [pid 15382] ioctl(4, LOOP_CLR_FD) = 0 [pid 15382] close(4) = 0 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] <... mount resumed>) = 0 [pid 15383] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15383] chdir("./bus") = 0 [pid 15383] ioctl(4, LOOP_CLR_FD) = 0 [pid 15383] close(4) = 0 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15385] <... mount resumed>) = 0 [pid 15385] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15385] chdir("./bus") = 0 [pid 15385] ioctl(4, LOOP_CLR_FD) = 0 [pid 15385] close(4) = 0 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 271.397973][T15383] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/545/bus supports timestamps until 2038 (0x7fffffff) [ 271.410551][T15385] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/547/bus supports timestamps until 2038 (0x7fffffff) [ 271.416523][T15382] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/542/bus supports timestamps until 2038 (0x7fffffff) [ 271.422746][T15386] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/551/bus supports timestamps until 2038 (0x7fffffff) [pid 15385] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15375] <... futex resumed>) = 0 [pid 15376] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 0 [pid 15375] <... futex resumed>) = 0 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15385] <... futex resumed>) = 0 [pid 15383] <... futex resumed>) = 0 [pid 15382] <... futex resumed>) = 0 [pid 15380] <... futex resumed>) = 1 [pid 15378] <... futex resumed>) = 1 [pid 15377] <... futex resumed>) = 1 [pid 15385] chdir("./file0" [pid 15383] chdir("./file0" [pid 15382] chdir("./file0" [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15386] <... mount resumed>) = 0 [pid 15385] <... chdir resumed>) = 0 [pid 15384] <... mount resumed>) = 0 [pid 15383] <... chdir resumed>) = 0 [pid 15382] <... chdir resumed>) = 0 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15385] <... futex resumed>) = 1 [pid 15383] <... futex resumed>) = 1 [pid 15382] <... futex resumed>) = 1 [pid 15380] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 0 [pid 15385] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15383] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15382] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15385] <... open resumed>) = 4 [pid 15383] <... open resumed>) = 4 [pid 15382] <... open resumed>) = 4 [pid 15380] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 0 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15385] <... futex resumed>) = 0 [pid 15383] <... futex resumed>) = 0 [pid 15382] <... futex resumed>) = 0 [pid 15380] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15378] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15377] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15386] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15385] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15386] <... openat resumed>) = 3 [pid 15385] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15383] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15382] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15380] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 0 [pid 15386] chdir("./bus" [pid 15385] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15383] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15382] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15386] <... chdir resumed>) = 0 [pid 15384] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15386] ioctl(4, LOOP_CLR_FD [pid 15383] <... openat resumed>) = 5 [pid 15384] <... openat resumed>) = 3 [pid 15382] <... openat resumed>) = 5 [pid 15386] <... ioctl resumed>) = 0 [pid 15384] chdir("./bus" [pid 15385] <... openat resumed>) = 5 [pid 15386] close(4) = 0 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] <... chdir resumed>) = 0 [pid 15384] ioctl(4, LOOP_CLR_FD) = 0 [pid 15384] close(4) = 0 [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15384] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15376] <... openat resumed>) = 7 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15375] <... futex resumed>) = 0 [pid 15375] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15375] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15376] <... futex resumed>) = 1 [pid 15376] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15376] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15375] <... futex resumed>) = 0 [pid 15375] exit_group(0) = ? [pid 15376] <... futex resumed>) = ? [pid 15376] +++ exited with 0 +++ [pid 15375] +++ exited with 0 +++ [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15385] <... futex resumed>) = 1 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] <... futex resumed>) = 0 [pid 15379] <... futex resumed>) = 0 [pid 15386] <... futex resumed>) = 1 [pid 15381] <... futex resumed>) = 0 [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15386] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15385] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15383] <... futex resumed>) = 1 [pid 15382] <... futex resumed>) = 1 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] <... futex resumed>) = 1 [pid 15378] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15375, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15386] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15386] chdir("./file0") = 0 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15386] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15384] <... futex resumed>) = 0 [pid 15384] chdir("./file0") = 0 [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15384] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15385] <... write resumed>) = 196608 [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 15381] <... futex resumed>) = 1 [pid 15380] <... futex resumed>) = 0 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 15386] <... futex resumed>) = 0 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15386] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] <... futex resumed>) = 0 [pid 15382] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15379] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15378] <... futex resumed>) = 1 [pid 15377] <... futex resumed>) = 0 [pid 411] <... restart_syscall resumed>) = 0 [pid 15385] <... futex resumed>) = 0 [pid 15383] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15381] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15380] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15382] <... write resumed>) = 196608 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] <... futex resumed>) = 1 [pid 15386] <... futex resumed>) = 0 [pid 15381] <... futex resumed>) = 1 [pid 15380] <... futex resumed>) = 0 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15386] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] umount2("./548", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15377] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "./548", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15377] <... futex resumed>) = 1 [pid 15386] <... open resumed>) = 4 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... openat resumed>) = 3 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] fstat(3, [pid 15386] <... futex resumed>) = 1 [pid 15381] <... futex resumed>) = 0 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15386] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] getdents64(3, [pid 15381] <... futex resumed>) = 0 [pid 15386] <... openat resumed>) = 5 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 411] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15385] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15385] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15384] <... futex resumed>) = 0 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15380] <... futex resumed>) = 0 [pid 411] umount2("./548/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15383] <... write resumed>) = 196608 [pid 15382] <... futex resumed>) = 0 [pid 15386] <... futex resumed>) = 1 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] <... futex resumed>) = 0 [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15386] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15385] <... futex resumed>) = 0 [pid 15384] <... open resumed>) = 4 [pid 15383] <... futex resumed>) = 1 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] <... futex resumed>) = 1 [pid 15378] <... futex resumed>) = 0 [pid 411] lstat("./548/binderfs", [pid 15386] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15385] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15382] <... mount resumed>) = 0 [pid 15381] <... futex resumed>) = 0 [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15386] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] <... futex resumed>) = 0 [pid 411] unlink("./548/binderfs" [pid 15385] <... open resumed>) = 6 [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15385] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15384] <... futex resumed>) = 1 [pid 15384] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15383] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15386] <... write resumed>) = 196608 [pid 15382] <... futex resumed>) = 1 [pid 15380] <... futex resumed>) = 0 [pid 15379] <... futex resumed>) = 0 [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] <... futex resumed>) = 0 [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... unlink resumed>) = 0 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15386] <... futex resumed>) = 1 [pid 15385] <... futex resumed>) = 0 [pid 15384] <... futex resumed>) = 0 [pid 15382] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15381] <... futex resumed>) = 0 [pid 15380] <... futex resumed>) = 1 [pid 15379] <... futex resumed>) = 1 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] <... futex resumed>) = 0 [pid 15382] <... open resumed>) = 6 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] <... futex resumed>) = 1 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15382] <... futex resumed>) = 0 [pid 15381] <... futex resumed>) = 0 [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15386] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15385] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15384] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15383] <... futex resumed>) = 0 [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 1 [pid 15382] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15386] <... mount resumed>) = 0 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15383] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15386] <... futex resumed>) = 1 [pid 15384] <... openat resumed>) = 5 [pid 15383] <... open resumed>) = 6 [pid 15381] <... futex resumed>) = 0 [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] <... futex resumed>) = 1 [pid 15383] <... futex resumed>) = 1 [pid 15381] <... futex resumed>) = 0 [pid 15379] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15384] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15383] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15379] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15384] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15383] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15386] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15381] <... futex resumed>) = 0 [ 271.441011][T15376] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.446175][T15384] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/542/bus supports timestamps until 2038 (0x7fffffff) [ 271.473665][T15376] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [pid 15386] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] <... write resumed>) = 196608 [pid 15381] <... futex resumed>) = 0 [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] <... write resumed>) = 1048576 [pid 15379] <... futex resumed>) = 0 [pid 15384] <... futex resumed>) = 1 [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15379] <... futex resumed>) = 0 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15384] <... mount resumed>) = 0 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] <... futex resumed>) = 0 [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] <... futex resumed>) = 1 [pid 15379] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = 0 [pid 15384] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15384] <... open resumed>) = 6 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15384] <... futex resumed>) = 1 [pid 15379] <... futex resumed>) = 0 [pid 15384] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15382] <... futex resumed>) = 1 [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15379] <... futex resumed>) = 0 [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15386] <... write resumed>) = 1048576 [pid 15383] <... write resumed>) = 1048576 [pid 15380] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] <... umount2 resumed>) = 0 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15386] <... futex resumed>) = 1 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] <... futex resumed>) = 0 [pid 15380] <... futex resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15386] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15383] <... futex resumed>) = 1 [pid 15381] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15378] <... futex resumed>) = 0 [pid 411] lstat("./548/bus", [pid 15386] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15381] <... futex resumed>) = 0 [pid 15380] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15378] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15386] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15383] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15381] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15380] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15378] <... futex resumed>) = 0 [pid 411] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15378] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15380] <... mprotect resumed>) = 0 [pid 15380] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15380] <... clone resumed>, parent_tid=[15399], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15399 [pid 411] openat(AT_FDCWD, "./548/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15384] <... write resumed>) = 1048576 [pid 15380] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... openat resumed>) = 4 [pid 15380] <... futex resumed>) = 0 [pid 15383] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15384] <... futex resumed>) = 1 [pid 15380] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15379] <... futex resumed>) = 0 [pid 411] fstat(4, [pid 15382] <... openat resumed>) = 7 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15377] <... futex resumed>) = 0 [pid 15382] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15377] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15382] <... openat resumed>) = 8 [pid 15377] <... futex resumed>) = 0 [pid 15382] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15377] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15382] <... futex resumed>) = 0 [pid 15377] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15382] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15377] exit_group(0 [pid 15382] <... futex resumed>) = ? [pid 15377] <... exit_group resumed>) = ? [pid 15382] +++ exited with 0 +++ [pid 15377] +++ exited with 0 +++ ./strace-static-x86_64: Process 15399 attached [pid 15399] set_robust_list(0x7f1c2a1159e0, 24) = 0 [ 271.534028][T15382] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.553933][T15382] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 271.564582][T15386] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15399] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15385] <... write resumed>) = 1048576 [pid 15384] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15379] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15379] <... futex resumed>) = 0 [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15377, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] umount2("./542", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 409] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./542/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./542/binderfs") = 0 [pid 409] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./548/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [ 271.589256][T15399] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.590283][T15386] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 271.603756][T15383] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.615331][T15399] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 411] rmdir("./548" [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15378] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15381] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15381] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15378] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15381] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15378] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15381] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15378] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15381] <... mprotect resumed>) = 0 [pid 15378] <... mprotect resumed>) = 0 [pid 15381] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15378] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15399] <... openat resumed>) = 7 [pid 15386] <... openat resumed>) = 7 [pid 15385] <... futex resumed>) = 0 [pid 15380] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 411] <... rmdir resumed>) = 0 [pid 15386] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] <... clone resumed>, parent_tid=[15400], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15400 [pid 15380] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15378] <... clone resumed>, parent_tid=[15401], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15401 [pid 15386] <... futex resumed>) = 0 [pid 15381] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15380] <... futex resumed>) = 0 [pid 15378] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15386] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15381] <... futex resumed>) = 0 [pid 15380] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] <... futex resumed>) = 0 [pid 15381] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15378] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15400 attached ./strace-static-x86_64: Process 15401 attached [pid 15401] set_robust_list(0x7f1c2a1159e0, 24 [pid 15400] set_robust_list(0x7f1c2a1159e0, 24 [pid 15401] <... set_robust_list resumed>) = 0 [pid 15400] <... set_robust_list resumed>) = 0 [pid 15401] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15400] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15400] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15381] <... futex resumed>) = 0 [pid 15381] exit_group(0 [pid 15386] <... futex resumed>) = ? [pid 15381] <... exit_group resumed>) = ? [pid 15386] +++ exited with 0 +++ [pid 15400] <... futex resumed>) = ? [pid 15400] +++ exited with 0 +++ [pid 15381] +++ exited with 0 +++ [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15381, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 410] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 410] umount2("./551", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./551", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./551/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./551/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./551/binderfs") = 0 [pid 410] umount2("./551/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15379] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 15379] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 15401] <... openat resumed>) = 8 [pid 15379] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15401] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15379] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15401] <... futex resumed>) = 1 [pid 15379] <... futex resumed>) = 0 [pid 15378] <... futex resumed>) = 0 [pid 15401] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15379] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15379] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15402], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15402 [pid 15379] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15379] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15383] <... openat resumed>) = 7 [pid 15383] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15383] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15402 attached [pid 15402] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15402] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15378] exit_group(0 [pid 15401] <... futex resumed>) = ? [pid 15378] <... exit_group resumed>) = ? [pid 15401] +++ exited with 0 +++ [pid 15383] <... futex resumed>) = ? [pid 15383] +++ exited with 0 +++ [pid 15378] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15378, si_uid=0, si_status=0, si_utime=0, si_stime=9} --- [pid 412] restart_syscall(<... resuming interrupted clone ...> [pid 15399] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15385] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 411] mkdir("./549", 0777 [pid 15399] <... futex resumed>) = 0 [pid 15385] <... openat resumed>) = 8 [pid 412] <... restart_syscall resumed>) = 0 [pid 411] <... mkdir resumed>) = 0 [pid 15399] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15385] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 412] umount2("./545", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15385] <... futex resumed>) = 1 [pid 15380] <... futex resumed>) = 0 [pid 412] openat(AT_FDCWD, "./545", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... openat resumed>) = 3 [pid 412] <... openat resumed>) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./545/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15385] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15380] exit_group(0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] ioctl(3, LOOP_CLR_FD [pid 412] lstat("./545/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./545/binderfs") = 0 [pid 15399] <... futex resumed>) = ? [pid 15385] <... futex resumed>) = ? [pid 15380] <... exit_group resumed>) = ? [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15399] +++ exited with 0 +++ [pid 15385] +++ exited with 0 +++ [pid 15380] +++ exited with 0 +++ [pid 411] close(3) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15380, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] umount2("./547", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./547", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./547/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./547/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./547/binderfs") = 0 [pid 408] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... umount2 resumed>) = 0 [pid 410] umount2("./551/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./551/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./551/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./551/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15403 [pid 410] <... openat resumed>) = 4 [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4) = 0 [pid 410] rmdir("./551/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./551") = 0 [pid 410] mkdir("./552", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = 0 [pid 410] close(3) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15404 ./strace-static-x86_64: Process 15404 attached [pid 15404] set_robust_list(0x555555f755e0, 24) = 0 [pid 15404] chdir("./552") = 0 [pid 15404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15404] setpgid(0, 0) = 0 [pid 15404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15404] write(3, "1000", 4) = 4 [pid 15404] close(3) = 0 [pid 15404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15404] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15404] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15405], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15405 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15405 attached [pid 15405] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15405] memfd_create("syzkaller", 0) = 3 [pid 15405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./547/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./547/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 408] rmdir("./547/bus"./strace-static-x86_64: Process 15403 attached [pid 15405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] <... rmdir resumed>) = 0 [pid 15403] set_robust_list(0x555555f755e0, 24) = 0 [pid 408] getdents64(3, [pid 15403] chdir("./549" [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 15403] <... chdir resumed>) = 0 [pid 408] close(3 [pid 15403] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 408] <... close resumed>) = 0 [pid 15403] <... prctl resumed>) = 0 [pid 408] rmdir("./547" [pid 15403] setpgid(0, 0 [pid 408] <... rmdir resumed>) = 0 [pid 15403] <... setpgid resumed>) = 0 [pid 15403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 408] mkdir("./548", 0777 [pid 15403] <... openat resumed>) = 3 [pid 408] <... mkdir resumed>) = 0 [pid 15403] write(3, "1000", 4 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15403] <... write resumed>) = 4 [pid 15403] close(3) = 0 [pid 15402] <... openat resumed>) = 8 [pid 15402] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15379] <... futex resumed>) = 0 [pid 15402] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15403] symlink("/dev/binderfs", "./binderfs" [pid 15384] <... openat resumed>) = 7 [pid 15403] <... symlink resumed>) = 0 [pid 15384] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15384] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = 0 [pid 15384] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15379] exit_group(0 [pid 15402] <... futex resumed>) = ? [pid 15379] <... exit_group resumed>) = ? [pid 15403] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15402] +++ exited with 0 +++ [pid 15384] <... futex resumed>) = ? [pid 15403] <... mmap resumed>) = 0x7f1c32416000 [pid 15403] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15403] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15406], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15406 [pid 15405] <... write resumed>) = 1048576 [pid 15405] munmap(0x7f1c2a016000, 1048576 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15405] <... munmap resumed>) = 0 [pid 15405] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 15406 attached [pid 15406] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15406] memfd_create("syzkaller", 0 [pid 15403] <... futex resumed>) = 0 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15406] <... memfd_create resumed>) = 3 [pid 15406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15384] +++ exited with 0 +++ [pid 15379] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15379, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 407] umount2("./542", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] openat(AT_FDCWD, "./542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 407] umount2("./542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] lstat("./542/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./542/binderfs") = 0 [pid 409] <... umount2 resumed>) = 0 [pid 407] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 409] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./542/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./542/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./542/bus") = 0 [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./542") = 0 [pid 409] mkdir("./543", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3) = 0 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15407 [ 271.626638][T15384] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.636404][T15383] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 271.648944][T15384] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 15405] <... openat resumed>) = 4 [pid 15405] ioctl(4, LOOP_SET_FD, 3 [pid 412] <... umount2 resumed>) = 0 [pid 408] <... openat resumed>) = 3 [pid 408] ioctl(3, LOOP_CLR_FD [pid 412] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 412] lstat("./545/bus", [pid 408] close(3 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 412] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15408 ./strace-static-x86_64: Process 15407 attached [pid 15407] set_robust_list(0x555555f755e0, 24) = 0 [pid 15407] chdir("./543") = 0 [pid 15407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15407] setpgid(0, 0) = 0 [pid 15407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15407] write(3, "1000", 4) = 4 [pid 15407] close(3) = 0 [pid 15407] symlink("/dev/binderfs", "./binderfs" [pid 412] openat(AT_FDCWD, "./545/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15407] <... symlink resumed>) = 0 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./545/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./545") = 0 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] mkdir("./546", 0777 [pid 15407] <... futex resumed>) = 0 [pid 15407] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15407] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15405] <... ioctl resumed>) = 0 [pid 15407] <... mprotect resumed>) = 0 [pid 15405] close(3) = 0 [pid 15405] mkdir("./bus", 0777 [pid 412] <... mkdir resumed>) = 0 [pid 15407] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3 [pid 15407] <... clone resumed>, parent_tid=[15409], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15409 [pid 412] <... close resumed>) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15410 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15405] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 15408 attached [pid 15405] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15408] set_robust_list(0x555555f755e0, 24) = 0 [pid 15408] chdir("./548"./strace-static-x86_64: Process 15410 attached ./strace-static-x86_64: Process 15409 attached ) = 0 [pid 15406] <... write resumed>) = 1048576 [pid 15408] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15410] set_robust_list(0x555555f755e0, 24 [pid 15409] set_robust_list(0x7f1c324369e0, 24 [pid 15408] <... prctl resumed>) = 0 [pid 15406] munmap(0x7f1c2a016000, 1048576 [pid 15410] <... set_robust_list resumed>) = 0 [pid 15408] setpgid(0, 0 [pid 15406] <... munmap resumed>) = 0 [pid 15410] chdir("./546" [pid 15408] <... setpgid resumed>) = 0 [pid 15406] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 15409] <... set_robust_list resumed>) = 0 [pid 15408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15406] <... openat resumed>) = 4 [pid 15410] <... chdir resumed>) = 0 [pid 15409] memfd_create("syzkaller", 0 [pid 15410] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15409] <... memfd_create resumed>) = 3 [pid 15408] <... openat resumed>) = 3 [pid 15406] ioctl(4, LOOP_SET_FD, 3 [pid 15410] <... prctl resumed>) = 0 [pid 15409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15408] write(3, "1000", 4 [pid 15410] setpgid(0, 0 [pid 15409] <... mmap resumed>) = 0x7f1c2a016000 [pid 15410] <... setpgid resumed>) = 0 [pid 15409] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15408] <... write resumed>) = 4 [pid 15406] <... ioctl resumed>) = 0 [pid 407] <... umount2 resumed>) = 0 [ 271.721106][T15405] loop3: detected capacity change from 0 to 2048 [ 271.757167][T15406] loop4: detected capacity change from 0 to 2048 [pid 15410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15409] <... write resumed>) = 1048576 [pid 15408] close(3 [pid 15406] close(3 [pid 15410] <... openat resumed>) = 3 [pid 15409] munmap(0x7f1c2a016000, 1048576 [pid 15408] <... close resumed>) = 0 [pid 15406] <... close resumed>) = 0 [pid 15410] write(3, "1000", 4 [pid 15409] <... munmap resumed>) = 0 [pid 15408] symlink("/dev/binderfs", "./binderfs" [pid 15406] mkdir("./bus", 0777 [pid 15410] <... write resumed>) = 4 [pid 15409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15408] <... symlink resumed>) = 0 [pid 15406] <... mkdir resumed>) = 0 [pid 15410] close(3 [pid 15409] <... openat resumed>) = 4 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15410] <... close resumed>) = 0 [pid 15409] ioctl(4, LOOP_SET_FD, 3 [pid 15408] <... futex resumed>) = 0 [pid 15410] symlink("/dev/binderfs", "./binderfs" [pid 15408] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 407] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15410] <... symlink resumed>) = 0 [pid 15408] <... mmap resumed>) = 0x7f1c32416000 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15410] <... futex resumed>) = 0 [pid 15408] <... mprotect resumed>) = 0 [pid 407] lstat("./542/bus", [pid 15410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15408] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15410] <... mmap resumed>) = 0x7f1c32416000 [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15410] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15408] <... clone resumed>, parent_tid=[15413], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15413 [pid 407] umount2("./542/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15410] <... mprotect resumed>) = 0 [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15410] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15408] <... futex resumed>) = 0 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15410] <... clone resumed>, parent_tid=[15414], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15414 [pid 407] openat(AT_FDCWD, "./542/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] <... openat resumed>) = 4 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] getdents64(4, [pid 15405] <... mount resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 15405] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./542/bus" [pid 15405] <... openat resumed>) = 3 [pid 15405] chdir("./bus" [pid 407] <... rmdir resumed>) = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 ./strace-static-x86_64: Process 15414 attached ./strace-static-x86_64: Process 15413 attached [pid 407] rmdir("./542" [pid 15405] <... chdir resumed>) = 0 [pid 15405] ioctl(4, LOOP_CLR_FD [pid 407] <... rmdir resumed>) = 0 [pid 15414] set_robust_list(0x7f1c324369e0, 24 [pid 15413] set_robust_list(0x7f1c324369e0, 24 [pid 15405] <... ioctl resumed>) = 0 [pid 15405] close(4) = 0 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15405] <... futex resumed>) = 1 [pid 15405] chdir("./file0") = 0 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15405] <... futex resumed>) = 1 [pid 15405] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15409] <... ioctl resumed>) = 0 [pid 15409] close(3) = 0 [pid 15409] mkdir("./bus", 0777 [pid 407] mkdir("./543", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 407] close(3) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15409] <... mkdir resumed>) = 0 [pid 15409] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15405] <... open resumed>) = 4 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15415 [pid 15405] <... futex resumed>) = 1 [pid 15405] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15405] <... futex resumed>) = 1 [pid 15405] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15405] <... futex resumed>) = 1 [pid 15405] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15413] <... set_robust_list resumed>) = 0 [pid 15413] memfd_create("syzkaller", 0) = 3 [pid 15413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15405] <... futex resumed>) = 1 [pid 15405] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15405] <... futex resumed>) = 1 [pid 15405] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15414] <... set_robust_list resumed>) = 0 [pid 15414] memfd_create("syzkaller", 0) = 3 [pid 15414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 ./strace-static-x86_64: Process 15415 attached [pid 15415] set_robust_list(0x555555f755e0, 24) = 0 [pid 15415] chdir("./543") = 0 [pid 15415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15415] setpgid(0, 0) = 0 [ 271.768144][T15405] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/552/bus supports timestamps until 2038 (0x7fffffff) [ 271.776378][T15409] loop2: detected capacity change from 0 to 2048 [pid 15414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15414] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15414] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15414] ioctl(4, LOOP_SET_FD, 3 [pid 15405] <... write resumed>) = 1048576 [pid 15414] <... ioctl resumed>) = 0 [pid 15414] close(3) = 0 [pid 15414] mkdir("./bus", 0777) = 0 [pid 15414] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15413] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15413] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15413] ioctl(4, LOOP_SET_FD, 3 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15405] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15404] <... futex resumed>) = 0 [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15405] <... futex resumed>) = 0 [pid 15404] <... futex resumed>) = 1 [pid 15405] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15413] <... ioctl resumed>) = 0 [pid 15413] close(3) = 0 [pid 15413] mkdir("./bus", 0777) = 0 [pid 15413] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15415] write(3, "1000", 4) = 4 [pid 15415] close(3) = 0 [pid 15415] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15415] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15415] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15420], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15420 [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15420 attached [pid 15420] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15420] memfd_create("syzkaller", 0) = 3 [pid 15420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15420] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15420] munmap(0x7f1c2a016000, 1048576) = 0 [ 271.831660][T15406] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/549/bus supports timestamps until 2038 (0x7fffffff) [ 271.841226][T15414] loop5: detected capacity change from 0 to 2048 [ 271.846199][T15409] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/543/bus supports timestamps until 2038 (0x7fffffff) [ 271.858302][T15413] loop1: detected capacity change from 0 to 2048 [pid 15420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15420] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15420] close(3 [pid 15409] <... mount resumed>) = 0 [pid 15406] <... mount resumed>) = 0 [pid 15420] <... close resumed>) = 0 [pid 15409] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15406] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15405] <... openat resumed>) = 7 [pid 15420] mkdir("./bus", 0777 [pid 15409] <... openat resumed>) = 3 [pid 15406] <... openat resumed>) = 3 [pid 15420] <... mkdir resumed>) = 0 [pid 15409] chdir("./bus" [pid 15406] chdir("./bus" [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15420] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15409] <... chdir resumed>) = 0 [pid 15406] <... chdir resumed>) = 0 [pid 15405] <... futex resumed>) = 1 [pid 15404] <... futex resumed>) = 0 [pid 15409] ioctl(4, LOOP_CLR_FD [pid 15406] ioctl(4, LOOP_CLR_FD [pid 15405] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15404] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] <... ioctl resumed>) = 0 [pid 15406] <... ioctl resumed>) = 0 [pid 15405] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15404] <... futex resumed>) = 0 [pid 15409] close(4 [pid 15406] close(4 [pid 15405] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15404] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] <... close resumed>) = 0 [pid 15406] <... close resumed>) = 0 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] <... futex resumed>) = 1 [pid 15407] <... futex resumed>) = 0 [pid 15406] <... futex resumed>) = 1 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15409] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15407] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = 0 [pid 15409] chdir("./file0" [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] <... chdir resumed>) = 0 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = 1 [pid 15409] <... futex resumed>) = 1 [pid 15407] <... futex resumed>) = 0 [pid 15406] chdir("./file0" [pid 15405] <... openat resumed>) = 8 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15407] <... futex resumed>) = 0 [pid 15409] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] <... open resumed>) = 4 [pid 15406] <... chdir resumed>) = 0 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15405] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15409] <... futex resumed>) = 1 [pid 15407] <... futex resumed>) = 0 [pid 15406] <... futex resumed>) = 0 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15405] <... futex resumed>) = 1 [pid 15403] <... futex resumed>) = 0 [pid 15409] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15407] <... futex resumed>) = 0 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15404] <... futex resumed>) = 0 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15404] exit_group(0 [pid 15409] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15404] <... exit_group resumed>) = ? [pid 15406] <... open resumed>) = 4 [pid 15409] <... openat resumed>) = 5 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15407] <... futex resumed>) = 0 [pid 15406] <... futex resumed>) = 1 [pid 15403] <... futex resumed>) = 0 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15407] <... futex resumed>) = 0 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15403] <... futex resumed>) = 0 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 196608 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15406] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15405] +++ exited with 0 +++ [pid 15404] +++ exited with 0 +++ [ 271.869157][T15405] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 271.882034][T15420] loop0: detected capacity change from 0 to 2048 [ 271.892564][T15405] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 271.919825][T15414] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/546/bus supports timestamps until 2038 (0x7fffffff) [pid 15414] <... mount resumed>) = 0 [pid 15407] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = 0 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15404, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 15407] <... futex resumed>) = 1 [pid 15406] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = 1 [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15406] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... restart_syscall resumed>) = 0 [pid 15406] <... write resumed>) = 196608 [pid 410] umount2("./552", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./552", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 410] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 410] umount2("./552/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 410] lstat("./552/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 410] unlink("./552/binderfs") = 0 [pid 410] umount2("./552/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15409] <... futex resumed>) = 0 [pid 15409] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15407] <... futex resumed>) = 0 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15409] <... futex resumed>) = 1 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15407] <... futex resumed>) = 0 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15406] <... futex resumed>) = 1 [pid 15403] <... futex resumed>) = 0 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15406] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] <... mount resumed>) = 0 [pid 15403] <... futex resumed>) = 0 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15406] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15406] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] <... open resumed>) = 6 [pid 15403] <... futex resumed>) = 0 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15406] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15406] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15413] <... mount resumed>) = 0 [pid 15414] <... openat resumed>) = 3 [pid 15413] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15414] chdir("./bus" [pid 15413] <... openat resumed>) = 3 [pid 15414] <... chdir resumed>) = 0 [pid 15413] chdir("./bus" [pid 15414] ioctl(4, LOOP_CLR_FD [pid 15413] <... chdir resumed>) = 0 [pid 15414] <... ioctl resumed>) = 0 [pid 15413] ioctl(4, LOOP_CLR_FD [pid 15414] close(4 [pid 15413] <... ioctl resumed>) = 0 [pid 15414] <... close resumed>) = 0 [pid 15413] close(4 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] <... close resumed>) = 0 [pid 15414] <... futex resumed>) = 1 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15410] <... futex resumed>) = 0 [pid 15414] chdir("./file0" [pid 15413] <... futex resumed>) = 1 [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] <... futex resumed>) = 0 [pid 15410] <... futex resumed>) = 0 [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15408] <... futex resumed>) = 0 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15413] chdir("./file0" [pid 15414] <... chdir resumed>) = 0 [pid 15413] <... chdir resumed>) = 0 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] <... futex resumed>) = 1 [pid 15410] <... futex resumed>) = 0 [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15413] <... futex resumed>) = 1 [pid 15408] <... futex resumed>) = 0 [pid 15410] <... futex resumed>) = 0 [pid 15413] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] <... mount resumed>) = 0 [pid 15413] <... open resumed>) = 4 [pid 15409] <... write resumed>) = 1048576 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15407] <... futex resumed>) = 0 [pid 15420] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15414] <... open resumed>) = 4 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] <... write resumed>) = 1048576 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] <... futex resumed>) = 1 [pid 15409] <... futex resumed>) = 0 [pid 15408] <... futex resumed>) = 0 [pid 15407] <... futex resumed>) = 1 [pid 15420] <... openat resumed>) = 3 [pid 15414] <... futex resumed>) = 1 [pid 15413] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] <... futex resumed>) = 0 [ 271.926104][T15413] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/548/bus supports timestamps until 2038 (0x7fffffff) [ 271.948846][T15420] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/543/bus supports timestamps until 2038 (0x7fffffff) [pid 15409] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] <... openat resumed>) = 5 [pid 15410] <... futex resumed>) = 0 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] <... futex resumed>) = 0 [pid 15410] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15410] <... futex resumed>) = 0 [pid 15414] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] chdir("./bus" [pid 15414] <... write resumed>) = 196608 [pid 15413] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15408] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 410] <... umount2 resumed>) = 0 [pid 15420] <... chdir resumed>) = 0 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15406] <... futex resumed>) = 0 [pid 15403] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./552/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15403] <... futex resumed>) = 0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15406] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15403] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] lstat("./552/bus", [pid 15420] ioctl(4, LOOP_CLR_FD [pid 15414] <... futex resumed>) = 1 [pid 15413] <... openat resumed>) = 5 [pid 15410] <... futex resumed>) = 0 [pid 15420] <... ioctl resumed>) = 0 [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15420] close(4 [pid 15414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15413] <... futex resumed>) = 1 [pid 15410] <... futex resumed>) = 0 [pid 15420] <... close resumed>) = 0 [pid 15414] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15413] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] <... mount resumed>) = 0 [pid 15420] <... futex resumed>) = 1 [pid 15415] <... futex resumed>) = 0 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15420] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] <... futex resumed>) = 1 [pid 15410] <... futex resumed>) = 0 [pid 15420] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15415] <... futex resumed>) = 0 [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15420] chdir("./file0" [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15410] <... futex resumed>) = 0 [pid 15414] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] <... open resumed>) = 6 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15410] <... futex resumed>) = 0 [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15410] <... futex resumed>) = 0 [pid 15414] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] <... chdir resumed>) = 0 [pid 15409] <... openat resumed>) = 7 [pid 15408] <... futex resumed>) = 0 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./552/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15420] <... futex resumed>) = 1 [pid 15415] <... futex resumed>) = 0 [pid 15409] <... futex resumed>) = 1 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15420] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] openat(AT_FDCWD, "./552/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15420] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15415] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 4 [pid 15420] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15407] <... futex resumed>) = 0 [pid 410] getdents64(4, [pid 15413] <... futex resumed>) = 0 [pid 15408] <... futex resumed>) = 1 [pid 15407] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15413] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15409] <... futex resumed>) = 0 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15407] <... futex resumed>) = 1 [pid 410] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4 [pid 15409] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 410] <... close resumed>) = 0 [pid 410] rmdir("./552/bus") = 0 [pid 410] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3) = 0 [pid 410] rmdir("./552") = 0 [pid 410] mkdir("./553", 0777) = 0 [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 410] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 15420] <... open resumed>) = 4 [pid 15414] <... write resumed>) = 1048576 [pid 15413] <... write resumed>) = 196608 [pid 15409] <... openat resumed>) = 8 [pid 15407] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... close resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15427 [ 271.979842][T15409] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.000327][T15409] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [ 272.001629][T15406] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 ./strace-static-x86_64: Process 15427 attached [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15427] set_robust_list(0x555555f755e0, 24 [pid 15420] <... futex resumed>) = 1 [pid 15415] <... futex resumed>) = 0 [pid 15414] <... futex resumed>) = 1 [pid 15413] <... futex resumed>) = 1 [pid 15410] <... futex resumed>) = 0 [pid 15409] <... futex resumed>) = 1 [pid 15408] <... futex resumed>) = 0 [pid 15407] <... futex resumed>) = 0 [pid 15427] <... set_robust_list resumed>) = 0 [pid 15420] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15413] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15409] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15407] exit_group(0 [pid 15427] chdir("./553" [pid 15420] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15415] <... futex resumed>) = 0 [pid 15414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15413] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15410] <... futex resumed>) = 0 [pid 15409] <... futex resumed>) = ? [pid 15408] <... futex resumed>) = 0 [pid 15407] <... exit_group resumed>) = ? [pid 15427] <... chdir resumed>) = 0 [pid 15420] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15413] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15409] +++ exited with 0 +++ [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15407] +++ exited with 0 +++ [pid 15420] <... openat resumed>) = 5 [pid 15413] <... mount resumed>) = 0 [pid 15427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15427] setpgid(0, 0) = 0 [pid 15427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15427] write(3, "1000", 4) = 4 [pid 15427] close(3) = 0 [pid 15427] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15427] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15427] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15428], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15428 [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15428 attached [pid 15428] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15428] memfd_create("syzkaller", 0) = 3 [pid 15428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15403] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15407, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 15406] <... openat resumed>) = 7 [pid 15403] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15406] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] <... futex resumed>) = 0 [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15428] munmap(0x7f1c2a016000, 1048576 [pid 15420] <... futex resumed>) = 1 [pid 15413] <... futex resumed>) = 1 [pid 15408] <... futex resumed>) = 0 [pid 15406] <... futex resumed>) = 0 [pid 15403] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15428] <... munmap resumed>) = 0 [pid 15415] <... futex resumed>) = 0 [pid 15406] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15403] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15420] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15428] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 15408] <... futex resumed>) = 0 [pid 15403] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 409] umount2("./543", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15420] <... write resumed>) = 196608 [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15420] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15415] <... futex resumed>) = 1 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] <... futex resumed>) = 0 [pid 15420] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15415] <... futex resumed>) = 0 [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] <... futex resumed>) = 1 [pid 15420] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15415] <... futex resumed>) = 0 [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] <... futex resumed>) = 1 [pid 15420] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15413] <... open resumed>) = 6 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15403] <... mprotect resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15428] <... openat resumed>) = 4 [pid 15403] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 409] openat(AT_FDCWD, "./543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15428] ioctl(4, LOOP_SET_FD, 3 [pid 15413] <... futex resumed>) = 1 [pid 15408] <... futex resumed>) = 0 [pid 409] <... openat resumed>) = 3 ./strace-static-x86_64: Process 15429 attached [pid 15429] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15429] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15413] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] <... futex resumed>) = 0 [pid 15408] <... futex resumed>) = 1 [pid 15413] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] fstat(3, [pid 15403] <... clone resumed>, parent_tid=[15429], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15429 [pid 15403] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15403] <... futex resumed>) = 1 [pid 409] getdents64(3, [pid 15403] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./543/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] unlink("./543/binderfs") = 0 [pid 15428] <... ioctl resumed>) = 0 [pid 409] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15428] close(3) = 0 [pid 15428] mkdir("./bus", 0777) = 0 [pid 15428] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15414] <... openat resumed>) = 7 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15410] <... futex resumed>) = 0 [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15410] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15414] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15414] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15414] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15429] <... futex resumed>) = 0 [pid 15429] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15429] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15429] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15410] <... futex resumed>) = 0 [pid 15403] <... futex resumed>) = 0 [pid 15410] exit_group(0 [pid 15403] exit_group(0 [pid 15410] <... exit_group resumed>) = ? [pid 15406] <... futex resumed>) = 230 [pid 15403] <... exit_group resumed>) = ? [pid 15406] +++ exited with 0 +++ [pid 15414] <... futex resumed>) = ? [pid 15429] <... futex resumed>) = ? [pid 15420] <... write resumed>) = 1048576 [pid 15414] +++ exited with 0 +++ [pid 15413] <... write resumed>) = 1048576 [pid 15410] +++ exited with 0 +++ [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15410, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 412] umount2("./546", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./546", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 412] umount2("./546/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./546/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 412] unlink("./546/binderfs") = 0 [pid 412] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15429] +++ exited with 0 +++ [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15403] +++ exited with 0 +++ [pid 15415] <... futex resumed>) = 0 [pid 15415] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] <... futex resumed>) = 1 [pid 15408] <... futex resumed>) = 0 [pid 15408] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15413] <... futex resumed>) = 1 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15403, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 15413] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 411] umount2("./549", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./549", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./549/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 272.033567][T15406] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 272.044945][T15414] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.060271][T15414] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 272.069754][T15428] loop3: detected capacity change from 0 to 2048 [pid 411] lstat("./549/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 411] unlink("./549/binderfs" [pid 15428] <... mount resumed>) = 0 [pid 411] <... unlink resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 15428] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 411] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15428] <... openat resumed>) = 3 [pid 409] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./543/bus", [pid 15428] chdir("./bus" [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15428] <... chdir resumed>) = 0 [pid 409] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15428] ioctl(4, LOOP_CLR_FD [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15428] <... ioctl resumed>) = 0 [pid 409] openat(AT_FDCWD, "./543/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 409] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 15428] close(4 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15428] <... close resumed>) = 0 [pid 409] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] close(4) = 0 [pid 409] rmdir("./543/bus" [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... rmdir resumed>) = 0 [pid 15428] <... futex resumed>) = 1 [ 272.101768][T15413] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.114302][T15428] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/553/bus supports timestamps until 2038 (0x7fffffff) [ 272.117682][T15420] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15427] <... futex resumed>) = 0 [pid 15428] chdir("./file0" [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15415] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15408] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15415] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0} [pid 15415] <... futex resumed>) = 0 [pid 15415] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15408] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15415] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15408] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15415] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15408] <... futex resumed>) = 0 [pid 15415] <... mprotect resumed>) = 0 [pid 15408] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15415] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15408] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15408] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15415] <... clone resumed>, parent_tid=[15433], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15433 [pid 15408] <... mprotect resumed>) = 0 [pid 15415] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15415] <... futex resumed>) = 0 [pid 15408] <... clone resumed>, parent_tid=[15434], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15434 [pid 15415] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15408] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15408] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] close(3) = 0 [pid 409] rmdir("./543") = 0 [pid 409] mkdir("./544", 0777) = 0 [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15428] <... chdir resumed>) = 0 [pid 409] <... openat resumed>) = 3 [pid 409] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 409] close(3 [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... close resumed>) = 0 [pid 15428] <... futex resumed>) = 1 [pid 15427] <... futex resumed>) = 0 [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15428] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15413] <... openat resumed>) = 7 [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15435 ./strace-static-x86_64: Process 15434 attached [pid 15434] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15434] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 8 [pid 15434] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] <... futex resumed>) = 0 [pid 15434] <... futex resumed>) = 1 [pid 15434] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15433 attached [pid 15433] set_robust_list(0x7f1c2a1159e0, 24) = 0 [pid 15433] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 15435 attached [pid 15435] set_robust_list(0x555555f755e0, 24) = 0 [pid 15435] chdir("./544") = 0 [pid 15435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15435] setpgid(0, 0) = 0 [pid 15435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15435] write(3, "1000", 4) = 4 [pid 15435] close(3) = 0 [pid 15435] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15435] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15435] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15435] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15436], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15436 [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15436 attached [pid 15436] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15436] memfd_create("syzkaller", 0 [pid 15413] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15436] <... memfd_create resumed>) = 3 [pid 15413] <... futex resumed>) = 0 [pid 15413] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15408] exit_group(0 [pid 15436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15434] <... futex resumed>) = ? [pid 15433] <... openat resumed>) = 8 [pid 15428] <... open resumed>) = 4 [pid 15420] <... openat resumed>) = 7 [pid 15413] <... futex resumed>) = ? [pid 15408] <... exit_group resumed>) = ? [pid 15413] +++ exited with 0 +++ [pid 15434] +++ exited with 0 +++ [pid 15433] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15408] +++ exited with 0 +++ [pid 412] <... umount2 resumed>) = 0 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15408, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 408] umount2("./548", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./548", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./548/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./548/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./548/binderfs") = 0 [pid 408] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15433] <... futex resumed>) = 1 [pid 15415] <... futex resumed>) = 0 [pid 412] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./546/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./546/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./546/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 15433] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] fstat(4, [pid 15428] <... futex resumed>) = 1 [pid 15427] <... futex resumed>) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, [pid 15428] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15427] <... futex resumed>) = 0 [pid 412] getdents64(4, [pid 15428] <... openat resumed>) = 5 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./546/bus") = 0 [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./546") = 0 [pid 15428] <... futex resumed>) = 1 [pid 15427] <... futex resumed>) = 0 [pid 15428] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 412] mkdir("./547", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15428] <... write resumed>) = 196608 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... clone resumed>, child_tidptr=0x555555f755d0) = 15437 [pid 15436] <... mmap resumed>) = 0x7f1c2a016000 [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15427] <... futex resumed>) = 0 [pid 15428] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 15437 attached [pid 15428] <... mount resumed>) = 0 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15420] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15437] set_robust_list(0x555555f755e0, 24 [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15427] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15420] <... futex resumed>) = 0 [pid 15437] <... set_robust_list resumed>) = 0 [pid 15428] <... futex resumed>) = 0 [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15420] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15428] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15427] <... futex resumed>) = 0 [pid 15415] exit_group(0 [pid 15428] <... open resumed>) = 6 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15433] <... futex resumed>) = ? [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15427] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15420] <... futex resumed>) = ? [pid 15415] <... exit_group resumed>) = ? [pid 15433] +++ exited with 0 +++ [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15428] <... futex resumed>) = 0 [pid 15427] <... futex resumed>) = 0 [pid 15428] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15436] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15436] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15436] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 272.147680][T15413] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 272.158995][T15420] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [pid 15436] ioctl(4, LOOP_SET_FD, 3 [pid 15437] chdir("./547" [pid 15420] +++ exited with 0 +++ [pid 15415] +++ exited with 0 +++ [pid 15437] <... chdir resumed>) = 0 [pid 15437] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15415, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 15437] <... prctl resumed>) = 0 [pid 15437] setpgid(0, 0) = 0 [pid 15437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 407] umount2("./543", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15437] <... openat resumed>) = 3 [pid 15437] write(3, "1000", 4 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15437] <... write resumed>) = 4 [pid 15437] close(3 [pid 407] openat(AT_FDCWD, "./543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15437] <... close resumed>) = 0 [pid 15437] symlink("/dev/binderfs", "./binderfs" [pid 407] <... openat resumed>) = 3 [pid 15437] <... symlink resumed>) = 0 [pid 407] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 407] getdents64(3, [pid 15437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15437] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 407] umount2("./543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15437] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15437] <... clone resumed>, parent_tid=[15438], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15438 [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] lstat("./543/binderfs", [pid 15437] <... futex resumed>) = 0 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./543/binderfs") = 0 [pid 407] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15436] <... ioctl resumed>) = 0 [pid 15436] close(3) = 0 [pid 15436] mkdir("./bus", 0777) = 0 [pid 15436] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15438 attached [pid 15438] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15438] memfd_create("syzkaller", 0) = 3 [pid 15438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 411] <... umount2 resumed>) = 0 [pid 15438] <... mmap resumed>) = 0x7f1c2a016000 [pid 15438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 411] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./549/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./549/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./549/bus") = 0 [pid 411] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 411] close(3) = 0 [pid 411] rmdir("./549") = 0 [pid 411] mkdir("./550", 0777 [pid 15438] <... write resumed>) = 1048576 [pid 15438] munmap(0x7f1c2a016000, 1048576 [pid 411] <... mkdir resumed>) = 0 [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 411] close(3) = 0 [pid 15438] <... munmap resumed>) = 0 [pid 15438] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 15438] ioctl(4, LOOP_SET_FD, 3 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15440 ./strace-static-x86_64: Process 15440 attached [pid 15428] <... write resumed>) = 1048576 [pid 15438] <... ioctl resumed>) = 0 [pid 15438] close(3) = 0 [pid 15438] mkdir("./bus", 0777 [pid 15440] set_robust_list(0x555555f755e0, 24) = 0 [pid 15440] chdir("./550") = 0 [pid 15440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15440] setpgid(0, 0) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 15427] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15427] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15440] write(3, "1000", 4) = 4 [pid 15440] close(3) = 0 [pid 15440] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15440] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15440] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15440] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15442], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15442 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15428] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15438] <... mkdir resumed>) = 0 [ 272.198111][T15436] loop2: detected capacity change from 0 to 2048 [ 272.231969][T15438] loop5: detected capacity change from 0 to 2048 [pid 15438] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15427] <... futex resumed>) = 0 [pid 15427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15427] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15427] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15443], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15443 [pid 15427] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15427] <... futex resumed>) = 0 [pid 15427] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] lstat("./548/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15436] <... mount resumed>) = 0 [pid 15436] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 15436] chdir("./bus") = 0 [pid 15436] ioctl(4, LOOP_CLR_FD) = 0 [pid 15436] close(4) = 0 [pid 407] <... umount2 resumed>) = 0 [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15436] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15435] <... futex resumed>) = 0 [pid 15436] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15436] chdir("./file0") = 0 [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15436] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15435] <... futex resumed>) = 1 [pid 15436] <... futex resumed>) = 0 [pid 15436] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 15442 attached [pid 15442] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] memfd_create("syzkaller", 0) = 3 [pid 15442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15436] <... futex resumed>) = 0 [pid 408] openat(AT_FDCWD, "./548/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15436] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 408] <... openat resumed>) = 4 [pid 407] lstat("./543/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] umount2("./543/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15436] <... open resumed>) = 4 [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] getdents64(4, [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 407] openat(AT_FDCWD, "./543/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] getdents64(4, [pid 15435] <... futex resumed>) = 0 [pid 15436] <... futex resumed>) = 1 [pid 408] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... openat resumed>) = 4 [pid 15436] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15435] <... futex resumed>) = 0 [pid 408] close(4 [pid 407] fstat(4, [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15436] <... openat resumed>) = 5 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... close resumed>) = 0 [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] rmdir("./548/bus" [pid 407] getdents64(4, [pid 15436] <... futex resumed>) = 1 [pid 15435] <... futex resumed>) = 0 [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] <... rmdir resumed>) = 0 [pid 15436] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 408] getdents64(3, [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] getdents64(4, [pid 15442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 408] close(3 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 407] close(4 [pid 408] <... close resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./543/bus") = 0 [pid 15436] <... write resumed>) = 196608 [pid 408] rmdir("./548" [pid 407] getdents64(3, [pid 408] <... rmdir resumed>) = 0 [pid 407] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3) = 0 [pid 407] rmdir("./543") = 0 [pid 408] mkdir("./549", 0777) = 0 [pid 407] mkdir("./544", 0777 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 408] <... openat resumed>) = 3 [pid 407] <... mkdir resumed>) = 0 [pid 15436] <... futex resumed>) = 1 [pid 15435] <... futex resumed>) = 0 [pid 408] ioctl(3, LOOP_CLR_FD [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15436] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15435] <... futex resumed>) = 0 [pid 408] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] close(3 [pid 407] <... openat resumed>) = 3 [pid 15436] <... mount resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 407] ioctl(3, LOOP_CLR_FD [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 15442] <... write resumed>) = 1048576 [pid 15442] munmap(0x7f1c2a016000, 1048576 [pid 407] close(3 [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15444 [pid 15435] <... futex resumed>) = 0 [pid 407] <... close resumed>) = 0 [pid 15436] <... futex resumed>) = 1 [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] <... munmap resumed>) = 0 [pid 15436] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15442] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 15442] ioctl(4, LOOP_SET_FD, 3 [pid 15436] <... open resumed>) = 6 [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15445 [pid 15435] <... futex resumed>) = 0 [pid 15436] <... futex resumed>) = 1 [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15436] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15444 attached [pid 15444] set_robust_list(0x555555f755e0, 24) = 0 [pid 15444] chdir("./549") = 0 [pid 15444] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15444] setpgid(0, 0) = 0 [pid 15444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15444] write(3, "1000", 4) = 4 [pid 15444] close(3) = 0 [pid 15444] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 15443 attached ./strace-static-x86_64: Process 15445 attached ) = 0 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15443] set_robust_list(0x7f1c2a1159e0, 24 [pid 15445] set_robust_list(0x555555f755e0, 24 [pid 15443] <... set_robust_list resumed>) = 0 [pid 15445] <... set_robust_list resumed>) = 0 [pid 15443] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15445] chdir("./544") = 0 [pid 15445] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15444] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15445] setpgid(0, 0 [pid 15444] <... mmap resumed>) = 0x7f1c32416000 [ 272.243270][T15436] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/544/bus supports timestamps until 2038 (0x7fffffff) [ 272.286887][T15442] loop4: detected capacity change from 0 to 2048 [pid 15444] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15444] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15446], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15446 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15442] <... ioctl resumed>) = 0 [pid 15442] close(3) = 0 [pid 15442] mkdir("./bus", 0777) = 0 [pid 15442] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15445] <... setpgid resumed>) = 0 [pid 15445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15445] write(3, "1000", 4) = 4 [pid 15445] close(3) = 0 [pid 15445] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15445] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15445] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15445] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15447], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15447 [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15447 attached [pid 15447] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15447] memfd_create("syzkaller", 0) = 3 [pid 15447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15427] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15447] <... mmap resumed>) = 0x7f1c2a016000 [pid 15427] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15428] <... futex resumed>) = 0 [pid 15427] <... futex resumed>) = 1 [pid 15428] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15427] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15436] <... write resumed>) = 1048576 [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15435] <... futex resumed>) = 0 [pid 15436] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15435] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15436] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15435] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15436] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15447] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 15447] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15447] close(3) = 0 [pid 15447] mkdir("./bus", 0777) = 0 [pid 15447] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue"./strace-static-x86_64: Process 15446 attached [pid 15446] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15446] memfd_create("syzkaller", 0) = 3 [pid 15446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15446] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15446] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15446] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 272.303107][T15443] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.328363][T15436] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.333730][T15447] loop0: detected capacity change from 0 to 2048 [pid 15446] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15446] close(3) = 0 [pid 15446] mkdir("./bus", 0777) = 0 [pid 15446] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15427] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15435] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15435] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 272.365919][T15446] loop1: detected capacity change from 0 to 2048 [ 272.366024][T15442] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/550/bus supports timestamps until 2038 (0x7fffffff) [ 272.384291][T15443] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [ 272.385305][T15438] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/547/bus supports timestamps until 2038 (0x7fffffff) [ 272.393458][T15436] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 15435] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15443] <... openat resumed>) = 7 [pid 15442] <... mount resumed>) = 0 [pid 15438] <... mount resumed>) = 0 [pid 15435] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15428] <... openat resumed>) = 8 [pid 15443] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15438] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15435] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 15428] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15443] <... futex resumed>) = 0 [pid 15442] <... openat resumed>) = 3 [pid 15438] <... openat resumed>) = 3 [pid 15435] <... mprotect resumed>) = 0 [pid 15428] <... futex resumed>) = 0 [pid 15427] exit_group(0 [pid 15442] chdir("./bus" [pid 15438] chdir("./bus" [pid 15435] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15427] <... exit_group resumed>) = ? [pid 15443] +++ exited with 0 +++ [pid 15442] <... chdir resumed>) = 0 [pid 15438] <... chdir resumed>) = 0 [pid 15428] +++ exited with 0 +++ [pid 15427] +++ exited with 0 +++ [pid 15442] ioctl(4, LOOP_CLR_FD [pid 15438] ioctl(4, LOOP_CLR_FD [pid 15435] <... clone resumed>, parent_tid=[15454], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15454 [pid 15442] <... ioctl resumed>) = 0 [pid 15438] <... ioctl resumed>) = 0 [pid 15435] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] close(4 [pid 15438] close(4 [pid 15435] <... futex resumed>) = 0 ./strace-static-x86_64: Process 15454 attached [pid 15447] <... mount resumed>) = 0 [pid 15442] <... close resumed>) = 0 [pid 15438] <... close resumed>) = 0 [pid 15436] <... openat resumed>) = 7 [pid 15435] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] <... futex resumed>) = 1 [pid 15438] <... futex resumed>) = 1 [pid 15437] <... futex resumed>) = 0 [pid 15442] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15437] <... futex resumed>) = 0 [pid 15438] chdir("./file0" [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15436] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15427, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 15440] <... futex resumed>) = 0 [pid 15438] <... chdir resumed>) = 0 [pid 15436] <... futex resumed>) = 0 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15437] <... futex resumed>) = 0 [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15437] <... futex resumed>) = 0 [pid 15438] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15454] set_robust_list(0x7f1c2a1159e0, 24 [pid 15447] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... open resumed>) = 4 [pid 15436] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] umount2("./553", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15454] <... set_robust_list resumed>) = 0 [pid 15447] <... openat resumed>) = 3 [pid 15442] <... futex resumed>) = 0 [pid 15440] <... futex resumed>) = 1 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] chdir("./file0" [pid 410] openat(AT_FDCWD, "./553", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15447] chdir("./bus" [pid 410] <... openat resumed>) = 3 [pid 15447] <... chdir resumed>) = 0 [pid 15447] ioctl(4, LOOP_CLR_FD [pid 15442] <... chdir resumed>) = 0 [pid 15454] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15438] <... futex resumed>) = 1 [pid 15437] <... futex resumed>) = 0 [pid 410] fstat(3, [pid 15447] <... ioctl resumed>) = 0 [pid 15447] close(4 [pid 15454] <... openat resumed>) = 8 [pid 15447] <... close resumed>) = 0 [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15447] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15454] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15435] <... futex resumed>) = 0 [pid 15454] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15435] exit_group(0 [pid 15454] <... futex resumed>) = ? [pid 15435] <... exit_group resumed>) = ? [pid 15454] +++ exited with 0 +++ [pid 15442] <... futex resumed>) = 1 [pid 15442] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15438] <... openat resumed>) = 5 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL) = 0 [pid 15437] <... futex resumed>) = 1 [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... futex resumed>) = 0 [pid 15437] <... futex resumed>) = 1 [pid 15438] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15438] <... write resumed>) = 196608 [pid 15445] <... futex resumed>) = 0 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15440] <... futex resumed>) = 0 [pid 410] getdents64(3, [pid 15436] <... futex resumed>) = ? [pid 15446] <... mount resumed>) = 0 [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... futex resumed>) = 1 [pid 15437] <... futex resumed>) = 0 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15437] <... futex resumed>) = 0 [pid 15438] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15438] <... mount resumed>) = 0 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15437] <... futex resumed>) = 0 [pid 15436] +++ exited with 0 +++ [pid 15435] +++ exited with 0 +++ [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15445] <... futex resumed>) = 1 [pid 15442] <... futex resumed>) = 0 [pid 15440] <... futex resumed>) = 1 [pid 15438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15437] <... futex resumed>) = 0 [pid 410] umount2("./553/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15435, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15438] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] umount2("./544", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15438] <... open resumed>) = 6 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15437] <... futex resumed>) = 0 [pid 15438] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15437] <... futex resumed>) = 0 [pid 410] lstat("./553/binderfs", [pid 15438] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15447] <... futex resumed>) = 0 [pid 15446] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15442] <... open resumed>) = 4 [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] openat(AT_FDCWD, "./544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] unlink("./553/binderfs" [pid 409] <... openat resumed>) = 3 [pid 15442] <... futex resumed>) = 1 [pid 15440] <... futex resumed>) = 0 [pid 15442] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... unlink resumed>) = 0 [pid 409] fstat(3, [pid 15440] <... futex resumed>) = 0 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] <... openat resumed>) = 5 [pid 410] umount2("./553/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15442] <... futex resumed>) = 1 [pid 15440] <... futex resumed>) = 0 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] umount2("./544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15442] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15447] chdir("./file0") = 0 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15447] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15446] <... openat resumed>) = 3 [pid 15446] chdir("./bus") = 0 [pid 15446] ioctl(4, LOOP_CLR_FD) = 0 [pid 15446] close(4) = 0 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15446] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15445] <... futex resumed>) = 0 [pid 15444] <... futex resumed>) = 0 [pid 15442] <... write resumed>) = 196608 [pid 409] lstat("./544/binderfs", [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15445] <... futex resumed>) = 1 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15444] <... futex resumed>) = 1 [pid 409] unlink("./544/binderfs" [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 409] <... unlink resumed>) = 0 [ 272.414367][T15447] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/544/bus supports timestamps until 2038 (0x7fffffff) [ 272.434905][T15446] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/549/bus supports timestamps until 2038 (0x7fffffff) [pid 409] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15438] <... write resumed>) = 1048576 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15437] <... futex resumed>) = 0 [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15438] <... futex resumed>) = 1 [pid 15438] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15447] <... futex resumed>) = 0 [pid 15447] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15446] <... futex resumed>) = 0 [pid 15446] chdir("./file0" [pid 15442] <... futex resumed>) = 1 [pid 15442] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15440] <... futex resumed>) = 0 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] <... futex resumed>) = 0 [pid 15440] <... futex resumed>) = 1 [pid 15446] <... chdir resumed>) = 0 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15446] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15442] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15444] <... futex resumed>) = 0 [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] <... futex resumed>) = 0 [pid 15446] <... futex resumed>) = 0 [pid 15444] <... futex resumed>) = 1 [pid 15442] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15447] <... open resumed>) = 4 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15447] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15440] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] <... futex resumed>) = 0 [pid 15440] <... futex resumed>) = 1 [pid 15442] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] <... open resumed>) = 6 [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15440] <... futex resumed>) = 0 [pid 15442] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15445] <... futex resumed>) = 0 [pid 15438] <... openat resumed>) = 7 [pid 15446] <... open resumed>) = 4 [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15447] <... futex resumed>) = 0 [pid 15445] <... futex resumed>) = 1 [pid 15447] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15438] <... futex resumed>) = 1 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15437] <... futex resumed>) = 0 [pid 15447] <... openat resumed>) = 5 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15446] <... futex resumed>) = 1 [pid 15444] <... futex resumed>) = 0 [pid 15442] <... write resumed>) = 1048576 [pid 15438] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15437] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15446] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15437] <... futex resumed>) = 0 [pid 15446] <... openat resumed>) = 5 [pid 15444] <... futex resumed>) = 0 [pid 15437] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] <... futex resumed>) = 0 [pid 15444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15446] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15447] <... futex resumed>) = 1 [pid 15445] <... futex resumed>) = 0 [pid 15444] <... futex resumed>) = 0 [pid 15447] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15446] <... write resumed>) = 196608 [pid 15445] <... futex resumed>) = 0 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] <... openat resumed>) = 8 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15447] <... write resumed>) = 196608 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15444] <... futex resumed>) = 0 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] <... futex resumed>) = 1 [pid 15446] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15444] <... futex resumed>) = 0 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] <... futex resumed>) = 1 [pid 15446] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15444] <... futex resumed>) = 0 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15446] <... futex resumed>) = 1 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15445] <... futex resumed>) = 0 [pid 15447] <... futex resumed>) = 1 [pid 15447] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15442] <... futex resumed>) = 1 [pid 15440] <... futex resumed>) = 0 [pid 15438] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15447] <... mount resumed>) = 0 [pid 15445] <... futex resumed>) = 0 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15440] <... futex resumed>) = 0 [pid 15447] <... futex resumed>) = 0 [pid 15445] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15447] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15447] <... open resumed>) = 6 [pid 15445] <... futex resumed>) = 0 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15447] <... futex resumed>) = 0 [pid 15445] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15447] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15442] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15438] <... futex resumed>) = 1 [pid 15437] <... futex resumed>) = 0 [pid 15437] exit_group(0) = ? [ 272.465983][T15438] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.484835][T15438] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15447] <... write resumed>) = 1048576 [pid 15446] <... write resumed>) = 1048576 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15445] <... futex resumed>) = 0 [pid 15445] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15445] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15447] <... futex resumed>) = 1 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15438] +++ exited with 0 +++ [pid 15437] +++ exited with 0 +++ [pid 410] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15437, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 410] umount2("./553/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] lstat("./553/bus", [pid 409] lstat("./544/bus", [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./553/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] openat(AT_FDCWD, "./553/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 409] openat(AT_FDCWD, "./544/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15447] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15446] <... futex resumed>) = 1 [pid 15444] <... futex resumed>) = 0 [pid 410] <... openat resumed>) = 4 [pid 409] <... openat resumed>) = 4 [pid 15442] <... openat resumed>) = 7 [pid 412] umount2("./547", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./547", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 412] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(3, [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15442] <... futex resumed>) = 1 [pid 15440] <... futex resumed>) = 0 [pid 412] umount2("./547/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15442] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15440] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15442] <... openat resumed>) = 8 [pid 15440] <... futex resumed>) = 0 [pid 412] lstat("./547/binderfs", [pid 15442] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15440] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15442] <... futex resumed>) = 0 [pid 15440] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 412] unlink("./547/binderfs" [pid 15442] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15440] exit_group(0 [pid 412] <... unlink resumed>) = 0 [pid 15442] <... futex resumed>) = ? [pid 15440] <... exit_group resumed>) = ? [pid 412] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW [ 272.513746][T15442] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.533948][T15442] EXT4-fs error (device loop4) in ext4_free_blocks:6155: Corrupt filesystem [ 272.540475][T15447] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15446] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] fstat(4, [pid 409] fstat(4, [pid 15444] <... futex resumed>) = 0 [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] getdents64(4, [pid 409] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 410] getdents64(4, [pid 409] getdents64(4, [pid 410] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 410] close(4 [pid 409] close(4 [pid 410] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 410] rmdir("./553/bus" [pid 409] rmdir("./544/bus" [pid 410] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 410] getdents64(3, [pid 409] getdents64(3, [pid 410] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 409] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 410] close(3 [pid 409] close(3 [pid 410] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 410] rmdir("./553" [pid 409] rmdir("./544" [pid 410] <... rmdir resumed>) = 0 [pid 409] <... rmdir resumed>) = 0 [pid 410] mkdir("./554", 0777 [pid 409] mkdir("./545", 0777 [pid 410] <... mkdir resumed>) = 0 [pid 409] <... mkdir resumed>) = 0 [pid 15445] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15442] +++ exited with 0 +++ [pid 15440] +++ exited with 0 +++ [pid 410] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 409] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 15447] <... openat resumed>) = 7 [pid 15445] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 409] <... openat resumed>) = 3 [pid 410] ioctl(3, LOOP_CLR_FD [pid 409] ioctl(3, LOOP_CLR_FD [pid 410] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 409] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 410] close(3 [pid 409] close(3 [pid 410] <... close resumed>) = 0 [pid 409] <... close resumed>) = 0 [pid 410] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 409] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 410] <... clone resumed>, child_tidptr=0x555555f755d0) = 15457 [pid 409] <... clone resumed>, child_tidptr=0x555555f755d0) = 15458 [pid 15447] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15445] <... futex resumed>) = 0 [pid 411] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15440, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15445] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c2a0f5000 [pid 15445] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15445] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15459], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15459 [pid 15445] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15445] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 15457 attached [pid 15457] set_robust_list(0x555555f755e0, 24) = 0 [pid 15457] chdir("./554") = 0 [pid 15457] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15457] setpgid(0, 0) = 0 [pid 15457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15457] write(3, "1000", 4) = 4 [pid 15457] close(3) = 0 [pid 15457] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15457] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15447] <... futex resumed>) = 0 [pid 411] restart_syscall(<... resuming interrupted clone ...> [pid 15447] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] <... restart_syscall resumed>) = 0 [pid 411] umount2("./550", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15457] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15457] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] openat(AT_FDCWD, "./550", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 411] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 411] umount2("./550/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 411] lstat("./550/binderfs", ./strace-static-x86_64: Process 15459 attached ./strace-static-x86_64: Process 15458 attached {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15459] set_robust_list(0x7f1c2a1159e0, 24 [pid 411] unlink("./550/binderfs" [pid 15458] set_robust_list(0x555555f755e0, 24 [pid 411] <... unlink resumed>) = 0 [pid 15459] <... set_robust_list resumed>) = 0 [pid 15458] <... set_robust_list resumed>) = 0 [pid 411] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15457] <... clone resumed>, parent_tid=[15460], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15460 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15460 attached [pid 15460] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15459] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15460] memfd_create("syzkaller", 0) = 3 [pid 15460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15459] <... openat resumed>) = 8 [pid 15459] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] chdir("./545" [pid 15445] <... futex resumed>) = 0 [pid 15459] <... futex resumed>) = 1 [pid 15459] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15458] <... chdir resumed>) = 0 [pid 15445] exit_group(0 [pid 15446] <... openat resumed>) = 7 [pid 15459] <... futex resumed>) = 7 [pid 15458] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15447] <... futex resumed>) = ? [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15459] +++ exited with 0 +++ [pid 15445] <... exit_group resumed>) = ? [pid 15447] +++ exited with 0 +++ [pid 15445] +++ exited with 0 +++ [pid 407] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15445, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [pid 15458] <... prctl resumed>) = 0 [pid 15446] <... futex resumed>) = 1 [pid 15444] <... futex resumed>) = 0 [pid 407] umount2("./544", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15458] setpgid(0, 0 [pid 15446] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15444] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] <... setpgid resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15444] <... futex resumed>) = 0 [pid 15460] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15446] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15444] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15446] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 407] openat(AT_FDCWD, "./544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 407] fstat(3, [pid 15458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15458] <... openat resumed>) = 3 [pid 407] getdents64(3, [pid 15458] write(3, "1000", 4) = 4 [pid 15458] close(3) = 0 [pid 15458] symlink("/dev/binderfs", "./binderfs" [pid 407] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15458] <... symlink resumed>) = 0 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15446] <... openat resumed>) = 8 [pid 407] umount2("./544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15458] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15458] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15461], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15461 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15446] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 407] lstat("./544/binderfs", [pid 15458] <... futex resumed>) = 0 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 15461 attached [pid 15461] set_robust_list(0x7f1c324369e0, 24) = 0 [pid 15461] memfd_create("syzkaller", 0 [pid 407] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 407] unlink("./544/binderfs" [pid 15446] <... futex resumed>) = 1 [pid 15444] <... futex resumed>) = 0 [pid 15461] <... memfd_create resumed>) = 3 [pid 15461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1c2a016000 [pid 15444] exit_group(0 [pid 407] <... unlink resumed>) = 0 [pid 15444] <... exit_group resumed>) = ? [ 272.557681][T15446] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.570038][T15447] EXT4-fs error (device loop0) in ext4_free_blocks:6155: Corrupt filesystem [ 272.581699][T15446] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [pid 407] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 15461] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15461] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 15461] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 15461] close(3) = 0 [pid 15461] mkdir("./bus", 0777) = 0 [pid 15461] mount("/dev/loop2", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15460] <... write resumed>) = 1048576 [pid 15460] munmap(0x7f1c2a016000, 1048576) = 0 [pid 15460] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 15460] ioctl(4, LOOP_SET_FD, 3 [pid 15446] +++ exited with 0 +++ [pid 15444] +++ exited with 0 +++ [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15444, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 408] restart_syscall(<... resuming interrupted clone ...> [pid 412] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = 0 [pid 408] <... restart_syscall resumed>) = 0 [pid 408] umount2("./549", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] openat(AT_FDCWD, "./549", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 408] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(3, 0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] umount2("./549/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 408] lstat("./549/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] unlink("./549/binderfs") = 0 [pid 408] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] lstat("./547/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] umount2("./547/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 412] openat(AT_FDCWD, "./547/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 412] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 412] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 412] close(4) = 0 [pid 412] rmdir("./547/bus") = 0 [pid 412] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 412] close(3) = 0 [pid 412] rmdir("./547") = 0 [pid 412] mkdir("./548", 0777) = 0 [pid 412] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 412] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 412] close(3) = 0 [pid 412] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f755d0) = 15464 ./strace-static-x86_64: Process 15464 attached [pid 15464] set_robust_list(0x555555f755e0, 24) = 0 [pid 15464] chdir("./548") = 0 [pid 15464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15464] setpgid(0, 0) = 0 [pid 15464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 15464] write(3, "1000", 4) = 4 [pid 15464] close(3) = 0 [pid 15464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15464] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15464] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15464] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15465], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15465 [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 411] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] <... umount2 resumed>) = 0 [pid 411] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] lstat("./550/bus", [pid 407] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 15460] <... ioctl resumed>) = 0 [pid 411] openat(AT_FDCWD, "./550/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15460] close(3) = 0 [pid 15460] mkdir("./bus", 0777 [pid 411] <... openat resumed>) = 4 [pid 411] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] getdents64(4, [pid 407] lstat("./544/bus", [pid 15460] <... mkdir resumed>) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 15460] mount("/dev/loop3", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 411] getdents64(4, [pid 407] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] close(4) = 0 [pid 411] rmdir("./550/bus" [pid 407] umount2("./544/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 411] <... rmdir resumed>) = 0 [pid 407] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 411] getdents64(3, [pid 407] openat(AT_FDCWD, "./544/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 411] <... getdents64 resumed>0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] <... openat resumed>) = 4 [pid 411] close(3) = 0 [pid 407] fstat(4, [pid 411] rmdir("./550") = 0 [pid 407] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 411] mkdir("./551", 0777) = 0 [pid 407] getdents64(4, [pid 411] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 411] ioctl(3, LOOP_CLR_FD [pid 407] <... getdents64 resumed>0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 411] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 407] getdents64(4, [pid 411] close(3 [pid 407] <... getdents64 resumed>0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 411] <... close resumed>) = 0 [pid 407] close(4 [pid 411] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 407] <... close resumed>) = 0 [pid 411] <... clone resumed>, child_tidptr=0x555555f755d0) = 15466 [pid 407] rmdir("./544/bus") = 0 [pid 407] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 407] close(3 [pid 408] <... umount2 resumed>) = 0 [pid 408] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 407] <... close resumed>) = 0 [pid 407] rmdir("./544") = 0 [pid 408] lstat("./549/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 407] mkdir("./545", 0777) = 0 [pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 407] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 408] umount2("./549/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 407] close(3 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 407] <... close resumed>) = 0 [pid 407] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 408] openat(AT_FDCWD, "./549/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 408] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] getdents64(4, 0x555555f7e660 /* 2 entries */, 32768) = 48 [pid 408] getdents64(4, 0x555555f7e660 /* 0 entries */, 32768) = 0 [pid 408] close(4) = 0 [pid 407] <... clone resumed>, child_tidptr=0x555555f755d0) = 15467 [pid 408] rmdir("./549/bus") = 0 [pid 408] getdents64(3, 0x555555f76620 /* 0 entries */, 32768) = 0 [pid 408] close(3) = 0 [pid 408] rmdir("./549") = 0 [pid 408] mkdir("./550", 0777) = 0 [pid 408] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 408] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 15466 attached ) = -1 ENXIO (No such device or address) [pid 15466] set_robust_list(0x555555f755e0, 24 [pid 408] close(3 [pid 15466] <... set_robust_list resumed>) = 0 [pid 408] <... close resumed>) = 0 [pid 408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 15466] chdir("./551" [pid 408] <... clone resumed>, child_tidptr=0x555555f755d0) = 15468 ./strace-static-x86_64: Process 15467 attached [pid 15466] <... chdir resumed>) = 0 [pid 15467] set_robust_list(0x555555f755e0, 24) = 0 [pid 15466] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 15467] chdir("./545") = 0 [pid 15467] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15467] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 15465 attached [pid 15465] set_robust_list(0x7f1c324369e0, 24 [pid 15467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15465] <... set_robust_list resumed>) = 0 [pid 15465] memfd_create("syzkaller", 0 [pid 15467] <... openat resumed>) = 3 [pid 15465] <... memfd_create resumed>) = 3 [pid 15467] write(3, "1000", 4 [pid 15465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15467] <... write resumed>) = 4 [pid 15465] <... mmap resumed>) = 0x7f1c2a016000 [pid 15467] close(3 [pid 15466] <... prctl resumed>) = 0 [pid 15467] <... close resumed>) = 0 [pid 15467] symlink("/dev/binderfs", "./binderfs") = 0 [pid 15466] setpgid(0, 0 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15467] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15467] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 15467] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15466] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 15468 attached [pid 15467] <... clone resumed>, parent_tid=[15470], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15470 [pid 15468] set_robust_list(0x555555f755e0, 24 [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15468] <... set_robust_list resumed>) = 0 [pid 15467] <... futex resumed>) = 0 [pid 15468] chdir("./550" [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15468] <... chdir resumed>) = 0 [pid 15466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 15466] <... openat resumed>) = 3 [pid 15468] setpgid(0, 0 [pid 15466] write(3, "1000", 4 [pid 15468] <... setpgid resumed>) = 0 [pid 15468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 15466] <... write resumed>) = 4 [pid 15468] <... openat resumed>) = 3 [pid 15468] write(3, "1000", 4) = 4 [pid 15468] close(3) = 0 [pid 15468] symlink("/dev/binderfs", "./binderfs" [pid 15466] close(3 [pid 15468] <... symlink resumed>) = 0 [pid 15466] <... close resumed>) = 0 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] symlink("/dev/binderfs", "./binderfs" [pid 15468] <... futex resumed>) = 0 [pid 15468] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15466] <... symlink resumed>) = 0 [pid 15468] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15468] <... mprotect resumed>) = 0 [pid 15468] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[15472], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15472 [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15466] <... futex resumed>) = 0 [pid 15466] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1c32416000 [pid 15466] mprotect(0x7f1c32417000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 15472 attached ./strace-static-x86_64: Process 15470 attached ) = 0 [pid 15461] <... mount resumed>) = 0 [pid 15472] set_robust_list(0x7f1c324369e0, 24 [pid 15466] clone(child_stack=0x7f1c324363f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [ 272.627694][T15461] loop2: detected capacity change from 0 to 2048 [ 272.639991][T15460] loop3: detected capacity change from 0 to 2048 [ 272.646399][T15461] ext4 filesystem being mounted at /root/syzkaller.0yVtK8/545/bus supports timestamps until 2038 (0x7fffffff) [pid 15461] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15472] <... set_robust_list resumed>) = 0 [pid 15461] <... openat resumed>) = 3 [pid 15472] memfd_create("syzkaller", 0 [pid 15466] <... clone resumed>, parent_tid=[15473], tls=0x7f1c32436700, child_tidptr=0x7f1c324369d0) = 15473 [pid 15461] chdir("./bus" [pid 15472] <... memfd_create resumed>) = 3 [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... chdir resumed>) = 0 [pid 15472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15466] <... futex resumed>) = 0 [pid 15461] ioctl(4, LOOP_CLR_FD [pid 15472] <... mmap resumed>) = 0x7f1c2a016000 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 15461] <... ioctl resumed>) = 0 [pid 15461] close(4./strace-static-x86_64: Process 15473 attached [pid 15472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15470] set_robust_list(0x7f1c324369e0, 24 [pid 15465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15461] <... close resumed>) = 0 [pid 15460] <... mount resumed>) = 0 [pid 15473] set_robust_list(0x7f1c324369e0, 24 [pid 15470] <... set_robust_list resumed>) = 0 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15473] <... set_robust_list resumed>) = 0 [pid 15470] memfd_create("syzkaller", 0 [pid 15465] <... write resumed>) = 1048576 [pid 15460] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15458] <... futex resumed>) = 0 [pid 15473] memfd_create("syzkaller", 0 [pid 15470] <... memfd_create resumed>) = 3 [pid 15465] munmap(0x7f1c2a016000, 1048576 [pid 15460] <... openat resumed>) = 3 [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] <... memfd_create resumed>) = 3 [pid 15470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15465] <... munmap resumed>) = 0 [pid 15460] chdir("./bus" [pid 15458] <... futex resumed>) = 1 [pid 15461] <... futex resumed>) = 0 [pid 15473] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 15472] <... write resumed>) = 1048576 [pid 15470] <... mmap resumed>) = 0x7f1c2a016000 [pid 15465] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 15461] chdir("./file0" [pid 15460] <... chdir resumed>) = 0 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15473] <... mmap resumed>) = 0x7f1c2a016000 [pid 15472] munmap(0x7f1c2a016000, 1048576 [pid 15470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15465] <... openat resumed>) = 4 [pid 15461] <... chdir resumed>) = 0 [pid 15460] ioctl(4, LOOP_CLR_FD [pid 15472] <... munmap resumed>) = 0 [pid 15472] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 15472] ioctl(4, LOOP_SET_FD, 3 [pid 15473] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 15470] <... write resumed>) = 1048576 [pid 15465] ioctl(4, LOOP_SET_FD, 3 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... ioctl resumed>) = 0 [pid 15472] <... ioctl resumed>) = 0 [pid 15472] close(3) = 0 [pid 15472] mkdir("./bus", 0777) = 0 [pid 15472] mount("/dev/loop1", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15460] close(4 [pid 15470] munmap(0x7f1c2a016000, 1048576 [pid 15461] <... futex resumed>) = 1 [pid 15460] <... close resumed>) = 0 [pid 15458] <... futex resumed>) = 0 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15465] <... ioctl resumed>) = 0 [pid 15465] close(3) = 0 [pid 15465] mkdir("./bus", 0777) = 0 [pid 15465] mount("/dev/loop5", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15458] <... futex resumed>) = 0 [pid 15461] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15460] <... futex resumed>) = 1 [pid 15457] <... futex resumed>) = 0 [pid 15460] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... open resumed>) = 4 [pid 15460] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15457] <... futex resumed>) = 0 [pid 15473] <... write resumed>) = 1048576 [pid 15470] <... munmap resumed>) = 0 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] chdir("./file0" [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15473] munmap(0x7f1c2a016000, 1048576 [pid 15470] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 15461] <... futex resumed>) = 1 [pid 15458] <... futex resumed>) = 0 [pid 15473] <... munmap resumed>) = 0 [pid 15470] <... openat resumed>) = 4 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15460] <... chdir resumed>) = 0 [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 272.702110][T15460] ext4 filesystem being mounted at /root/syzkaller.SMi2Ya/554/bus supports timestamps until 2038 (0x7fffffff) [ 272.727836][T15472] loop1: detected capacity change from 0 to 2048 [ 272.733709][T15465] loop5: detected capacity change from 0 to 2048 [pid 15470] ioctl(4, LOOP_SET_FD, 3 [pid 15461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] <... futex resumed>) = 0 [pid 15473] <... openat resumed>) = 4 [pid 15461] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15460] <... futex resumed>) = 1 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15457] <... futex resumed>) = 0 [pid 15473] ioctl(4, LOOP_SET_FD, 3 [pid 15461] <... openat resumed>) = 5 [pid 15460] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15470] <... ioctl resumed>) = 0 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15461] <... futex resumed>) = 1 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15473] <... ioctl resumed>) = 0 [pid 15473] close(3) = 0 [pid 15473] mkdir("./bus", 0777) = 0 [pid 15473] mount("/dev/loop4", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15457] <... futex resumed>) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15470] close(3) = 0 [pid 15470] mkdir("./bus", 0777) = 0 [pid 15470] mount("/dev/loop0", "./bus", "ext4", MS_NODIRATIME|MS_REC|MS_I_VERSION, ",errors=continue" [pid 15458] <... futex resumed>) = 0 [pid 15460] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15465] <... mount resumed>) = 0 [pid 15465] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... futex resumed>) = 0 [pid 15458] <... futex resumed>) = 1 [pid 15461] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15465] <... openat resumed>) = 3 [pid 15465] chdir("./bus") = 0 [pid 15465] ioctl(4, LOOP_CLR_FD) = 0 [pid 15465] close(4) = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15465] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15461] <... write resumed>) = 196608 [pid 15464] <... futex resumed>) = 0 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] <... open resumed>) = 4 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15457] <... futex resumed>) = 0 [pid 15460] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... openat resumed>) = 5 [pid 15457] <... futex resumed>) = 0 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] <... futex resumed>) = 0 [pid 15457] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15460] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... write resumed>) = 196608 [pid 15457] <... futex resumed>) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15457] <... futex resumed>) = 0 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] <... futex resumed>) = 1 [pid 15460] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15457] <... futex resumed>) = 0 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] <... futex resumed>) = 1 [pid 15460] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 6 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15457] <... futex resumed>) = 0 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] <... futex resumed>) = 1 [pid 15460] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15458] <... futex resumed>) = 0 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15465] <... futex resumed>) = 0 [pid 15472] <... mount resumed>) = 0 [pid 15472] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... futex resumed>) = 0 [pid 15458] <... futex resumed>) = 1 [pid 15472] <... openat resumed>) = 3 [pid 15461] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15461] <... mount resumed>) = 0 [pid 15472] chdir("./bus") = 0 [pid 15472] ioctl(4, LOOP_CLR_FD) = 0 [pid 15472] close(4) = 0 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15458] <... futex resumed>) = 0 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15458] <... futex resumed>) = 0 [pid 15461] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15461] <... open resumed>) = 6 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15458] <... futex resumed>) = 0 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15458] <... futex resumed>) = 0 [pid 15461] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] <... futex resumed>) = 1 [pid 15472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15465] chdir("./file0") = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15464] <... futex resumed>) = 0 [pid 15468] <... futex resumed>) = 0 [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15464] <... futex resumed>) = 0 [pid 15468] <... futex resumed>) = 1 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] <... futex resumed>) = 0 [pid 15472] chdir("./file0") = 0 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15468] <... futex resumed>) = 0 [ 272.756012][T15470] loop0: detected capacity change from 0 to 2048 [ 272.764932][T15473] loop4: detected capacity change from 0 to 2048 [ 272.772669][T15465] ext4 filesystem being mounted at /root/syzkaller.BrYHFk/548/bus supports timestamps until 2038 (0x7fffffff) [ 272.789169][T15472] ext4 filesystem being mounted at /root/syzkaller.oOsCj1/550/bus supports timestamps until 2038 (0x7fffffff) [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... write resumed>) = 1048576 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15457] <... futex resumed>) = 0 [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] <... futex resumed>) = 1 [pid 15460] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15472] <... futex resumed>) = 0 [pid 15468] <... futex resumed>) = 1 [pid 15472] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] <... open resumed>) = 4 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15465] <... open resumed>) = 4 [pid 15472] <... openat resumed>) = 5 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... futex resumed>) = 1 [pid 15472] <... futex resumed>) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15472] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15472] <... write resumed>) = 196608 [pid 15468] <... futex resumed>) = 0 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15468] <... futex resumed>) = 0 [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] <... futex resumed>) = 1 [pid 15472] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15472] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15464] <... futex resumed>) = 0 [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... futex resumed>) = 0 [pid 15464] <... futex resumed>) = 1 [pid 15465] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15465] <... openat resumed>) = 5 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15464] <... futex resumed>) = 0 [pid 15465] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... write resumed>) = 196608 [pid 15464] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15465] <... futex resumed>) = 0 [pid 15464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15465] mount("/dev/loop5", "./bus", NULL, MS_BIND, NULL [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... mount resumed>) = 0 [pid 15464] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15465] <... futex resumed>) = 0 [pid 15464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15465] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... open resumed>) = 6 [pid 15464] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15465] <... futex resumed>) = 0 [pid 15464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15465] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15468] <... futex resumed>) = 0 [pid 15464] <... futex resumed>) = 0 [pid 15472] <... open resumed>) = 6 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15460] <... openat resumed>) = 7 [pid 15473] <... mount resumed>) = 0 [pid 15472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15468] <... futex resumed>) = 0 [pid 15460] <... futex resumed>) = 1 [pid 15473] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15457] <... futex resumed>) = 0 [pid 15473] <... openat resumed>) = 3 [pid 15472] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15460] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15457] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] chdir("./bus" [pid 15460] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15458] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 15457] <... futex resumed>) = 0 [pid 15473] <... chdir resumed>) = 0 [pid 15460] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15458] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15457] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15473] ioctl(4, LOOP_CLR_FD [pid 15460] <... openat resumed>) = 8 [pid 15473] <... ioctl resumed>) = 0 [pid 15472] <... write resumed>) = 1048576 [pid 15460] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] <... futex resumed>) = 0 [ 272.826091][T15473] ext4 filesystem being mounted at /root/syzkaller.S75Mpf/551/bus supports timestamps until 2038 (0x7fffffff) [ 272.837531][T15460] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.849224][T15460] EXT4-fs error (device loop3) in ext4_free_blocks:6155: Corrupt filesystem [pid 15473] close(4 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... futex resumed>) = 1 [pid 15457] <... futex resumed>) = 0 [pid 15473] <... close resumed>) = 0 [pid 15472] <... futex resumed>) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15460] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15457] exit_group(0 [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15460] <... futex resumed>) = ? [pid 15457] <... exit_group resumed>) = ? [pid 15473] <... futex resumed>) = 1 [pid 15472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15470] <... mount resumed>) = 0 [pid 15468] <... futex resumed>) = 0 [pid 15466] <... futex resumed>) = 0 [pid 15460] +++ exited with 0 +++ [pid 15458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 15457] +++ exited with 0 +++ [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15472] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15470] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... write resumed>) = 1048576 [pid 15461] <... write resumed>) = 1048576 [pid 15458] <... mmap resumed>) = 0x7f1c2a0f5000 [pid 15473] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15470] <... openat resumed>) = 3 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] mprotect(0x7f1c2a0f6000, 131072, PROT_READ|PROT_WRITE [pid 410] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15457, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 15470] chdir("./bus" [pid 15465] <... futex resumed>) = 1 [pid 15464] <... futex resumed>) = 0 [pid 15461] <... futex resumed>) = 0 [pid 15458] <... mprotect resumed>) = 0 [pid 410] restart_syscall(<... resuming interrupted clone ...> [pid 15470] <... chdir resumed>) = 0 [pid 15465] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15458] clone(child_stack=0x7f1c2a1153f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 15470] ioctl(4, LOOP_CLR_FD [pid 15465] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15464] <... futex resumed>) = 0 [pid 410] <... restart_syscall resumed>) = 0 [pid 15470] <... ioctl resumed>) = 0 [pid 15465] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15458] <... clone resumed>, parent_tid=[15482], tls=0x7f1c2a115700, child_tidptr=0x7f1c2a1159d0) = 15482 ./strace-static-x86_64: Process 15482 attached [pid 15473] chdir("./file0" [pid 15466] <... futex resumed>) = 0 [pid 15482] set_robust_list(0x7f1c2a1159e0, 24 [pid 15473] <... chdir resumed>) = 0 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15482] <... set_robust_list resumed>) = 0 [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15482] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15473] <... futex resumed>) = 0 [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15466] <... futex resumed>) = 0 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15470] close(4) = 0 [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 272.876498][T15470] ext4 filesystem being mounted at /root/syzkaller.SuXpfZ/545/bus supports timestamps until 2038 (0x7fffffff) [ 272.895156][T15472] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.896529][T15465] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [pid 15470] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15473] <... open resumed>) = 4 [pid 15467] <... futex resumed>) = 0 [pid 15458] futex(0x7f1c3250f7b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15482] <... futex resumed>) = 0 [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15458] <... futex resumed>) = 1 [pid 410] umount2("./554", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15482] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15470] <... futex resumed>) = 0 [pid 15467] <... futex resumed>) = 1 [pid 15458] futex(0x7f1c3250f7bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15472] <... openat resumed>) = 7 [pid 15465] <... openat resumed>) = 7 [pid 15473] <... futex resumed>) = 1 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15472] <... futex resumed>) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... futex resumed>) = 1 [pid 15473] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15468] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15473] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15472] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15468] <... futex resumed>) = 0 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15473] <... openat resumed>) = 5 [pid 15472] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15468] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15472] <... openat resumed>) = 8 [pid 15473] <... futex resumed>) = 1 [pid 15472] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] <... futex resumed>) = 0 [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15472] <... futex resumed>) = 1 [pid 15468] <... futex resumed>) = 0 [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15472] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15468] exit_group(0 [pid 15466] <... futex resumed>) = 0 [pid 15473] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15472] <... futex resumed>) = ? [pid 15468] <... exit_group resumed>) = ? [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15473] <... write resumed>) = 196608 [pid 15472] +++ exited with 0 +++ [pid 15468] +++ exited with 0 +++ [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15466] <... futex resumed>) = 0 [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15470] chdir("./file0" [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15464] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "./554", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15473] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15470] <... chdir resumed>) = 0 [pid 15466] <... futex resumed>) = 0 [pid 15464] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... openat resumed>) = 3 [pid 408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15468, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... futex resumed>) = 0 [pid 15464] <... futex resumed>) = 1 [pid 410] fstat(3, [pid 15470] <... futex resumed>) = 1 [pid 15467] <... futex resumed>) = 0 [pid 15465] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15464] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15470] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... openat resumed>) = 8 [pid 410] getdents64(3, [pid 408] umount2("./550", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15467] <... futex resumed>) = 0 [pid 15465] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15470] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15465] <... futex resumed>) = 1 [pid 15464] <... futex resumed>) = 0 [pid 410] umount2("./554/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] openat(AT_FDCWD, "./550", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 15470] <... open resumed>) = 4 [pid 15465] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15464] exit_group(0 [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... openat resumed>) = 3 [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15465] <... futex resumed>) = ? [pid 15464] <... exit_group resumed>) = ? [pid 410] lstat("./554/binderfs", [pid 408] fstat(3, [pid 15482] <... openat resumed>) = 7 [pid 15473] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 15470] <... futex resumed>) = 1 [pid 15467] <... futex resumed>) = 0 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15465] +++ exited with 0 +++ [pid 15464] +++ exited with 0 +++ [pid 410] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15482] futex(0x7f1c3250f7bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] <... mount resumed>) = 0 [pid 15470] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15464, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 410] unlink("./554/binderfs" [pid 408] getdents64(3, [pid 15482] <... futex resumed>) = 1 [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15467] <... futex resumed>) = 0 [pid 15458] <... futex resumed>) = 0 [pid 410] <... unlink resumed>) = 0 [pid 15470] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15458] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] umount2("./554/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 15482] futex(0x7f1c3250f7b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15473] <... futex resumed>) = 1 [pid 15470] <... openat resumed>) = 5 [pid 15466] <... futex resumed>) = 0 [pid 15461] <... futex resumed>) = 0 [pid 15458] <... futex resumed>) = 1 [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15458] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 408] umount2("./550/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15473] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15470] <... futex resumed>) = 1 [pid 15467] <... futex resumed>) = 0 [pid 15466] <... futex resumed>) = 0 [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15473] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15470] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15461] <... openat resumed>) = 8 [pid 408] lstat("./550/binderfs", [pid 15473] <... open resumed>) = 6 [pid 15470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15467] <... futex resumed>) = 0 [pid 15461] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./548", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15470] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15461] <... futex resumed>) = 1 [pid 15458] <... futex resumed>) = 0 [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] unlink("./550/binderfs" [pid 15473] <... futex resumed>) = 1 [pid 15466] <... futex resumed>) = 0 [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15473] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15466] <... futex resumed>) = 0 [pid 15473] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15470] <... write resumed>) = 196608 [pid 15461] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15458] exit_group(0 [pid 412] openat(AT_FDCWD, "./548", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] <... unlink resumed>) = 0 [pid 15482] <... futex resumed>) = ? [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 15461] <... futex resumed>) = ? [pid 15458] <... exit_group resumed>) = ? [pid 412] <... openat resumed>) = 3 [pid 408] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15482] +++ exited with 0 +++ [pid 15470] <... futex resumed>) = 1 [pid 15467] <... futex resumed>) = 0 [pid 15461] +++ exited with 0 +++ [pid 15458] +++ exited with 0 +++ [pid 412] fstat(3, [pid 15470] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15467] <... futex resumed>) = 0 [pid 15470] <... mount resumed>) = 0 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] getdents64(3, [pid 409] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15458, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15467] <... futex resumed>) = 0 [pid 412] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./545", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15470] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 412] umount2("./548/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15467] <... futex resumed>) = 0 [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 15470] <... open resumed>) = 6 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./545", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] lstat("./548/binderfs", [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] <... openat resumed>) = 3 [pid 412] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 409] fstat(3, [pid 15470] <... futex resumed>) = 1 [pid 15467] <... futex resumed>) = 0 [pid 412] unlink("./548/binderfs" [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 15470] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 15470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 15467] <... futex resumed>) = 0 [pid 412] <... unlink resumed>) = 0 [pid 409] getdents64(3, [pid 15470] write(6, "\x2e\x2f\x62\x75\x73\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... getdents64 resumed>0x555555f76620 /* 4 entries */, 32768) = 104 [pid 409] umount2("./545/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 409] lstat("./545/binderfs", [pid 15473] <... write resumed>) = 1048576 [pid 409] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 15473] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] unlink("./545/binderfs" [pid 15473] <... futex resumed>) = 1 [pid 15473] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15466] <... futex resumed>) = 0 [pid 409] <... unlink resumed>) = 0 [pid 15466] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 409] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 15473] <... futex resumed>) = 0 [pid 15466] <... futex resumed>) = 1 [pid 15473] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 15466] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15470] <... write resumed>) = 1048576 [pid 15470] futex(0x7f1c3250f7ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15470] futex(0x7f1c3250f7a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 15467] <... futex resumed>) = 0 [pid 15467] futex(0x7f1c3250f7a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 15467] futex(0x7f1c3250f7ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 15470] <... futex resumed>) = 0 [ 272.921729][T15472] EXT4-fs error (device loop1) in ext4_free_blocks:6155: Corrupt filesystem [ 272.932445][T15465] EXT4-fs error (device loop5) in ext4_free_blocks:6155: Corrupt filesystem [ 272.932463][T15482] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:437: comm syz-executor214: Invalid block bitmap block 0 in block_group 0 [ 272.956835][T15482] EXT4-fs error (device loop2) in ext4_free_blocks:6155: Corrupt filesystem [pid 15470] openat(AT_FDCWD, "cpuacct.usage_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 412] <... umount2 resumed>) = 0 [pid 410] <... umount2 resumed>) = 0 [pid 409] <... umount2 resumed>) = 0 [pid 408] <... umount2 resumed>) = 0 [pid 412] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] lstat("./545/bus", [pid 412] lstat("./548/bus", [pid 408] lstat("./550/bus", [pid 409] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] umount2("./545/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] umount2("./548/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 408] umount2("./550/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 410] umount2("./554/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 412] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 408] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] openat(AT_FDCWD, "./545/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 412] openat(AT_FDCWD, "./548/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 408] openat(AT_FDCWD, "./550/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 410] lstat("./554/bus", [pid 412] <... openat resumed>) = 4 [pid 409] <... openat resumed>) = 4 [pid 408] <... openat resumed>) = 4 [pid 410] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 410] umount2("./554/bus", MNT_DETACH|UMOUNT_NOFOLLOW [pid 409] fstat(4, [pid 408] fstat(4, [pid 412] fstat(4, [pid 410] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 409] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 408] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 412] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 409] getdents64(4, [pid 408] getdents64(4, [pid 412] getdents64(4,