./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4056249921 <...> 00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4352] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4351] <... write resumed>) = 262144 [pid 4352] <... write resumed>) = 262144 [pid 4351] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4352] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4352] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4352] ioctl(4, LOOP_SET_FD, 3 [pid 4351] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4352] <... ioctl resumed>) = 0 [pid 4351] <... openat resumed>) = 4 [pid 4345] <... openat resumed>) = 4 [pid 4351] ioctl(4, LOOP_SET_FD, 3 [pid 4345] ioctl(4, LOOP_CLR_FD) = 0 [pid 4345] close(4 [pid 4352] close(3) = 0 [pid 4352] close(4 [pid 4351] <... ioctl resumed>) = 0 [pid 4351] close(3) = 0 [pid 4351] close(4 [pid 4345] <... close resumed>) = 0 [pid 4346] <... mount resumed>) = 0 [pid 4346] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4346] chdir("./bus") = 0 [pid 4346] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4345] memfd_create("syzkaller", 0) = 4 [pid 4345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4341] <... close resumed>) = 0 [pid 4341] exit_group(0) = ? [pid 4341] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4341, si_uid=0, si_status=0, si_utime=9, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4351] <... close resumed>) = 0 [pid 4351] mkdir("./bus", 0777) = 0 [ 195.038309][ T4345] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 195.052456][ T4345] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/196/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4351] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./201", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./201/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./201/binderfs") = 0 [pid 348] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [ 195.116093][ T4346] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/201/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4345] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4352] <... close resumed>) = 0 [pid 4346] <... openat resumed>) = 4 [pid 4352] mkdir("./bus", 0777 [pid 4346] ioctl(4, LOOP_CLR_FD [pid 4352] <... mkdir resumed>) = 0 [pid 4352] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4351] <... mount resumed>) = 0 [pid 4351] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4351] chdir("./bus") = 0 [pid 4351] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4345] <... write resumed>) = 20699119 [pid 4346] <... ioctl resumed>) = 0 [pid 4345] munmap(0x7f7c475b3000, 138412032 [pid 348] <... umount2 resumed>) = 0 [pid 4346] close(4) = 0 [pid 4346] memfd_create("syzkaller", 0) = 4 [pid 4346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4346] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4345] <... munmap resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./201/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./201/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 4345] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./201/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./201") = 0 [pid 348] mkdir("./202", 0777 [pid 4345] <... openat resumed>) = 5 [pid 348] <... mkdir resumed>) = 0 [pid 4345] ioctl(5, LOOP_SET_FD, 4 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4361 [pid 4351] <... openat resumed>) = 4 [pid 4351] ioctl(4, LOOP_CLR_FD) = 0 [pid 4351] close(4) = 0 [pid 4351] memfd_create("syzkaller", 0) = 4 [pid 4351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4345] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4345] ioctl(5, LOOP_CLR_FD) = 0 [pid 4352] <... mount resumed>) = 0 [pid 4352] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4352] chdir("./bus") = 0 ./strace-static-x86_64: Process 4361 attached [pid 4361] set_robust_list(0x555584fcf660, 24) = 0 [pid 4361] chdir("./202" [pid 4352] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4345] ioctl(5, LOOP_SET_FD, 4 [pid 4361] <... chdir resumed>) = 0 [pid 4361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4361] setpgid(0, 0 [pid 4345] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4361] <... setpgid resumed>) = 0 [pid 4361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4345] close(5 [pid 4361] <... openat resumed>) = 3 executing program [pid 4345] <... close resumed>) = 0 [pid 4361] write(3, "1000", 4) = 4 [pid 4361] close(3) = 0 [pid 4361] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4361] write(1, "executing program\n", 18) = 18 [pid 4361] memfd_create("syzkaller", 0) = 3 [pid 4361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4345] close(4 [pid 4361] <... write resumed>) = 262144 [pid 4361] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4361] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4361] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4361] close(3) = 0 [ 195.223259][ T4351] ext4 filesystem being mounted at /root/syzkaller.53SCZU/201/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4361] close(4) = 0 [pid 4352] <... openat resumed>) = 4 [pid 4361] mkdir("./bus", 0777) = 0 [pid 4352] ioctl(4, LOOP_CLR_FD [ 195.261991][ T4352] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/198/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4361] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4352] <... ioctl resumed>) = 0 [pid 4352] close(4) = 0 [pid 4352] memfd_create("syzkaller", 0) = 4 [pid 4352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4346] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4361] <... mount resumed>) = 0 [pid 4361] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4361] chdir("./bus") = 0 [pid 4361] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4361] ioctl(4, LOOP_CLR_FD) = 0 [pid 4361] close(4 [pid 4345] <... close resumed>) = 0 [pid 4361] <... close resumed>) = 0 [pid 4361] memfd_create("syzkaller", 0) = 4 [pid 4361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4345] exit_group(0) = ? [pid 4345] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4345, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./196", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./196", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./196/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./196/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./196/binderfs") = 0 [pid 342] umount2("./196/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 342] umount2("./196/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./196/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./196/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./196/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./196/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./196") = 0 [pid 342] mkdir("./197", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4365 ./strace-static-x86_64: Process 4365 attached [pid 4365] set_robust_list(0x555584fcf660, 24) = 0 [pid 4365] chdir("./197") = 0 [pid 4365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4365] setpgid(0, 0) = 0 [pid 4365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4365] write(3, "1000", 4) = 4 [pid 4365] close(3) = 0 [pid 4365] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4365] write(1, "executing program\n", 18) = 18 [pid 4365] memfd_create("syzkaller", 0) = 3 [pid 4365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4365] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4365] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4365] close(3) = 0 [pid 4365] close(4) = 0 [pid 4365] mkdir("./bus", 0777) = 0 [ 195.385526][ T4361] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/202/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4365] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4351] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4365] <... mount resumed>) = 0 [pid 4365] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4365] chdir("./bus") = 0 [pid 4365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4365] ioctl(4, LOOP_CLR_FD) = 0 [pid 4365] close(4) = 0 [pid 4365] memfd_create("syzkaller", 0) = 4 [pid 4365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4346] <... write resumed>) = 20699119 [pid 4352] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4346] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4346] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4346] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4346] ioctl(5, LOOP_CLR_FD) = 0 [pid 4346] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4346] close(5) = 0 [ 195.501895][ T4365] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/197/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4346] close(4 [pid 4351] <... write resumed>) = 20699119 [pid 4351] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4351] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4351] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4351] ioctl(5, LOOP_CLR_FD) = 0 [pid 4351] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4351] close(5) = 0 [pid 4351] close(4 [pid 4361] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4346] <... close resumed>) = 0 [pid 4346] exit_group(0) = ? [pid 4346] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4346, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4351] <... close resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./201", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./201/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./201/binderfs") = 0 [pid 343] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4351] exit_group(0) = ? [pid 4351] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4351, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./201", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./201/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./201/binderfs") = 0 [pid 349] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4352] <... write resumed>) = 20699119 [pid 4352] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4352] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4365] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4361] <... write resumed>) = 20699119 [pid 4361] munmap(0x7f7c475b3000, 138412032 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./201/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./201/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./201/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./201") = 0 [pid 343] mkdir("./202", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4361] <... munmap resumed>) = 0 [pid 4361] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4365] <... write resumed>) = 20699119 [pid 4365] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4365] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4352] <... openat resumed>) = 5 [pid 4361] <... openat resumed>) = 5 [pid 4365] <... openat resumed>) = 5 [pid 4365] ioctl(5, LOOP_SET_FD, 4 [pid 4361] ioctl(5, LOOP_SET_FD, 4 [pid 4365] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4361] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4361] ioctl(5, LOOP_CLR_FD) = 0 [pid 4365] ioctl(5, LOOP_CLR_FD) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4369 ./strace-static-x86_64: Process 4369 attached [pid 4369] set_robust_list(0x555584fcf660, 24) = 0 [pid 4361] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4365] ioctl(5, LOOP_SET_FD, 4 [pid 4361] close(5 [pid 4365] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4361] <... close resumed>) = 0 [pid 4365] close(5 [pid 4361] close(4 [pid 4365] <... close resumed>) = 0 [pid 4352] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... umount2 resumed>) = 0 [pid 4365] close(4 [pid 4352] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4352] ioctl(5, LOOP_CLR_FD [pid 349] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4352] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./201/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./201/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", [pid 4352] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) executing program [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4352] close(5) = 0 [pid 349] getdents64(4, [pid 4352] close(4 [pid 4369] chdir("./202") = 0 [pid 4369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4369] setpgid(0, 0) = 0 [pid 4369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4369] write(3, "1000", 4) = 4 [pid 4369] close(3) = 0 [pid 4369] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4369] write(1, "executing program\n", 18) = 18 [pid 4369] memfd_create("syzkaller", 0) = 3 [pid 4369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./201/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./201" [pid 4369] <... write resumed>) = 262144 [pid 349] <... rmdir resumed>) = 0 [pid 4369] munmap(0x7f7c475b3000, 138412032 [pid 349] mkdir("./202", 0777 [pid 4369] <... munmap resumed>) = 0 [pid 4369] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4369] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4369] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 4369] close(3) = 0 [pid 4369] close(4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4369] <... close resumed>) = 0 [pid 4369] mkdir("./bus", 0777) = 0 [pid 4369] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4371 ./strace-static-x86_64: Process 4371 attached [pid 4371] set_robust_list(0x555584fcf660, 24) = 0 [pid 4371] chdir("./202") = 0 [pid 4371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4371] setpgid(0, 0) = 0 [pid 4371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4371] write(3, "1000", 4) = 4 [pid 4371] close(3) = 0 [pid 4371] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4371] write(1, "executing program\n", 18) = 18 [pid 4371] memfd_create("syzkaller", 0) = 3 [pid 4371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4371] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4371] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4371] ioctl(4, LOOP_SET_FD, 3 [pid 4361] <... close resumed>) = 0 [pid 4371] <... ioctl resumed>) = 0 [pid 4371] close(3) = 0 [pid 4371] close(4) = 0 [pid 4369] <... mount resumed>) = 0 [pid 4365] <... close resumed>) = 0 [pid 4361] exit_group(0 [pid 4352] <... close resumed>) = 0 [pid 4365] exit_group(0 [pid 4361] <... exit_group resumed>) = ? [pid 4352] exit_group(0 [pid 4371] mkdir("./bus", 0777 [pid 4369] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4365] <... exit_group resumed>) = ? [pid 4361] +++ exited with 0 +++ [pid 4352] <... exit_group resumed>) = ? [pid 4371] <... mkdir resumed>) = 0 [pid 4365] +++ exited with 0 +++ [pid 4352] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4361, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 4369] <... openat resumed>) = 3 [pid 4369] chdir("./bus") = 0 [pid 4369] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4369] ioctl(4, LOOP_CLR_FD) = 0 [pid 4369] close(4 [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4365, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 348] <... restart_syscall resumed>) = 0 [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4352, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 342] umount2("./197", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./198", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] umount2("./202", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./198", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./197", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 348] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 348] newfstatat(3, "", [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 344] getdents64(3, [pid 342] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./202/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./198/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./197/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./198/binderfs", [pid 348] newfstatat(AT_FDCWD, "./202/binderfs", [pid 342] newfstatat(AT_FDCWD, "./197/binderfs", [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./198/binderfs" [pid 348] unlink("./202/binderfs" [pid 342] unlink("./197/binderfs" [pid 344] <... unlink resumed>) = 0 [pid 342] <... unlink resumed>) = 0 [pid 348] <... unlink resumed>) = 0 [pid 344] umount2("./198/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./197/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [ 195.933545][ T4369] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/202/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4371] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4369] <... close resumed>) = 0 [pid 4369] memfd_create("syzkaller", 0) = 4 [pid 4369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 348] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./198/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./197/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./202/bus", [pid 344] newfstatat(AT_FDCWD, "./198/bus", [pid 342] newfstatat(AT_FDCWD, "./197/bus", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./198/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./197/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] openat(AT_FDCWD, "./202/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] openat(AT_FDCWD, "./198/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(4, "", [pid 344] <... openat resumed>) = 4 [pid 342] openat(AT_FDCWD, "./197/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] newfstatat(4, "", [pid 348] getdents64(4, [pid 342] <... openat resumed>) = 4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] newfstatat(4, "", [pid 348] getdents64(4, [pid 344] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] close(4 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] <... close resumed>) = 0 [pid 344] getdents64(4, [pid 342] getdents64(4, [pid 348] rmdir("./202/bus" [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] <... rmdir resumed>) = 0 [pid 344] close(4 [pid 348] getdents64(3, [pid 342] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] <... close resumed>) = 0 [pid 348] close(3 [pid 344] rmdir("./198/bus" [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... close resumed>) = 0 [pid 4371] <... mount resumed>) = 0 [pid 348] rmdir("./202" [pid 344] <... rmdir resumed>) = 0 [pid 342] close(4 [pid 4371] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./203", 0777 [pid 344] getdents64(3, [pid 342] <... close resumed>) = 0 [pid 4371] <... openat resumed>) = 3 [pid 4371] chdir("./bus") = 0 [pid 348] <... mkdir resumed>) = 0 [pid 342] rmdir("./197/bus" [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4371] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... rmdir resumed>) = 0 [pid 344] close(3 [pid 348] <... openat resumed>) = 3 [pid 344] <... close resumed>) = 0 [pid 342] getdents64(3, [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] rmdir("./198" [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4371] <... openat resumed>) = 4 [pid 348] close(3 [pid 344] <... rmdir resumed>) = 0 [pid 342] close(3 [pid 348] <... close resumed>) = 0 [pid 344] mkdir("./199", 0777 [pid 342] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... mkdir resumed>) = 0 [pid 342] rmdir("./197" [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4371] ioctl(4, LOOP_CLR_FD) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4377 [pid 344] <... openat resumed>) = 3 [pid 342] mkdir("./198", 0777 [pid 344] ioctl(3, LOOP_CLR_FD [pid 4371] close(4 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... mkdir resumed>) = 0 [pid 344] close(3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4378 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4379 [pid 4371] <... close resumed>) = 0 [pid 4371] memfd_create("syzkaller", 0) = 4 [pid 4371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4379 attached [pid 4379] set_robust_list(0x555584fcf660, 24) = 0 [pid 4379] chdir("./198") = 0 [pid 4379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4379] setpgid(0, 0) = 0 [pid 4379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4379] write(3, "1000", 4) = 4 [pid 4379] close(3) = 0 [pid 4379] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4379] write(1, "executing program\n", 18) = 18 [pid 4379] memfd_create("syzkaller", 0) = 3 [pid 4379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4377 attached [pid 4379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4377] set_robust_list(0x555584fcf660, 24) = 0 [pid 4377] chdir("./203") = 0 [pid 4379] <... write resumed>) = 262144 [pid 4379] munmap(0x7f7c475b3000, 138412032./strace-static-x86_64: Process 4378 attached ) = 0 [pid 4379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4379] ioctl(4, LOOP_SET_FD, 3 [pid 4377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4377] setpgid(0, 0 [pid 4378] set_robust_list(0x555584fcf660, 24 [pid 4377] <... setpgid resumed>) = 0 [pid 4377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4378] <... set_robust_list resumed>) = 0 [pid 4378] chdir("./199" [pid 4377] <... openat resumed>) = 3 [pid 4378] <... chdir resumed>) = 0 [pid 4378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4378] setpgid(0, 0) = 0 [pid 4377] write(3, "1000", 4 [pid 4378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4377] <... write resumed>) = 4 [pid 4377] close(3) = 0 [pid 4377] symlink("/dev/binderfs", "./binderfs" [pid 4378] <... openat resumed>) = 3 [pid 4377] <... symlink resumed>) = 0 [pid 4378] write(3, "1000", 4) = 4 [pid 4378] close(3) = 0 [pid 4378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4377] write(1, "executing program\n", 18executing program ) = 18 [pid 4377] memfd_create("syzkaller", 0) = 3 [pid 4378] write(1, "executing program\n", 18executing program ) = 18 [pid 4378] memfd_create("syzkaller", 0 [pid 4377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4379] <... ioctl resumed>) = 0 [pid 4377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4379] close(3) = 0 [pid 4379] close(4 [pid 4378] <... memfd_create resumed>) = 3 [pid 4377] <... write resumed>) = 262144 [pid 4377] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4377] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4378] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 196.113031][ T4371] ext4 filesystem being mounted at /root/syzkaller.53SCZU/202/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4369] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4379] <... close resumed>) = 0 [pid 4378] <... openat resumed>) = 4 [pid 4377] <... openat resumed>) = 4 [pid 4377] ioctl(4, LOOP_SET_FD, 3 [pid 4378] ioctl(4, LOOP_SET_FD, 3 [pid 4379] mkdir("./bus", 0777) = 0 [pid 4379] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4377] <... ioctl resumed>) = 0 [pid 4377] close(3) = 0 [pid 4377] close(4 [pid 4378] <... ioctl resumed>) = 0 [pid 4378] close(3) = 0 [pid 4378] close(4 [pid 4371] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4377] <... close resumed>) = 0 [pid 4377] mkdir("./bus", 0777) = 0 [pid 4377] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4379] <... mount resumed>) = 0 [pid 4379] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4379] chdir("./bus") = 0 [pid 4379] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4369] <... write resumed>) = 20699119 [pid 4369] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4369] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4371] <... write resumed>) = 20699119 [pid 4371] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4371] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4379] <... openat resumed>) = 4 [pid 4378] <... close resumed>) = 0 [pid 4379] ioctl(4, LOOP_CLR_FD [pid 4378] mkdir("./bus", 0777 [pid 4379] <... ioctl resumed>) = 0 [pid 4378] <... mkdir resumed>) = 0 [pid 4379] close(4 [pid 4378] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4379] <... close resumed>) = 0 [pid 4379] memfd_create("syzkaller", 0) = 4 [pid 4379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4371] <... openat resumed>) = 5 [pid 4369] <... openat resumed>) = 5 [pid 4371] ioctl(5, LOOP_SET_FD, 4 [pid 4369] ioctl(5, LOOP_SET_FD, 4 [pid 4371] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4369] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4371] ioctl(5, LOOP_CLR_FD [pid 4369] ioctl(5, LOOP_CLR_FD [pid 4371] <... ioctl resumed>) = 0 [pid 4369] <... ioctl resumed>) = 0 [ 196.261274][ T4379] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/198/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4377] <... mount resumed>) = 0 [pid 4377] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4378] <... mount resumed>) = 0 [pid 4378] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4377] <... openat resumed>) = 3 [pid 4371] ioctl(5, LOOP_SET_FD, 4 [pid 4369] ioctl(5, LOOP_SET_FD, 4 [pid 4371] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4369] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4378] <... openat resumed>) = 3 [pid 4377] chdir("./bus" [pid 4371] close(5 [pid 4369] close(5 [pid 4377] <... chdir resumed>) = 0 [pid 4371] <... close resumed>) = 0 [pid 4369] <... close resumed>) = 0 [pid 4371] close(4 [pid 4369] close(4 [pid 4377] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4377] ioctl(4, LOOP_CLR_FD) = 0 [pid 4377] close(4) = 0 [pid 4377] memfd_create("syzkaller", 0) = 4 [pid 4377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4378] chdir("./bus") = 0 [pid 4378] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4378] ioctl(4, LOOP_CLR_FD) = 0 [pid 4378] close(4) = 0 [pid 4378] memfd_create("syzkaller", 0) = 4 [pid 4378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 196.353101][ T4377] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/203/bus supports timestamps until (%ptR?) (0x7fffffff) [ 196.365893][ T4378] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/199/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4371] <... close resumed>) = 0 [pid 4371] exit_group(0) = ? [pid 4371] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4371, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4369] <... close resumed>) = 0 [pid 4379] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4369] exit_group(0 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./202", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./202/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./202/binderfs") = 0 [pid 349] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4369] <... exit_group resumed>) = ? [pid 4369] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4369, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./202", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./202/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./202/binderfs") = 0 [pid 343] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./202/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./202/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./202/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./202") = 0 [pid 349] mkdir("./203", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4377] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4378] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4379] <... write resumed>) = 20699119 [pid 4379] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4379] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 4379] <... openat resumed>) = 5 [pid 349] <... openat resumed>) = 3 [pid 343] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4379] ioctl(5, LOOP_SET_FD, 4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4379] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] newfstatat(AT_FDCWD, "./202/bus", [pid 4379] ioctl(5, LOOP_CLR_FD [pid 349] close(3 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4379] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 343] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./202/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4389 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4379] ioctl(5, LOOP_SET_FD, 4 [pid 343] getdents64(4, [pid 4379] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4379] close(5 [pid 343] getdents64(4, [pid 4379] <... close resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4379] close(4 [pid 343] close(4) = 0 [pid 343] rmdir("./202/bus"./strace-static-x86_64: Process 4389 attached ) = 0 [pid 4389] set_robust_list(0x555584fcf660, 24 [pid 343] getdents64(3, [pid 4389] <... set_robust_list resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4389] chdir("./203" [pid 343] close(3 [pid 4389] <... chdir resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 4389] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] rmdir("./202" [pid 4389] <... prctl resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 4389] setpgid(0, 0 [pid 343] mkdir("./203", 0777 [pid 4389] <... setpgid resumed>) = 0 [pid 4389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... mkdir resumed>) = 0 [pid 4389] <... openat resumed>) = 3 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4389] write(3, "1000", 4 [pid 343] <... openat resumed>) = 3 [pid 4389] <... write resumed>) = 4 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4389] close(3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4389] <... close resumed>) = 0 [pid 343] close(3 [pid 4389] symlink("/dev/binderfs", "./binderfs" [pid 343] <... close resumed>) = 0 [pid 4389] <... symlink resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4389] write(1, "executing program\n", 18executing program ) = 18 [pid 4389] memfd_create("syzkaller", 0 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4390 [pid 4389] <... memfd_create resumed>) = 3 [pid 4389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4389] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4389] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4389] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4389] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4390 attached ) = 0 [pid 4389] close(3 [pid 4390] set_robust_list(0x555584fcf660, 24) = 0 [pid 4389] <... close resumed>) = 0 [pid 4389] close(4 [pid 4390] chdir("./203") = 0 [pid 4390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4390] setpgid(0, 0) = 0 [pid 4390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4390] write(3, "1000", 4) = 4 [pid 4390] close(3) = 0 [pid 4390] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4390] write(1, "executing program\n", 18executing program ) = 18 [pid 4390] memfd_create("syzkaller", 0) = 3 [pid 4390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4390] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4390] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4378] <... write resumed>) = 20699119 [pid 4390] <... openat resumed>) = 4 [pid 4389] <... close resumed>) = 0 [pid 4378] munmap(0x7f7c475b3000, 138412032 [pid 4390] ioctl(4, LOOP_SET_FD, 3 [pid 4389] mkdir("./bus", 0777 [pid 4378] <... munmap resumed>) = 0 [pid 4389] <... mkdir resumed>) = 0 [pid 4389] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4390] <... ioctl resumed>) = 0 [pid 4378] <... openat resumed>) = 5 [pid 4390] close(3 [pid 4378] ioctl(5, LOOP_SET_FD, 4 [pid 4390] <... close resumed>) = 0 [pid 4378] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4390] close(4 [pid 4378] ioctl(5, LOOP_CLR_FD [pid 4390] <... close resumed>) = 0 [pid 4378] <... ioctl resumed>) = 0 [pid 4390] mkdir("./bus", 0777) = 0 [pid 4390] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4378] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4378] close(5) = 0 [pid 4378] close(4 [pid 4377] <... write resumed>) = 20699119 [pid 4377] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4377] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4377] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4377] ioctl(5, LOOP_CLR_FD) = 0 [pid 4377] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4377] close(5) = 0 [pid 4377] close(4 [pid 4379] <... close resumed>) = 0 [pid 4379] exit_group(0) = ? [pid 4379] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4379, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./198", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./198", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./198/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./198/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./198/binderfs") = 0 [pid 342] umount2("./198/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4389] <... mount resumed>) = 0 [pid 4389] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4389] chdir("./bus") = 0 [pid 4389] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4390] <... mount resumed>) = 0 [pid 4390] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4390] chdir("./bus") = 0 [pid 4390] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4378] <... close resumed>) = 0 [pid 4378] exit_group(0) = ? [pid 4378] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4378, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4377] <... close resumed>) = 0 [pid 4390] <... openat resumed>) = 4 [pid 4389] <... openat resumed>) = 4 [pid 4377] exit_group(0 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./198/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./198/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./198/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./198/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./198/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./198" [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./199", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./199", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... rmdir resumed>) = 0 [pid 344] umount2("./199/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4390] ioctl(4, LOOP_CLR_FD [pid 4389] ioctl(4, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./199/binderfs", [pid 4390] <... ioctl resumed>) = 0 [pid 4389] <... ioctl resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] mkdir("./199", 0777 [pid 4390] close(4 [pid 4389] close(4 [pid 344] unlink("./199/binderfs" [pid 342] <... mkdir resumed>) = 0 [pid 4390] <... close resumed>) = 0 [pid 4389] <... close resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 344] umount2("./199/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 4389] memfd_create("syzkaller", 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4390] memfd_create("syzkaller", 0) = 4 [pid 4389] <... memfd_create resumed>) = 4 [pid 342] close(3 [pid 4390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] <... close resumed>) = 0 [pid 4390] <... mmap resumed>) = 0x7f7c475b3000 [pid 4389] <... mmap resumed>) = 0x7f7c475b3000 executing program [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4397 [pid 4377] <... exit_group resumed>) = ? [pid 4377] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4377, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 4397 attached [pid 4397] set_robust_list(0x555584fcf660, 24) = 0 [pid 4397] chdir("./199") = 0 [pid 4397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4397] setpgid(0, 0) = 0 [pid 4397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4397] write(3, "1000", 4) = 4 [pid 4397] close(3) = 0 [pid 4397] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4397] write(1, "executing program\n", 18) = 18 [pid 4397] memfd_create("syzkaller", 0) = 3 [pid 4397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4397] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4397] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4397] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4397] close(3 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./203", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./203/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./203/binderfs") = 0 [pid 348] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4397] <... close resumed>) = 0 [pid 4397] close(4) = 0 [pid 4397] mkdir("./bus", 0777) = 0 [ 196.737918][ T4389] ext4 filesystem being mounted at /root/syzkaller.53SCZU/203/bus supports timestamps until (%ptR?) (0x7fffffff) [ 196.751987][ T4390] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/203/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4397] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4390] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4389] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 344] umount2("./199/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./199/bus", [pid 348] newfstatat(AT_FDCWD, "./203/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./199/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./203/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] openat(AT_FDCWD, "./199/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... openat resumed>) = 4 [pid 348] getdents64(4, [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] close(4 [pid 344] getdents64(4, [pid 348] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] rmdir("./203/bus" [pid 344] close(4) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 344] rmdir("./199/bus" [pid 348] getdents64(3, [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3 [pid 344] close(3 [pid 348] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] rmdir("./203" [pid 344] rmdir("./199" [pid 348] <... rmdir resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 348] mkdir("./204", 0777 [pid 344] mkdir("./200", 0777 [pid 348] <... mkdir resumed>) = 0 [pid 344] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3 [pid 348] close(3) = 0 [pid 344] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4401 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4402 ./strace-static-x86_64: Process 4402 attached [pid 4402] set_robust_list(0x555584fcf660, 24) = 0 [pid 4402] chdir("./200") = 0 [pid 4402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4402] setpgid(0, 0) = 0 [pid 4402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4402] write(3, "1000", 4) = 4 [pid 4402] close(3) = 0 [pid 4402] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4402] write(1, "executing program\n", 18executing program ) = 18 [pid 4402] memfd_create("syzkaller", 0) = 3 [pid 4402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 ./strace-static-x86_64: Process 4401 attached [pid 4402] munmap(0x7f7c475b3000, 138412032 [pid 4401] set_robust_list(0x555584fcf660, 24) = 0 [pid 4401] chdir("./204") = 0 [pid 4401] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4402] <... munmap resumed>) = 0 [pid 4401] <... prctl resumed>) = 0 [pid 4401] setpgid(0, 0) = 0 [pid 4402] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4402] <... openat resumed>) = 4 [pid 4402] ioctl(4, LOOP_SET_FD, 3 [pid 4401] <... openat resumed>) = 3 [pid 4401] write(3, "1000", 4) = 4 [pid 4401] close(3) = 0 [pid 4401] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4401] write(1, "executing program\n", 18) = 18 [pid 4390] <... write resumed>) = 20699119 [pid 4401] memfd_create("syzkaller", 0 [pid 4402] <... ioctl resumed>) = 0 [pid 4402] close(3 [pid 4390] munmap(0x7f7c475b3000, 138412032 [pid 4402] <... close resumed>) = 0 [pid 4402] close(4) = 0 [pid 4402] mkdir("./bus", 0777 [pid 4390] <... munmap resumed>) = 0 [pid 4401] <... memfd_create resumed>) = 3 [pid 4402] <... mkdir resumed>) = 0 [pid 4402] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4390] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4390] <... openat resumed>) = 5 [pid 4390] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4390] ioctl(5, LOOP_CLR_FD) = 0 [pid 4401] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4390] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4390] close(5 [pid 4401] <... write resumed>) = 262144 [pid 4397] <... mount resumed>) = 0 [pid 4390] <... close resumed>) = 0 [pid 4401] munmap(0x7f7c475b3000, 138412032 [pid 4397] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4401] <... munmap resumed>) = 0 [pid 4397] <... openat resumed>) = 3 [pid 4401] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4397] chdir("./bus" [pid 4401] ioctl(4, LOOP_SET_FD, 3 [pid 4397] <... chdir resumed>) = 0 [pid 4397] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4390] close(4 [pid 4401] <... ioctl resumed>) = 0 [pid 4397] <... openat resumed>) = 4 [pid 4401] close(3 [pid 4397] ioctl(4, LOOP_CLR_FD [pid 4401] <... close resumed>) = 0 [pid 4397] <... ioctl resumed>) = 0 [pid 4401] close(4 [pid 4397] close(4 [pid 4389] <... write resumed>) = 20699119 [pid 4402] <... mount resumed>) = 0 [pid 4389] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4402] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4389] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4402] <... openat resumed>) = 3 [pid 4402] chdir("./bus") = 0 [pid 4402] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4401] <... close resumed>) = 0 [pid 4397] <... close resumed>) = 0 [pid 4389] <... openat resumed>) = 5 [pid 4397] memfd_create("syzkaller", 0 [pid 4401] mkdir("./bus", 0777 [pid 4402] ioctl(4, LOOP_CLR_FD [pid 4389] ioctl(5, LOOP_SET_FD, 4 [pid 4401] <... mkdir resumed>) = 0 [pid 4397] <... memfd_create resumed>) = 4 [pid 4401] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4389] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [ 196.967952][ T4397] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/199/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4389] ioctl(5, LOOP_CLR_FD [pid 4390] <... close resumed>) = 0 [pid 4390] exit_group(0) = ? [pid 4390] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4390, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4402] <... ioctl resumed>) = 0 [pid 4389] <... ioctl resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./203", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./203/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./203/binderfs") = 0 [pid 343] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4402] close(4) = 0 [pid 4402] memfd_create("syzkaller", 0) = 4 [pid 4402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4389] ioctl(5, LOOP_SET_FD, 4 [pid 4402] <... mmap resumed>) = 0x7f7c475b3000 [pid 4389] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4389] close(5) = 0 [pid 4389] close(4 [pid 4401] <... mount resumed>) = 0 [pid 4401] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4401] chdir("./bus") = 0 [pid 4401] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4401] ioctl(4, LOOP_CLR_FD) = 0 [pid 4401] close(4 [pid 343] <... umount2 resumed>) = 0 [pid 4401] <... close resumed>) = 0 [pid 4401] memfd_create("syzkaller", 0) = 4 [pid 4401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 197.027939][ T4402] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/200/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./203/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./203/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./203/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./203") = 0 [pid 343] mkdir("./204", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4409 ./strace-static-x86_64: Process 4409 attached [pid 4409] set_robust_list(0x555584fcf660, 24) = 0 [pid 4409] chdir("./204") = 0 [pid 4409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4409] setpgid(0, 0) = 0 [pid 4409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4409] write(3, "1000", 4) = 4 [pid 4409] close(3) = 0 [pid 4409] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4409] write(1, "executing program\n", 18executing program ) = 18 [pid 4409] memfd_create("syzkaller", 0) = 3 [pid 4409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4409] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4409] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4409] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4409] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4409] close(3) = 0 [pid 4409] close(4) = 0 [pid 4409] mkdir("./bus", 0777) = 0 [ 197.099568][ T4401] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/204/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4409] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4397] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4409] <... mount resumed>) = 0 [pid 4409] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4409] chdir("./bus") = 0 [pid 4409] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4409] ioctl(4, LOOP_CLR_FD) = 0 [pid 4409] close(4 [pid 4389] <... close resumed>) = 0 [pid 4409] <... close resumed>) = 0 [pid 4389] exit_group(0 [pid 4409] memfd_create("syzkaller", 0 [pid 4389] <... exit_group resumed>) = ? [pid 4409] <... memfd_create resumed>) = 4 [pid 4409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4389] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4389, si_uid=0, si_status=0, si_utime=7, si_stime=9} --- [pid 4409] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./203", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./203/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./203/binderfs") = 0 [ 197.196872][ T4409] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/204/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 349] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./203/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./203/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./203/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./203") = 0 [pid 349] mkdir("./204", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4413 ./strace-static-x86_64: Process 4413 attached [pid 4413] set_robust_list(0x555584fcf660, 24) = 0 [pid 4413] chdir("./204") = 0 [pid 4413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4413] setpgid(0, 0) = 0 [pid 4413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4413] write(3, "1000", 4) = 4 [pid 4413] close(3) = 0 [pid 4413] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4413] write(1, "executing program\n", 18) = 18 [pid 4413] memfd_create("syzkaller", 0) = 3 [pid 4413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4402] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4413] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4413] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4413] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4413] close(3) = 0 [pid 4413] close(4) = 0 [pid 4413] mkdir("./bus", 0777) = 0 [pid 4413] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4401] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4402] <... write resumed>) = 20699119 [pid 4402] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4402] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4397] <... write resumed>) = 20699119 [pid 4397] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4397] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4402] <... openat resumed>) = 5 [pid 4397] <... openat resumed>) = 5 [pid 4402] ioctl(5, LOOP_SET_FD, 4 [pid 4397] ioctl(5, LOOP_SET_FD, 4 [pid 4402] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4397] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4402] ioctl(5, LOOP_CLR_FD [pid 4397] ioctl(5, LOOP_CLR_FD [pid 4402] <... ioctl resumed>) = 0 [pid 4397] <... ioctl resumed>) = 0 [pid 4402] ioctl(5, LOOP_SET_FD, 4 [pid 4397] ioctl(5, LOOP_SET_FD, 4 [pid 4402] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4397] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4402] close(5 [pid 4397] close(5 [pid 4402] <... close resumed>) = 0 [pid 4397] <... close resumed>) = 0 [pid 4402] close(4 [pid 4397] close(4 [pid 4409] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4413] <... mount resumed>) = 0 [pid 4413] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4413] chdir("./bus") = 0 [pid 4413] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4413] ioctl(4, LOOP_CLR_FD) = 0 [pid 4413] close(4) = 0 [pid 4413] memfd_create("syzkaller", 0) = 4 [pid 4413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4401] <... write resumed>) = 20699119 [pid 4401] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4397] <... close resumed>) = 0 [pid 4397] exit_group(0) = ? [pid 4397] +++ exited with 0 +++ [pid 4401] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4401] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4401] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4397, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4401] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4401] close(5) = 0 [pid 4401] close(4 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./199", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./199", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./199/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./199/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./199/binderfs") = 0 [ 197.457913][ T4413] ext4 filesystem being mounted at /root/syzkaller.53SCZU/204/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./199/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 342] umount2("./199/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./199/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./199/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./199/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./199/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./199") = 0 [pid 342] mkdir("./200", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4417 ./strace-static-x86_64: Process 4417 attached [pid 4417] set_robust_list(0x555584fcf660, 24) = 0 [pid 4417] chdir("./200") = 0 [pid 4417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4417] setpgid(0, 0) = 0 [pid 4417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 4417] write(3, "1000", 4) = 4 [pid 4417] close(3) = 0 [pid 4417] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4417] write(1, "executing program\n", 18) = 18 [pid 4417] memfd_create("syzkaller", 0) = 3 [pid 4417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4402] <... close resumed>) = 0 [pid 4402] exit_group(0) = ? [pid 4417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4402] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4402, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./200", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./200", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./200/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./200/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./200/binderfs") = 0 [pid 344] umount2("./200/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4417] <... write resumed>) = 262144 [pid 4417] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4417] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4417] close(3) = 0 [pid 4417] close(4 [pid 4401] <... close resumed>) = 0 [pid 4401] exit_group(0) = ? [pid 4401] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4401, si_uid=0, si_status=0, si_utime=8, si_stime=11} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./204", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 4409] <... write resumed>) = 20699119 [pid 348] umount2("./204/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4409] munmap(0x7f7c475b3000, 138412032 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./204/binderfs" [pid 4409] <... munmap resumed>) = 0 [pid 348] <... unlink resumed>) = 0 [pid 4409] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4413] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./200/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./200/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./200/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./200/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./200/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./200") = 0 [pid 344] mkdir("./201", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4413] <... write resumed>) = 20699119 [pid 4413] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4413] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4417] <... close resumed>) = 0 [pid 4409] <... openat resumed>) = 5 [pid 4417] mkdir("./bus", 0777 [pid 4409] ioctl(5, LOOP_SET_FD, 4 [pid 4417] <... mkdir resumed>) = 0 [pid 4417] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4409] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4409] ioctl(5, LOOP_CLR_FD [pid 4413] <... openat resumed>) = 5 [pid 344] <... openat resumed>) = 3 [pid 4413] ioctl(5, LOOP_SET_FD, 4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 4413] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4413] ioctl(5, LOOP_CLR_FD) = 0 [pid 4409] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] close(3 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... close resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./204/bus", [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4413] ioctl(5, LOOP_SET_FD, 4 [pid 4409] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4419 [pid 4413] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4409] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4413] close(5 [pid 4409] close(5 [pid 348] openat(AT_FDCWD, "./204/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4413] <... close resumed>) = 0 [pid 4409] <... close resumed>) = 0 [pid 348] <... openat resumed>) = 4 [pid 4413] close(4 [pid 4409] close(4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./204/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./204") = 0 [pid 348] mkdir("./205", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4421 ./strace-static-x86_64: Process 4419 attached [pid 4419] set_robust_list(0x555584fcf660, 24) = 0 [pid 4419] chdir("./201") = 0 [pid 4419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4419] setpgid(0, 0) = 0 [pid 4419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4419] write(3, "1000", 4) = 4 [pid 4419] close(3) = 0 [pid 4419] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4419] write(1, "executing program\n", 18executing program ) = 18 [pid 4419] memfd_create("syzkaller", 0./strace-static-x86_64: Process 4421 attached ) = 3 [pid 4419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4421] set_robust_list(0x555584fcf660, 24) = 0 [pid 4419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4421] chdir("./205") = 0 [pid 4419] <... write resumed>) = 262144 [pid 4419] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4419] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4419] ioctl(4, LOOP_SET_FD, 3 [pid 4421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4417] <... mount resumed>) = 0 [pid 4421] setpgid(0, 0 [pid 4417] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4421] <... setpgid resumed>) = 0 [pid 4421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4417] <... openat resumed>) = 3 [pid 4421] <... openat resumed>) = 3 [pid 4419] <... ioctl resumed>) = 0 [pid 4417] chdir("./bus" [pid 4419] close(3) = 0 [pid 4419] close(4 [pid 4421] write(3, "1000", 4 [pid 4417] <... chdir resumed>) = 0 [pid 4421] <... write resumed>) = 4 [pid 4421] close(3 [pid 4417] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4421] <... close resumed>) = 0 executing program [pid 4421] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4421] write(1, "executing program\n", 18) = 18 [pid 4421] memfd_create("syzkaller", 0) = 3 [pid 4421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4421] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4421] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4421] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4409] <... close resumed>) = 0 [pid 4409] exit_group(0) = ? [pid 4409] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4409, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 343] umount2("./204", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, [pid 4413] <... close resumed>) = 0 [pid 4413] exit_group(0) = ? [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./204/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4413] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4413, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4419] <... close resumed>) = 0 [pid 4417] <... openat resumed>) = 4 [pid 4421] <... openat resumed>) = 4 [pid 4419] mkdir("./bus", 0777 [pid 4417] ioctl(4, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4419] <... mkdir resumed>) = 0 [pid 4419] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4421] ioctl(4, LOOP_SET_FD, 3 [pid 4417] <... ioctl resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./204/binderfs", [pid 4417] close(4 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./204/binderfs") = 0 [pid 343] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4421] <... ioctl resumed>) = 0 [pid 4417] <... close resumed>) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./204", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4421] close(3 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4421] <... close resumed>) = 0 [pid 349] openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4421] close(4 [pid 349] <... openat resumed>) = 3 [pid 4421] <... close resumed>) = 0 [pid 349] newfstatat(3, "", [pid 4421] mkdir("./bus", 0777 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4421] <... mkdir resumed>) = 0 [pid 349] getdents64(3, [pid 4421] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./204/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./204/binderfs") = 0 [pid 349] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4417] memfd_create("syzkaller", 0) = 4 [pid 4417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4419] <... mount resumed>) = 0 [pid 4419] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4419] chdir("./bus") = 0 [pid 4419] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4421] <... mount resumed>) = 0 [pid 4421] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4421] chdir("./bus") = 0 [ 197.836327][ T4417] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/200/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4421] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./204/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./204/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./204/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./204") = 0 [pid 343] mkdir("./205", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4417] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 4417] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4417] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4421] <... openat resumed>) = 4 [pid 4419] <... openat resumed>) = 4 [pid 4417] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 4419] ioctl(4, LOOP_CLR_FD [pid 349] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] ioctl(3, LOOP_CLR_FD [pid 4419] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 197.905911][ T4419] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/201/bus supports timestamps until (%ptR?) (0x7fffffff) [ 197.920766][ T4421] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/205/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4419] close(4 [pid 349] newfstatat(AT_FDCWD, "./204/bus", [pid 4421] ioctl(4, LOOP_CLR_FD [pid 4419] <... close resumed>) = 0 [pid 4417] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] close(3 [pid 4419] memfd_create("syzkaller", 0 [pid 349] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4419] <... memfd_create resumed>) = 4 [pid 4419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... close resumed>) = 0 [pid 4419] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] openat(AT_FDCWD, "./204/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4421] <... ioctl resumed>) = 0 [pid 4417] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... openat resumed>) = 4 [pid 4421] close(4) = 0 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4429 [pid 349] getdents64(4, [pid 4417] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4421] memfd_create("syzkaller", 0 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 4421] <... memfd_create resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 4421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] rmdir("./204/bus" [pid 4421] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./204" [pid 4417] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4417] close(5) = 0 [pid 4417] close(4 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./205", 0777./strace-static-x86_64: Process 4429 attached [pid 4429] set_robust_list(0x555584fcf660, 24 [pid 349] <... mkdir resumed>) = 0 [pid 4429] <... set_robust_list resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4429] chdir("./205" [pid 349] <... openat resumed>) = 3 [pid 4429] <... chdir resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4429] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 4429] <... prctl resumed>) = 0 [pid 4429] setpgid(0, 0 [pid 349] <... close resumed>) = 0 [pid 4429] <... setpgid resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4430 [pid 4429] <... openat resumed>) = 3 [pid 4429] write(3, "1000", 4) = 4 [pid 4429] close(3) = 0 [pid 4429] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4429] write(1, "executing program\n", 18executing program ) = 18 [pid 4429] memfd_create("syzkaller", 0) = 3 [pid 4429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4429] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4429] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4429] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4430 attached ) = 0 [pid 4429] close(3 [pid 4430] set_robust_list(0x555584fcf660, 24) = 0 [pid 4429] <... close resumed>) = 0 [pid 4429] close(4 [pid 4430] chdir("./205") = 0 [pid 4430] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4430] setpgid(0, 0) = 0 [pid 4430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4430] write(3, "1000", 4) = 4 [pid 4430] close(3) = 0 [pid 4430] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4430] write(1, "executing program\n", 18executing program ) = 18 [pid 4430] memfd_create("syzkaller", 0) = 3 [pid 4430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4430] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4430] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4429] <... close resumed>) = 0 [pid 4429] mkdir("./bus", 0777 [pid 4430] ioctl(4, LOOP_SET_FD, 3 [pid 4429] <... mkdir resumed>) = 0 [pid 4429] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4430] <... ioctl resumed>) = 0 [pid 4430] close(3) = 0 [pid 4430] close(4) = 0 [pid 4430] mkdir("./bus", 0777) = 0 [pid 4430] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4417] <... close resumed>) = 0 [pid 4417] exit_group(0) = ? [pid 4417] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4417, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4430] <... mount resumed>) = 0 [pid 4429] <... mount resumed>) = 0 [pid 4430] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4429] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4430] chdir("./bus") = 0 [pid 4429] chdir("./bus" [pid 4430] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4429] <... chdir resumed>) = 0 [pid 4430] <... openat resumed>) = 4 [pid 4429] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4430] ioctl(4, LOOP_CLR_FD [pid 4429] ioctl(4, LOOP_CLR_FD [pid 4430] <... ioctl resumed>) = 0 [pid 4429] <... ioctl resumed>) = 0 [pid 4430] close(4 [pid 4429] close(4 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./200", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4429] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4429] memfd_create("syzkaller", 0 [pid 342] openat(AT_FDCWD, "./200", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4429] <... memfd_create resumed>) = 4 [pid 4429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] newfstatat(3, "", [pid 4429] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, [pid 4430] <... close resumed>) = 0 [pid 4430] memfd_create("syzkaller", 0) = 4 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 4430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] umount2("./200/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./200/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./200/binderfs") = 0 [pid 342] umount2("./200/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4421] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4419] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./200/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./200/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./200/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./200/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./200/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./200") = 0 [pid 342] mkdir("./201", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 198.136175][ T4429] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/205/bus supports timestamps until (%ptR?) (0x7fffffff) [ 198.149868][ T4430] ext4 filesystem being mounted at /root/syzkaller.53SCZU/205/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4437 ./strace-static-x86_64: Process 4437 attached [pid 4437] set_robust_list(0x555584fcf660, 24) = 0 [pid 4437] chdir("./201") = 0 [pid 4437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4437] setpgid(0, 0) = 0 [pid 4437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4437] write(3, "1000", 4) = 4 [pid 4437] close(3) = 0 [pid 4437] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4437] write(1, "executing program\n", 18) = 18 [pid 4437] memfd_create("syzkaller", 0) = 3 [pid 4437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4437] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4437] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4437] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4437] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4437] close(3) = 0 [pid 4437] close(4 [pid 4429] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4437] <... close resumed>) = 0 [pid 4437] mkdir("./bus", 0777) = 0 [pid 4437] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4430] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4419] <... write resumed>) = 20699119 [pid 4419] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4419] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4419] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4419] ioctl(5, LOOP_CLR_FD) = 0 [pid 4421] <... write resumed>) = 20699119 [pid 4421] munmap(0x7f7c475b3000, 138412032 [pid 4419] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4419] close(5) = 0 [pid 4419] close(4 [pid 4421] <... munmap resumed>) = 0 [pid 4421] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4421] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4421] ioctl(5, LOOP_CLR_FD) = 0 [pid 4421] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4421] close(5) = 0 [pid 4421] close(4 [pid 4437] <... mount resumed>) = 0 [pid 4437] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4437] chdir("./bus") = 0 [pid 4437] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4437] ioctl(4, LOOP_CLR_FD) = 0 [pid 4437] close(4) = 0 [pid 4437] memfd_create("syzkaller", 0) = 4 [pid 4437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 198.399574][ T4437] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/201/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4429] <... write resumed>) = 20699119 [pid 4429] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4429] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4429] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4429] ioctl(5, LOOP_CLR_FD) = 0 [pid 4429] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4429] close(5) = 0 [pid 4429] close(4 [pid 4419] <... close resumed>) = 0 [pid 4419] exit_group(0) = ? [pid 4419] +++ exited with 0 +++ [pid 4421] <... close resumed>) = 0 [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4419, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4421] exit_group(0 [pid 344] <... restart_syscall resumed>) = 0 [pid 4421] <... exit_group resumed>) = ? [pid 344] umount2("./201", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./201/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./201/binderfs") = 0 [pid 344] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4421] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4421, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./205", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./205/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./205/binderfs") = 0 [pid 348] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4430] <... write resumed>) = 20699119 [pid 4430] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4430] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./201/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./201/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./201/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./201") = 0 [pid 344] mkdir("./202", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4429] <... close resumed>) = 0 [pid 4429] exit_group(0) = ? [pid 4429] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4429, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4437] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./205", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./205/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./205/binderfs") = 0 [pid 343] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4430] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 4430] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4430] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4430] ioctl(5, LOOP_CLR_FD [pid 348] newfstatat(AT_FDCWD, "./205/bus", [pid 4430] <... ioctl resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 348] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./205/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 4430] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 348] rmdir("./205/bus" [pid 4430] close(5 [pid 348] <... rmdir resumed>) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./205") = 0 [pid 348] mkdir("./206", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4437] <... write resumed>) = 20699119 [pid 4437] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4437] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3 [pid 4430] <... close resumed>) = 0 [pid 4430] close(4 [pid 348] <... openat resumed>) = 3 [pid 344] <... close resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4441 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4437] <... openat resumed>) = 5 [pid 348] close(3 [pid 4437] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4437] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] <... close resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./205/bus", [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4442 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4437] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4437] close(5) = 0 [pid 4437] close(4 [pid 343] openat(AT_FDCWD, "./205/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 4442 attached [pid 343] getdents64(4, [pid 4442] set_robust_list(0x555584fcf660, 24) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 4442] chdir("./206" [pid 343] rmdir("./205/bus") = 0 [pid 4442] <... chdir resumed>) = 0 [pid 4442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4442] setpgid(0, 0) = 0 [pid 4442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4442] <... openat resumed>) = 3 [pid 343] close(3 [pid 4442] write(3, "1000", 4) = 4 [pid 343] <... close resumed>) = 0 [pid 4442] close(3) = 0 [pid 4442] symlink("/dev/binderfs", "./binderfs" [pid 343] rmdir("./205") = 0 [pid 343] mkdir("./206", 0777 [pid 4442] <... symlink resumed>) = 0 [pid 4442] write(1, "executing program\n", 18) = 18 executing program [pid 343] <... mkdir resumed>) = 0 [pid 4442] memfd_create("syzkaller", 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 4442] <... memfd_create resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4442] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4443 ./strace-static-x86_64: Process 4441 attached [pid 4441] set_robust_list(0x555584fcf660, 24) = 0 [pid 4442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4441] chdir("./202") = 0 [pid 4441] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 4443 attached ) = 0 [pid 4441] setpgid(0, 0 [pid 4443] set_robust_list(0x555584fcf660, 24 [pid 4442] <... write resumed>) = 262144 [pid 4441] <... setpgid resumed>) = 0 [pid 4441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4443] <... set_robust_list resumed>) = 0 [pid 4441] <... openat resumed>) = 3 [pid 4442] munmap(0x7f7c475b3000, 138412032 [pid 4443] chdir("./206" [pid 4441] write(3, "1000", 4 [pid 4443] <... chdir resumed>) = 0 [pid 4442] <... munmap resumed>) = 0 [pid 4442] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4443] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4441] <... write resumed>) = 4 [pid 4442] ioctl(4, LOOP_SET_FD, 3 [pid 4441] close(3 [pid 4443] <... prctl resumed>) = 0 [pid 4441] <... close resumed>) = 0 [pid 4441] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4443] setpgid(0, 0 [pid 4441] write(1, "executing program\n", 18) = 18 [pid 4441] memfd_create("syzkaller", 0) = 3 [pid 4443] <... setpgid resumed>) = 0 [pid 4441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4441] <... mmap resumed>) = 0x7f7c475b3000 [pid 4443] <... openat resumed>) = 3 [pid 4441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4443] write(3, "1000", 4 [pid 4441] <... write resumed>) = 262144 [pid 4443] <... write resumed>) = 4 [pid 4441] munmap(0x7f7c475b3000, 138412032 [pid 4443] close(3) = 0 [pid 4441] <... munmap resumed>) = 0 [pid 4443] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4441] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4443] write(1, "executing program\n", 18executing program ) = 18 [pid 4442] <... ioctl resumed>) = 0 [pid 4442] close(3) = 0 [pid 4442] close(4 [pid 4443] memfd_create("syzkaller", 0) = 3 [pid 4443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4443] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4443] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4430] <... close resumed>) = 0 [pid 4430] exit_group(0) = ? [pid 4430] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4430, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4437] <... close resumed>) = 0 [pid 4443] <... openat resumed>) = 4 [pid 4442] <... close resumed>) = 0 [pid 4441] <... openat resumed>) = 4 [pid 4437] exit_group(0 [pid 4443] ioctl(4, LOOP_SET_FD, 3 [pid 4441] ioctl(4, LOOP_SET_FD, 3 [pid 4442] mkdir("./bus", 0777) = 0 [pid 4442] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4437] <... exit_group resumed>) = ? [pid 4443] <... ioctl resumed>) = 0 [pid 4437] +++ exited with 0 +++ [pid 4443] close(3 [pid 4441] <... ioctl resumed>) = 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4437, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 349] <... restart_syscall resumed>) = 0 [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4443] <... close resumed>) = 0 [pid 4441] close(3 [pid 4443] close(4) = 0 [pid 4441] <... close resumed>) = 0 [pid 349] umount2("./205", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4441] close(4 [pid 4443] mkdir("./bus", 0777 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4441] <... close resumed>) = 0 [pid 4441] mkdir("./bus", 0777 [pid 349] openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4443] <... mkdir resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 4441] <... mkdir resumed>) = 0 [pid 349] newfstatat(3, "", [pid 4443] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4441] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] umount2("./201", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] getdents64(3, [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] umount2("./205/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] newfstatat(3, "", [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./205/binderfs", [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] unlink("./205/binderfs") = 0 [pid 342] umount2("./201/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] newfstatat(AT_FDCWD, "./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./201/binderfs") = 0 [pid 342] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4442] <... mount resumed>) = 0 [pid 4442] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4442] chdir("./bus") = 0 [pid 4442] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4441] <... mount resumed>) = 0 [pid 4441] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4441] chdir("./bus") = 0 [pid 4441] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4443] <... mount resumed>) = 0 [pid 4443] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4443] chdir("./bus") = 0 [pid 4443] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./205/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./205/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./205/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./205") = 0 [pid 349] mkdir("./206", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4443] <... openat resumed>) = 4 [pid 4443] ioctl(4, LOOP_CLR_FD [pid 4442] <... openat resumed>) = 4 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4453 [pid 4443] <... ioctl resumed>) = 0 [pid 4442] ioctl(4, LOOP_CLR_FD [pid 4443] close(4 [pid 4442] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 4442] close(4) = 0 [pid 4443] <... close resumed>) = 0 [pid 4443] memfd_create("syzkaller", 0) = 4 [pid 4443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4442] memfd_create("syzkaller", 0 [pid 342] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4442] <... memfd_create resumed>) = 4 [pid 4442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4442] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] newfstatat(AT_FDCWD, "./201/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./201/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4441] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4441] ioctl(4, LOOP_CLR_FD [pid 342] openat(AT_FDCWD, "./201/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4441] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 4 [pid 4441] close(4 [pid 342] newfstatat(4, "", [pid 4441] <... close resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4441] memfd_create("syzkaller", 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4441] <... memfd_create resumed>) = 4 [pid 342] getdents64(4, [pid 4441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4441] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] close(4) = 0 [pid 342] rmdir("./201/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [ 198.779966][ T4442] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/206/bus supports timestamps until (%ptR?) (0x7fffffff) [ 198.798443][ T4441] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/202/bus supports timestamps until (%ptR?) (0x7fffffff) [ 198.800248][ T4443] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/206/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] close(3) = 0 [pid 342] rmdir("./201") = 0 [pid 342] mkdir("./202", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4454 ./strace-static-x86_64: Process 4454 attached [pid 4454] set_robust_list(0x555584fcf660, 24) = 0 [pid 4454] chdir("./202") = 0 [pid 4454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4454] setpgid(0, 0) = 0 [pid 4454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4454] write(3, "1000", 4) = 4 [pid 4454] close(3) = 0 [pid 4454] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4454] write(1, "executing program\n", 18executing program ) = 18 ./strace-static-x86_64: Process 4453 attached [pid 4453] set_robust_list(0x555584fcf660, 24) = 0 [pid 4454] memfd_create("syzkaller", 0) = 3 [pid 4454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4454] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4453] chdir("./206" [pid 4454] <... write resumed>) = 262144 [pid 4454] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4454] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4453] <... chdir resumed>) = 0 [pid 4453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4453] setpgid(0, 0) = 0 [pid 4454] ioctl(4, LOOP_SET_FD, 3 [pid 4453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4453] write(3, "1000", 4) = 4 [pid 4453] close(3) = 0 [pid 4453] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4453] write(1, "executing program\n", 18executing program ) = 18 [pid 4453] memfd_create("syzkaller", 0) = 3 [pid 4453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4453] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4453] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4453] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4454] <... ioctl resumed>) = 0 [pid 4454] close(3) = 0 [pid 4454] close(4) = 0 [pid 4454] mkdir("./bus", 0777) = 0 [pid 4453] <... openat resumed>) = 4 [pid 4453] ioctl(4, LOOP_SET_FD, 3 [pid 4454] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4453] <... ioctl resumed>) = 0 [pid 4453] close(3) = 0 [pid 4453] close(4) = 0 [pid 4453] mkdir("./bus", 0777) = 0 [pid 4453] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 4454] <... mount resumed>) = 0 [pid 4453] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4454] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4453] <... openat resumed>) = 3 [pid 4454] <... openat resumed>) = 3 [pid 4453] chdir("./bus" [pid 4454] chdir("./bus" [pid 4453] <... chdir resumed>) = 0 [pid 4454] <... chdir resumed>) = 0 [pid 4453] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4454] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4453] <... openat resumed>) = 4 [pid 4454] ioctl(4, LOOP_CLR_FD [pid 4453] ioctl(4, LOOP_CLR_FD [pid 4454] <... ioctl resumed>) = 0 [pid 4453] <... ioctl resumed>) = 0 [pid 4454] close(4 [pid 4453] close(4) = 0 [pid 4453] memfd_create("syzkaller", 0 [pid 4454] <... close resumed>) = 0 [pid 4454] memfd_create("syzkaller", 0 [pid 4453] <... memfd_create resumed>) = 4 [pid 4454] <... memfd_create resumed>) = 4 [pid 4453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4453] <... mmap resumed>) = 0x7f7c475b3000 [pid 4454] <... mmap resumed>) = 0x7f7c475b3000 [ 198.970186][ T4453] ext4 filesystem being mounted at /root/syzkaller.53SCZU/206/bus supports timestamps until (%ptR?) (0x7fffffff) [ 198.983331][ T4454] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/202/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4443] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4442] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4441] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4453] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4442] <... write resumed>) = 20699119 [pid 4442] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4442] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4442] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4442] ioctl(5, LOOP_CLR_FD) = 0 [pid 4442] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4442] close(5 [pid 4454] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4442] <... close resumed>) = 0 [pid 4442] close(4 [pid 4443] <... write resumed>) = 20699119 [pid 4443] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4441] <... write resumed>) = 20699119 [pid 4441] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4441] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4441] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4441] ioctl(5, LOOP_CLR_FD) = 0 [pid 4443] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4443] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4443] ioctl(5, LOOP_CLR_FD) = 0 [pid 4441] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4441] close(5 [pid 4443] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4443] close(5) = 0 [pid 4443] close(4 [pid 4441] <... close resumed>) = 0 [pid 4441] close(4 [pid 4443] <... close resumed>) = 0 [pid 4443] exit_group(0) = ? [pid 4443] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4443, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4454] <... write resumed>) = 20699119 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./206", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./206/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./206/binderfs") = 0 [pid 343] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4454] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4454] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4454] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4454] ioctl(5, LOOP_CLR_FD) = 0 [pid 4454] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4454] close(5 [pid 4441] <... close resumed>) = 0 [pid 4442] <... close resumed>) = 0 [pid 4442] exit_group(0 [pid 4441] exit_group(0 [pid 4442] <... exit_group resumed>) = ? [pid 4441] <... exit_group resumed>) = ? [pid 4441] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4441, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4442] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4442, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4453] <... write resumed>) = 20699119 [pid 4454] <... close resumed>) = 0 [pid 4453] munmap(0x7f7c475b3000, 138412032 [pid 4454] close(4 [pid 348] <... restart_syscall resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] umount2("./206", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./202", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 344] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 344] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./206/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./202/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./206/binderfs", [pid 344] newfstatat(AT_FDCWD, "./202/binderfs", [pid 343] newfstatat(AT_FDCWD, "./206/bus", [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./206/binderfs" [pid 344] unlink("./202/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 348] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./206/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./206/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./206") = 0 [pid 343] mkdir("./207", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4453] <... munmap resumed>) = 0 [pid 4453] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4454] <... close resumed>) = 0 [pid 4454] exit_group(0) = ? [pid 4454] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4454, si_uid=0, si_status=0, si_utime=8, si_stime=9} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./202/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./202/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./202/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./202") = 0 [pid 344] mkdir("./203", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./202", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./202/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./202/binderfs") = 0 [pid 342] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4453] <... openat resumed>) = 5 [pid 4453] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... umount2 resumed>) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 343] close(3 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... close resumed>) = 0 [pid 342] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] close(3 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4461 [pid 342] newfstatat(AT_FDCWD, "./202/bus", [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4462 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./202/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./202/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 348] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./202/bus") = 0 [pid 342] getdents64(3, [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./202") = 0 [pid 342] mkdir("./203", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3 [pid 4453] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... close resumed>) = 0 [pid 4453] ioctl(5, LOOP_CLR_FD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4453] <... ioctl resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./206/bus", [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4463 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./206/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4453] ioctl(5, LOOP_SET_FD, 4 [pid 348] close(4 [pid 4453] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... close resumed>) = 0 [pid 4453] close(5 [pid 348] rmdir("./206/bus" [pid 4453] <... close resumed>) = 0 [pid 4453] close(4 [pid 348] <... rmdir resumed>) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./206"./strace-static-x86_64: Process 4462 attached ) = 0 [pid 348] mkdir("./207", 0777 [pid 4462] set_robust_list(0x555584fcf660, 24) = 0 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4462] chdir("./203" [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 4462] <... chdir resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4462] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 348] close(3 [pid 4462] <... prctl resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4462] setpgid(0, 0) = 0 [pid 4462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4462] write(3, "1000", 4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4464 [pid 4462] <... write resumed>) = 4 [pid 4462] close(3) = 0 [pid 4462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4462] write(1, "executing program\n", 18executing program ) = 18 ./strace-static-x86_64: Process 4463 attached ./strace-static-x86_64: Process 4461 attached [pid 4462] memfd_create("syzkaller", 0 [pid 4463] set_robust_list(0x555584fcf660, 24) = 0 [pid 4462] <... memfd_create resumed>) = 3 [pid 4461] set_robust_list(0x555584fcf660, 24 [pid 4462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4463] chdir("./203" [pid 4462] <... mmap resumed>) = 0x7f7c475b3000 [pid 4461] <... set_robust_list resumed>) = 0 [pid 4463] <... chdir resumed>) = 0 [pid 4463] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4461] chdir("./207") = 0 [pid 4463] <... prctl resumed>) = 0 [pid 4461] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4463] setpgid(0, 0 [pid 4461] <... prctl resumed>) = 0 [pid 4463] <... setpgid resumed>) = 0 [pid 4461] setpgid(0, 0 [pid 4463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4461] <... setpgid resumed>) = 0 [pid 4463] <... openat resumed>) = 3 [pid 4463] write(3, "1000", 4 [pid 4461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4463] <... write resumed>) = 4 [pid 4463] close(3 [pid 4461] <... openat resumed>) = 3 [pid 4463] <... close resumed>) = 0 [pid 4461] write(3, "1000", 4 [pid 4463] symlink("/dev/binderfs", "./binderfs" [pid 4461] <... write resumed>) = 4 [pid 4463] <... symlink resumed>) = 0 [pid 4461] close(3executing program [pid 4463] write(1, "executing program\n", 18 [pid 4461] <... close resumed>) = 0 [pid 4463] <... write resumed>) = 18 [pid 4461] symlink("/dev/binderfs", "./binderfs" [pid 4463] memfd_create("syzkaller", 0executing program [pid 4461] <... symlink resumed>) = 0 [pid 4463] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 4464 attached [pid 4463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4461] write(1, "executing program\n", 18 [pid 4463] <... mmap resumed>) = 0x7f7c475b3000 [pid 4461] <... write resumed>) = 18 [pid 4464] set_robust_list(0x555584fcf660, 24) = 0 [pid 4464] chdir("./207") = 0 [pid 4464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4464] setpgid(0, 0) = 0 [pid 4464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4462] <... write resumed>) = 262144 [pid 4464] write(3, "1000", 4) = 4 [pid 4462] munmap(0x7f7c475b3000, 138412032 [pid 4461] memfd_create("syzkaller", 0 [pid 4463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4464] close(3 [pid 4462] <... munmap resumed>) = 0 [pid 4461] <... memfd_create resumed>) = 3 [pid 4464] <... close resumed>) = 0 [pid 4462] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4464] symlink("/dev/binderfs", "./binderfs" [pid 4462] <... openat resumed>) = 4 [pid 4461] <... mmap resumed>) = 0x7f7c475b3000 [pid 4464] <... symlink resumed>) = 0 executing program [pid 4462] ioctl(4, LOOP_SET_FD, 3 [pid 4464] write(1, "executing program\n", 18) = 18 [pid 4463] <... write resumed>) = 262144 [pid 4461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4464] memfd_create("syzkaller", 0 [pid 4463] munmap(0x7f7c475b3000, 138412032 [pid 4462] <... ioctl resumed>) = 0 [pid 4464] <... memfd_create resumed>) = 3 [pid 4462] close(3 [pid 4464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4463] <... munmap resumed>) = 0 [pid 4462] <... close resumed>) = 0 [pid 4461] <... write resumed>) = 262144 [pid 4464] <... mmap resumed>) = 0x7f7c475b3000 [pid 4462] close(4 [pid 4464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4462] <... close resumed>) = 0 [pid 4464] <... write resumed>) = 262144 [pid 4463] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4462] mkdir("./bus", 0777 [pid 4461] munmap(0x7f7c475b3000, 138412032 [pid 4464] munmap(0x7f7c475b3000, 138412032 [pid 4462] <... mkdir resumed>) = 0 [pid 4464] <... munmap resumed>) = 0 [pid 4462] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4461] <... munmap resumed>) = 0 [pid 4464] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4461] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4464] <... openat resumed>) = 4 [pid 4463] <... openat resumed>) = 4 [pid 4461] <... openat resumed>) = 4 [pid 4464] ioctl(4, LOOP_SET_FD, 3 [pid 4463] ioctl(4, LOOP_SET_FD, 3 [pid 4461] ioctl(4, LOOP_SET_FD, 3 [pid 4464] <... ioctl resumed>) = 0 [pid 4464] close(3) = 0 [pid 4464] close(4 [pid 4463] <... ioctl resumed>) = 0 [pid 4463] close(3) = 0 [pid 4463] close(4 [pid 4461] <... ioctl resumed>) = 0 [pid 4464] <... close resumed>) = 0 [pid 4464] mkdir("./bus", 0777) = 0 [pid 4461] close(3) = 0 [pid 4461] close(4 [pid 4464] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4463] <... close resumed>) = 0 [pid 4463] mkdir("./bus", 0777 [pid 4462] <... mount resumed>) = 0 [pid 4463] <... mkdir resumed>) = 0 [pid 4463] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4462] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4462] chdir("./bus") = 0 [pid 4462] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4453] <... close resumed>) = 0 [pid 4453] exit_group(0) = ? [pid 4453] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4453, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./206", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, [pid 4461] <... close resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 4461] mkdir("./bus", 0777 [pid 349] umount2("./206/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./206/binderfs" [pid 4461] <... mkdir resumed>) = 0 [pid 349] <... unlink resumed>) = 0 [pid 4461] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4462] <... openat resumed>) = 4 [pid 4462] ioctl(4, LOOP_CLR_FD) = 0 [pid 4462] close(4) = 0 [pid 4462] memfd_create("syzkaller", 0) = 4 [pid 4462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 199.608489][ T4462] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/203/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./206/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./206/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./206/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./206") = 0 [pid 349] mkdir("./207", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4477 ./strace-static-x86_64: Process 4477 attached [pid 4477] set_robust_list(0x555584fcf660, 24) = 0 [pid 4477] chdir("./207" [pid 4464] <... mount resumed>) = 0 [pid 4463] <... mount resumed>) = 0 [pid 4461] <... mount resumed>) = 0 [pid 4477] <... chdir resumed>) = 0 [pid 4464] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4463] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4461] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4461] <... openat resumed>) = 3 [pid 4477] setpgid(0, 0 [pid 4464] <... openat resumed>) = 3 [pid 4463] <... openat resumed>) = 3 [pid 4461] chdir("./bus" [pid 4477] <... setpgid resumed>) = 0 [pid 4477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4464] chdir("./bus" [pid 4477] write(3, "1000", 4 [pid 4464] <... chdir resumed>) = 0 [pid 4463] chdir("./bus" [pid 4461] <... chdir resumed>) = 0 [pid 4477] <... write resumed>) = 4 [pid 4464] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4461] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4477] close(3) = 0 [pid 4461] <... openat resumed>) = 4 [pid 4477] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4464] <... openat resumed>) = 4 [pid 4477] write(1, "executing program\n", 18 [pid 4464] ioctl(4, LOOP_CLR_FDexecuting program [pid 4477] <... write resumed>) = 18 [pid 4477] memfd_create("syzkaller", 0 [pid 4464] <... ioctl resumed>) = 0 [pid 4463] <... chdir resumed>) = 0 [pid 4461] ioctl(4, LOOP_CLR_FD [pid 4477] <... memfd_create resumed>) = 3 [pid 4461] <... ioctl resumed>) = 0 [pid 4477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4464] close(4 [pid 4463] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4461] close(4 [pid 4477] <... mmap resumed>) = 0x7f7c475b3000 [pid 4464] <... close resumed>) = 0 [pid 4463] <... openat resumed>) = 4 [pid 4461] <... close resumed>) = 0 [pid 4477] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4464] memfd_create("syzkaller", 0 [pid 4463] ioctl(4, LOOP_CLR_FD [pid 4461] memfd_create("syzkaller", 0 [pid 4463] <... ioctl resumed>) = 0 [pid 4464] <... memfd_create resumed>) = 4 [pid 4463] close(4 [pid 4461] <... memfd_create resumed>) = 4 [pid 4463] <... close resumed>) = 0 [pid 4464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4463] memfd_create("syzkaller", 0 [pid 4464] <... mmap resumed>) = 0x7f7c475b3000 [pid 4461] <... mmap resumed>) = 0x7f7c475b3000 [pid 4463] <... memfd_create resumed>) = 4 [pid 4477] <... write resumed>) = 262144 [pid 4463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4477] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4477] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4477] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4477] close(3) = 0 [pid 4477] close(4) = 0 [ 199.648982][ T4464] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/207/bus supports timestamps until (%ptR?) (0x7fffffff) [ 199.662424][ T4461] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/207/bus supports timestamps until (%ptR?) (0x7fffffff) [ 199.675485][ T4463] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/203/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4477] mkdir("./bus", 0777) = 0 [pid 4477] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4462] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4477] <... mount resumed>) = 0 [pid 4477] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4477] chdir("./bus") = 0 [pid 4477] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4477] ioctl(4, LOOP_CLR_FD) = 0 [pid 4477] close(4) = 0 [pid 4477] memfd_create("syzkaller", 0) = 4 [pid 4477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 199.801273][ T4477] ext4 filesystem being mounted at /root/syzkaller.53SCZU/207/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4464] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4463] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4462] <... write resumed>) = 20699119 [pid 4462] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4462] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4462] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4462] ioctl(5, LOOP_CLR_FD) = 0 [pid 4462] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4462] close(5) = 0 [pid 4462] close(4 [pid 4461] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4464] <... write resumed>) = 20699119 [pid 4477] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4464] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4464] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4464] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4464] ioctl(5, LOOP_CLR_FD) = 0 [pid 4463] <... write resumed>) = 20699119 [pid 4463] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4463] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4463] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4463] ioctl(5, LOOP_CLR_FD) = 0 [pid 4464] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4464] close(5) = 0 [pid 4464] close(4 [pid 4463] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4463] close(5) = 0 [pid 4463] close(4 [pid 4462] <... close resumed>) = 0 [pid 4462] exit_group(0) = ? [pid 4462] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4462, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./203", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./203/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./203/binderfs") = 0 [pid 344] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4461] <... write resumed>) = 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4461] munmap(0x7f7c475b3000, 138412032 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./203/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./203/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./203/bus" [pid 4461] <... munmap resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 4461] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 344] getdents64(3, [pid 4461] <... openat resumed>) = 5 [pid 4461] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 4461] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4461] ioctl(5, LOOP_CLR_FD [pid 344] <... close resumed>) = 0 [pid 4461] <... ioctl resumed>) = 0 [pid 344] rmdir("./203") = 0 [pid 344] mkdir("./204", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 4461] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4461] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] close(3 [pid 4464] <... close resumed>) = 0 [pid 4461] close(5 [pid 344] <... close resumed>) = 0 [pid 4461] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4461] close(4 [pid 4464] exit_group(0) = ? [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4481 [pid 4464] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4464, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./207", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./207/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./207/binderfs") = 0 [pid 348] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4463] <... close resumed>) = 0 ./strace-static-x86_64: Process 4481 attached [pid 4481] set_robust_list(0x555584fcf660, 24) = 0 [pid 4481] chdir("./204") = 0 [pid 4481] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4481] setpgid(0, 0) = 0 [pid 4481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4481] write(3, "1000", 4) = 4 [pid 4481] close(3) = 0 [pid 4481] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4481] write(1, "executing program\n", 18) = 18 [pid 4481] memfd_create("syzkaller", 0) = 3 [pid 4481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4481] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4463] exit_group(0) = ? [pid 4463] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4463, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4481] <... write resumed>) = 262144 [pid 4481] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4481] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./203", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./203/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./203/binderfs") = 0 [pid 342] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4481] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 4481] ioctl(4, LOOP_SET_FD, 3 [pid 348] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./207/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./207/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./207/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./207" [pid 4477] <... write resumed>) = 20699119 [pid 4477] munmap(0x7f7c475b3000, 138412032 [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./208", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4477] <... munmap resumed>) = 0 [pid 4477] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4461] <... close resumed>) = 0 [pid 4461] exit_group(0) = ? [pid 4461] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4461, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./207", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./207/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./207/binderfs") = 0 [pid 343] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 4481] <... ioctl resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4481] close(3 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4481] <... close resumed>) = 0 [pid 4481] close(4 [pid 348] close(3 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4481] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 4481] mkdir("./bus", 0777 [pid 342] newfstatat(AT_FDCWD, "./203/bus", [pid 4481] <... mkdir resumed>) = 0 [pid 4481] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4477] <... openat resumed>) = 5 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4477] ioctl(5, LOOP_SET_FD, 4 [pid 342] umount2("./203/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4483 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./203/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 4483 attached [pid 4477] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", [pid 4483] set_robust_list(0x555584fcf660, 24 [pid 4477] ioctl(5, LOOP_CLR_FD [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4483] <... set_robust_list resumed>) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, [pid 4483] chdir("./208" [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4483] <... chdir resumed>) = 0 [pid 342] close(4 [pid 4483] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 342] <... close resumed>) = 0 [pid 4483] <... prctl resumed>) = 0 [pid 342] rmdir("./203/bus" [pid 4483] setpgid(0, 0) = 0 [pid 4483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 342] <... rmdir resumed>) = 0 [pid 4483] <... openat resumed>) = 3 [pid 342] getdents64(3, [pid 4483] write(3, "1000", 4 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4483] <... write resumed>) = 4 [pid 342] close(3 [pid 4483] close(3 [pid 342] <... close resumed>) = 0 [pid 4483] <... close resumed>) = 0 [pid 342] rmdir("./203" [pid 4483] symlink("/dev/binderfs", "./binderfs") = 0 [pid 342] <... rmdir resumed>) = 0 executing program [pid 4483] write(1, "executing program\n", 18 [pid 342] mkdir("./204", 0777 [pid 4483] <... write resumed>) = 18 [pid 4483] memfd_create("syzkaller", 0 [pid 342] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4483] <... memfd_create resumed>) = 3 [pid 4483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4483] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4483] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4483] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4481] <... mount resumed>) = 0 [pid 4481] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4481] chdir("./bus") = 0 [pid 4481] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4483] <... openat resumed>) = 4 [pid 4481] <... openat resumed>) = 4 [pid 342] <... openat resumed>) = 3 [pid 4483] ioctl(4, LOOP_SET_FD, 3 [pid 4481] ioctl(4, LOOP_CLR_FD [pid 4477] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./207/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] ioctl(3, LOOP_CLR_FD [pid 4483] <... ioctl resumed>) = 0 [pid 343] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4483] close(3 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4483] <... close resumed>) = 0 [pid 343] openat(AT_FDCWD, "./207/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4483] close(4 [pid 343] <... openat resumed>) = 4 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4483] <... close resumed>) = 0 [pid 4481] <... ioctl resumed>) = 0 [pid 4477] ioctl(5, LOOP_SET_FD, 4 [pid 343] newfstatat(4, "", [pid 342] close(3 [pid 4483] mkdir("./bus", 0777 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4483] <... mkdir resumed>) = 0 [pid 343] getdents64(4, [pid 4483] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4477] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] getdents64(4, [pid 4481] close(4 [pid 4477] close(5 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./207/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./207") = 0 [pid 343] mkdir("./208", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] <... close resumed>) = 0 [pid 4481] <... close resumed>) = 0 [pid 4477] <... close resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 4481] memfd_create("syzkaller", 0 [pid 4477] close(4 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4481] <... memfd_create resumed>) = 4 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4487 ./strace-static-x86_64: Process 4487 attached [pid 4487] set_robust_list(0x555584fcf660, 24) = 0 [pid 4487] chdir("./204") = 0 [pid 4487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4487] setpgid(0, 0) = 0 [pid 4487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4487] write(3, "1000", 4) = 4 [pid 4487] close(3) = 0 [pid 4487] symlink("/dev/binderfs", "./binderfs" [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4487] <... symlink resumed>) = 0 [pid 4487] write(1, "executing program\n", 18executing program ) = 18 [pid 4487] memfd_create("syzkaller", 0) = 3 [pid 4487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4487] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4487] munmap(0x7f7c475b3000, 138412032 [pid 4481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] close(3 [pid 4481] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4488 [pid 4487] <... munmap resumed>) = 0 [pid 4487] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4487] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4488 attached [pid 4488] set_robust_list(0x555584fcf660, 24) = 0 [pid 4488] chdir("./208" [pid 4487] <... ioctl resumed>) = 0 [pid 4487] close(3) = 0 [pid 4487] close(4 [pid 4488] <... chdir resumed>) = 0 [ 200.308382][ T4481] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/204/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4488] setpgid(0, 0) = 0 [pid 4488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4488] write(3, "1000", 4) = 4 [pid 4488] close(3) = 0 [pid 4488] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4488] write(1, "executing program\n", 18) = 18 [pid 4488] memfd_create("syzkaller", 0) = 3 [pid 4488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4488] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4488] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4488] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4483] <... mount resumed>) = 0 [pid 4483] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4488] <... openat resumed>) = 4 [pid 4487] <... close resumed>) = 0 [pid 4483] chdir("./bus" [pid 4488] ioctl(4, LOOP_SET_FD, 3 [pid 4483] <... chdir resumed>) = 0 [pid 4487] mkdir("./bus", 0777 [pid 4483] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4487] <... mkdir resumed>) = 0 [pid 4487] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4477] <... close resumed>) = 0 [pid 4477] exit_group(0) = ? [pid 4477] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4477, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./207", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./207/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./207/binderfs") = 0 [pid 349] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4488] <... ioctl resumed>) = 0 [pid 4483] <... openat resumed>) = 4 [pid 4488] close(3 [pid 4483] ioctl(4, LOOP_CLR_FD [pid 4488] <... close resumed>) = 0 [pid 4483] <... ioctl resumed>) = 0 [pid 4488] close(4 [pid 4483] close(4 [pid 4481] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4488] <... close resumed>) = 0 [pid 4488] mkdir("./bus", 0777) = 0 [ 200.419426][ T4483] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/208/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4488] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4481] <... write resumed>) = 20699119 [pid 4481] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4481] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4483] <... close resumed>) = 0 [pid 4483] memfd_create("syzkaller", 0) = 4 [pid 4483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4481] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4481] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4481] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] newfstatat(AT_FDCWD, "./207/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./207/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./207/bus" [pid 4481] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./207" [pid 4481] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./208", 0777 [pid 4481] close(5 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 4481] <... close resumed>) = 0 [pid 4481] close(4 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4494 ./strace-static-x86_64: Process 4494 attached [pid 4494] set_robust_list(0x555584fcf660, 24) = 0 [pid 4494] chdir("./208") = 0 [pid 4494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4494] setpgid(0, 0) = 0 [pid 4494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4494] write(3, "1000", 4) = 4 [pid 4494] close(3) = 0 [pid 4494] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4494] write(1, "executing program\n", 18executing program ) = 18 [pid 4494] memfd_create("syzkaller", 0) = 3 [pid 4494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4494] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4494] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4494] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4494] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4487] <... mount resumed>) = 0 [pid 4494] close(3) = 0 [pid 4494] close(4) = 0 [pid 4494] mkdir("./bus", 0777) = 0 [pid 4487] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4494] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4487] chdir("./bus") = 0 [pid 4487] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4488] <... mount resumed>) = 0 [pid 4487] ioctl(4, LOOP_CLR_FD [pid 4488] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4487] <... ioctl resumed>) = 0 [pid 4487] close(4 [pid 4488] <... openat resumed>) = 3 [pid 4487] <... close resumed>) = 0 [pid 4487] memfd_create("syzkaller", 0) = 4 [pid 4487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4488] chdir("./bus") = 0 [pid 4488] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4488] ioctl(4, LOOP_CLR_FD) = 0 [pid 4488] close(4) = 0 [pid 4488] memfd_create("syzkaller", 0) = 4 [pid 4488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4494] <... mount resumed>) = 0 [pid 4494] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4494] chdir("./bus") = 0 [ 200.577815][ T4487] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/204/bus supports timestamps until (%ptR?) (0x7fffffff) [ 200.591474][ T4488] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/208/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4494] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4494] ioctl(4, LOOP_CLR_FD) = 0 [pid 4494] close(4) = 0 [pid 4494] memfd_create("syzkaller", 0) = 4 [pid 4494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4481] <... close resumed>) = 0 [pid 4481] exit_group(0) = ? [pid 4481] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4481, si_uid=0, si_status=0, si_utime=6, si_stime=10} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./204", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./204/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./204/binderfs") = 0 [pid 344] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 344] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./204/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./204/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./204/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./204") = 0 [pid 344] mkdir("./205", 0777) = 0 [ 200.638086][ T4494] ext4 filesystem being mounted at /root/syzkaller.53SCZU/208/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4501 ./strace-static-x86_64: Process 4501 attached [pid 4501] set_robust_list(0x555584fcf660, 24) = 0 [pid 4501] chdir("./205") = 0 [pid 4501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4501] setpgid(0, 0) = 0 [pid 4501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4501] write(3, "1000", 4) = 4 [pid 4501] close(3) = 0 [pid 4501] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4501] write(1, "executing program\n", 18) = 18 [pid 4501] memfd_create("syzkaller", 0) = 3 [pid 4501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4501] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4501] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4501] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4501] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4501] close(3) = 0 [pid 4501] close(4) = 0 [pid 4501] mkdir("./bus", 0777) = 0 [pid 4501] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4487] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4483] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4501] <... mount resumed>) = 0 [pid 4501] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4501] chdir("./bus") = 0 [pid 4501] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4501] ioctl(4, LOOP_CLR_FD) = 0 [pid 4501] close(4) = 0 [pid 4501] memfd_create("syzkaller", 0) = 4 [pid 4501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 200.804849][ T4501] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/205/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4488] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4494] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4483] <... write resumed>) = 20699119 [pid 4483] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4483] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4483] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4483] ioctl(5, LOOP_CLR_FD) = 0 [pid 4483] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4483] close(5) = 0 [pid 4483] close(4 [pid 4487] <... write resumed>) = 20699119 [pid 4487] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4487] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4487] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4487] ioctl(5, LOOP_CLR_FD) = 0 [pid 4487] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4487] close(5) = 0 [pid 4487] close(4 [pid 4488] <... write resumed>) = 20699119 [pid 4488] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4488] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4488] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4488] ioctl(5, LOOP_CLR_FD) = 0 [pid 4488] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4488] close(5) = 0 [pid 4488] close(4 [pid 4494] <... write resumed>) = 20699119 [pid 4494] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4494] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4494] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4494] ioctl(5, LOOP_CLR_FD) = 0 [pid 4501] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4494] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4494] close(5) = 0 [pid 4483] <... close resumed>) = 0 [pid 4494] close(4 [pid 4483] exit_group(0) = ? [pid 4483] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4483, si_uid=0, si_status=0, si_utime=8, si_stime=11} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4487] <... close resumed>) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./208", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./208/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./208/binderfs") = 0 [pid 348] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4488] <... close resumed>) = 0 [pid 4488] exit_group(0) = ? [pid 4488] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4488, si_uid=0, si_status=0, si_utime=3, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./208", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./208/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./208/binderfs") = 0 [pid 343] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4487] exit_group(0) = ? [pid 4487] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4487, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./204", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./204/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./204/binderfs") = 0 [pid 342] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4494] <... close resumed>) = 0 [pid 4494] exit_group(0) = ? [pid 4494] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4494, si_uid=0, si_status=0, si_utime=10, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./208", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./208/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./208/binderfs") = 0 [pid 349] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./208/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./208/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./208/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./208") = 0 [pid 348] mkdir("./209", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4501] <... write resumed>) = 20699119 [pid 4501] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4501] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4505 ./strace-static-x86_64: Process 4505 attached [pid 4501] <... openat resumed>) = 5 [pid 343] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 343] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./208/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./208/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./208/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./208") = 0 [pid 343] mkdir("./209", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4506 ./strace-static-x86_64: Process 4506 attached [pid 4506] set_robust_list(0x555584fcf660, 24) = 0 [pid 4506] chdir("./209") = 0 [pid 4506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4506] setpgid(0, 0) = 0 [pid 4506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4506] write(3, "1000", 4) = 4 [pid 4506] close(3) = 0 [pid 4506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4506] write(1, "executing program\n", 18executing program ) = 18 [pid 4506] memfd_create("syzkaller", 0) = 3 [pid 4506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4506] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4506] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./208/bus", [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] newfstatat(AT_FDCWD, "./204/bus", [pid 349] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4501] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./204/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4505] set_robust_list(0x555584fcf660, 24 [pid 4501] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] openat(AT_FDCWD, "./208/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4506] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 4 [pid 4505] <... set_robust_list resumed>) = 0 [pid 4501] ioctl(5, LOOP_CLR_FD [pid 349] newfstatat(4, "", [pid 342] openat(AT_FDCWD, "./204/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4506] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... openat resumed>) = 4 [pid 4505] chdir("./209" [pid 4501] <... ioctl resumed>) = 0 [pid 4505] <... chdir resumed>) = 0 [pid 349] getdents64(4, [pid 342] newfstatat(4, "", [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 342] getdents64(4, [pid 4505] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4505] <... prctl resumed>) = 0 [pid 349] close(4 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... close resumed>) = 0 [pid 342] getdents64(4, [pid 4505] setpgid(0, 0 [pid 349] rmdir("./208/bus" [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4501] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4501] close(5) = 0 [pid 342] close(4 [pid 4501] close(4 [pid 349] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 4506] <... ioctl resumed>) = 0 [pid 4505] <... setpgid resumed>) = 0 [pid 349] getdents64(3, [pid 342] rmdir("./204/bus" [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] close(3 [pid 342] getdents64(3, [pid 349] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] rmdir("./208" [pid 342] close(3 [pid 349] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] mkdir("./209", 0777 [pid 342] rmdir("./204" [pid 349] <... mkdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] mkdir("./205", 0777 [pid 349] <... openat resumed>) = 3 [pid 342] <... mkdir resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... openat resumed>) = 3 [pid 349] close(3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] close(3) = 0 ./strace-static-x86_64: Process 4508 attached [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4508 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4509 [pid 4505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4506] close(3 [pid 4505] write(3, "1000", 4 [pid 4506] <... close resumed>) = 0 [pid 4506] close(4 [pid 4505] <... write resumed>) = 4 [pid 4506] <... close resumed>) = 0 [pid 4505] close(3 [pid 4506] mkdir("./bus", 0777 [pid 4505] <... close resumed>) = 0 [pid 4506] <... mkdir resumed>) = 0 [pid 4505] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4505] write(1, "executing program\n", 18) = 18 [pid 4506] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4505] memfd_create("syzkaller", 0 [pid 4508] set_robust_list(0x555584fcf660, 24 [pid 4505] <... memfd_create resumed>) = 3 [pid 4505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4508] <... set_robust_list resumed>) = 0 [pid 4508] chdir("./209" [pid 4505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4508] <... chdir resumed>) = 0 [pid 4505] <... write resumed>) = 262144 [pid 4505] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4505] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 4509 attached [pid 4509] set_robust_list(0x555584fcf660, 24) = 0 [pid 4509] chdir("./205" [pid 4508] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4509] <... chdir resumed>) = 0 [pid 4509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4509] setpgid(0, 0 [pid 4508] <... prctl resumed>) = 0 [pid 4509] <... setpgid resumed>) = 0 [pid 4509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4508] setpgid(0, 0 [pid 4509] <... openat resumed>) = 3 [pid 4508] <... setpgid resumed>) = 0 [pid 4509] write(3, "1000", 4 [pid 4508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4509] <... write resumed>) = 4 [pid 4508] <... openat resumed>) = 3 [pid 4508] write(3, "1000", 4 [pid 4509] close(3 [pid 4508] <... write resumed>) = 4 [pid 4509] <... close resumed>) = 0 [pid 4509] symlink("/dev/binderfs", "./binderfs" [pid 4508] close(3) = 0 [pid 4508] symlink("/dev/binderfs", "./binderfs" [pid 4509] <... symlink resumed>) = 0 executing program [pid 4509] write(1, "executing program\n", 18) = 18 [pid 4509] memfd_create("syzkaller", 0 [pid 4508] <... symlink resumed>) = 0 [pid 4509] <... memfd_create resumed>) = 3 [pid 4509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4508] write(1, "executing program\n", 18executing program ) = 18 [pid 4508] memfd_create("syzkaller", 0) = 3 [pid 4508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4509] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4508] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4509] <... write resumed>) = 262144 [pid 4509] munmap(0x7f7c475b3000, 138412032 [pid 4508] <... write resumed>) = 262144 [pid 4509] <... munmap resumed>) = 0 [pid 4508] munmap(0x7f7c475b3000, 138412032 [pid 4509] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4508] <... munmap resumed>) = 0 [pid 4505] <... openat resumed>) = 4 [pid 4508] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4505] ioctl(4, LOOP_SET_FD, 3 [pid 4508] ioctl(4, LOOP_SET_FD, 3 [pid 4505] <... ioctl resumed>) = 0 [pid 4505] close(3) = 0 [pid 4505] close(4 [pid 4508] <... ioctl resumed>) = 0 [pid 4509] <... openat resumed>) = 4 [pid 4509] ioctl(4, LOOP_SET_FD, 3 [pid 4508] close(3) = 0 [pid 4508] close(4 [pid 4506] <... mount resumed>) = 0 [pid 4506] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4506] chdir("./bus") = 0 [pid 4506] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4501] <... close resumed>) = 0 [pid 4501] exit_group(0) = ? [pid 4501] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4501, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./205", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./205/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./205/binderfs") = 0 [pid 344] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4505] <... close resumed>) = 0 [pid 4505] mkdir("./bus", 0777 [pid 4509] <... ioctl resumed>) = 0 [pid 4509] close(3 [pid 4505] <... mkdir resumed>) = 0 [pid 4509] <... close resumed>) = 0 [pid 4505] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4509] close(4 [pid 4508] <... close resumed>) = 0 [pid 4506] <... openat resumed>) = 4 [pid 4508] mkdir("./bus", 0777) = 0 [pid 4508] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 201.358581][ T4506] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/209/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4506] ioctl(4, LOOP_CLR_FD [pid 4509] <... close resumed>) = 0 [pid 4506] <... ioctl resumed>) = 0 [pid 4509] mkdir("./bus", 0777) = 0 [pid 4509] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4506] close(4 [pid 4508] <... mount resumed>) = 0 [pid 4508] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4508] chdir("./bus") = 0 [pid 4508] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4506] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 4508] ioctl(4, LOOP_CLR_FD [pid 4506] memfd_create("syzkaller", 0 [pid 344] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4508] <... ioctl resumed>) = 0 [pid 4506] <... memfd_create resumed>) = 4 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4508] close(4 [pid 4506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] newfstatat(AT_FDCWD, "./205/bus", [pid 4506] <... mmap resumed>) = 0x7f7c475b3000 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4508] <... close resumed>) = 0 [pid 344] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./205/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./205/bus" [pid 4508] memfd_create("syzkaller", 0 [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./205") = 0 [pid 344] mkdir("./206", 0777 [pid 4508] <... memfd_create resumed>) = 4 [pid 344] <... mkdir resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4520 [pid 4508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 201.548461][ T4508] ext4 filesystem being mounted at /root/syzkaller.53SCZU/209/bus supports timestamps until (%ptR?) (0x7fffffff) ./strace-static-x86_64: Process 4520 attached [pid 4520] set_robust_list(0x555584fcf660, 24) = 0 [pid 4505] <... mount resumed>) = 0 [pid 4520] chdir("./206" [pid 4505] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4520] <... chdir resumed>) = 0 [pid 4505] chdir("./bus" [pid 4520] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4505] <... chdir resumed>) = 0 [pid 4520] <... prctl resumed>) = 0 [pid 4505] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4520] setpgid(0, 0 [pid 4505] ioctl(4, LOOP_CLR_FD) = 0 [pid 4520] <... setpgid resumed>) = 0 [pid 4505] close(4 [pid 4520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4505] <... close resumed>) = 0 [pid 4520] <... openat resumed>) = 3 [pid 4505] memfd_create("syzkaller", 0 [pid 4520] write(3, "1000", 4 [pid 4505] <... memfd_create resumed>) = 4 [pid 4520] <... write resumed>) = 4 [pid 4520] close(3 [pid 4505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4520] <... close resumed>) = 0 [pid 4505] <... mmap resumed>) = 0x7f7c475b3000 [pid 4520] symlink("/dev/binderfs", "./binderfs" [pid 4509] <... mount resumed>) = 0 [pid 4509] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4520] <... symlink resumed>) = 0 [pid 4509] <... openat resumed>) = 3 [pid 4509] chdir("./bus") = 0 [pid 4509] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4509] ioctl(4, LOOP_CLR_FD) = 0 [pid 4509] close(4 [pid 4520] write(1, "executing program\n", 18executing program ) = 18 [pid 4520] memfd_create("syzkaller", 0) = 3 [pid 4520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4520] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4509] <... close resumed>) = 0 [pid 4509] memfd_create("syzkaller", 0) = 4 [pid 4509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4520] <... write resumed>) = 262144 [pid 4520] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4520] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4520] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4520] close(3) = 0 [pid 4520] close(4) = 0 [pid 4520] mkdir("./bus", 0777) = 0 [ 201.620740][ T4505] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/209/bus supports timestamps until (%ptR?) (0x7fffffff) [ 201.638778][ T4509] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/205/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4520] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 4520] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4520] chdir("./bus") = 0 [pid 4520] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4520] ioctl(4, LOOP_CLR_FD) = 0 [pid 4520] close(4) = 0 [pid 4520] memfd_create("syzkaller", 0) = 4 [pid 4520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4506] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 201.772162][ T4520] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/206/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4508] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4505] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4509] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4506] <... write resumed>) = 20699119 [pid 4508] <... write resumed>) = 20699119 [pid 4508] munmap(0x7f7c475b3000, 138412032 [pid 4506] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4506] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4506] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4506] ioctl(5, LOOP_CLR_FD) = 0 [pid 4506] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4506] close(5 [pid 4508] <... munmap resumed>) = 0 [pid 4508] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4520] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4508] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4506] <... close resumed>) = 0 [pid 4506] close(4 [pid 4508] ioctl(5, LOOP_CLR_FD) = 0 [pid 4508] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4508] close(5) = 0 [pid 4508] close(4 [pid 4509] <... write resumed>) = 20699119 [pid 4505] <... write resumed>) = 20699119 [pid 4505] munmap(0x7f7c475b3000, 138412032 [pid 4509] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4509] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4509] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4509] ioctl(5, LOOP_CLR_FD [pid 4505] <... munmap resumed>) = 0 [pid 4509] <... ioctl resumed>) = 0 [pid 4505] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4505] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4505] ioctl(5, LOOP_CLR_FD) = 0 [pid 4509] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4509] close(5 [pid 4508] <... close resumed>) = 0 [pid 4508] exit_group(0 [pid 4505] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4508] <... exit_group resumed>) = ? [pid 4505] close(5 [pid 4509] <... close resumed>) = 0 [pid 4509] close(4 [pid 4508] +++ exited with 0 +++ [pid 4505] <... close resumed>) = 0 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4508, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4505] close(4 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./209", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./209/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./209/binderfs") = 0 [pid 349] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4506] <... close resumed>) = 0 [pid 4506] exit_group(0) = ? [pid 4506] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4506, si_uid=0, si_status=0, si_utime=10, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./209", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./209/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./209/binderfs") = 0 [pid 343] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4520] <... write resumed>) = 20699119 [pid 4520] munmap(0x7f7c475b3000, 138412032 [pid 4509] <... close resumed>) = 0 [pid 4509] exit_group(0) = ? [pid 4509] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4509, si_uid=0, si_status=0, si_utime=3, si_stime=19} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4520] <... munmap resumed>) = 0 [pid 4520] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./205", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./205/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./205/binderfs") = 0 [pid 4505] <... close resumed>) = 0 [pid 4505] exit_group(0) = ? [pid 342] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4505] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4505, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./209", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./209/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./209/binderfs" [pid 349] <... umount2 resumed>) = 0 [pid 348] <... unlink resumed>) = 0 [pid 349] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./209/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./209/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./209/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./209") = 0 [pid 349] mkdir("./210", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4520] <... openat resumed>) = 5 [pid 4520] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4520] ioctl(5, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./205/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./205/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./205/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./205/bus" [pid 4520] <... ioctl resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./205") = 0 [pid 342] mkdir("./206", 0777) = 0 [pid 4520] ioctl(5, LOOP_SET_FD, 4 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4520] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... openat resumed>) = 3 [pid 4520] close(5 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4520] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 348] <... umount2 resumed>) = 0 [pid 343] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] close(3 [pid 4520] close(4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 348] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... close resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./209/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./209/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] close(3 [pid 348] getdents64(4, [pid 343] newfstatat(AT_FDCWD, "./209/bus", [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... close resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] getdents64(4, [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] close(4) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] rmdir("./209/bus") = 0 [pid 343] openat(AT_FDCWD, "./209/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4525 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... openat resumed>) = 4 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4526 [pid 348] close(3 [pid 343] newfstatat(4, "", [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./209" [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./210", 0777 [pid 343] getdents64(4, [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] <... openat resumed>) = 3 [pid 343] getdents64(4, [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(4 [pid 348] close(3) = 0 [pid 343] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] rmdir("./209/bus" [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4527 ./strace-static-x86_64: Process 4525 attached [pid 343] <... rmdir resumed>) = 0 [pid 4525] set_robust_list(0x555584fcf660, 24 [pid 343] getdents64(3, [pid 4525] <... set_robust_list resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4525] chdir("./210" [pid 343] close(3 [pid 4525] <... chdir resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 4525] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] rmdir("./209" [pid 4525] <... prctl resumed>) = 0 [pid 4525] setpgid(0, 0) = 0 [pid 4525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... rmdir resumed>) = 0 [pid 4525] <... openat resumed>) = 3 [pid 343] mkdir("./210", 0777 [pid 4525] write(3, "1000", 4) = 4 [pid 4525] close(3) = 0 [pid 4525] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 4525] write(1, "executing program\n", 18 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4525] <... write resumed>) = 18 [pid 343] <... openat resumed>) = 3 [pid 4525] memfd_create("syzkaller", 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4525] <... memfd_create resumed>) = 3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] close(3 [pid 4525] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4525] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4528 [pid 4525] <... write resumed>) = 262144 [pid 4525] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4525] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4525] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4528 attached [pid 4528] set_robust_list(0x555584fcf660, 24) = 0 [pid 4528] chdir("./210") = 0 [pid 4528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4528] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 4526 attached [pid 4528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4526] set_robust_list(0x555584fcf660, 24 [pid 4528] write(3, "1000", 4) = 4 [pid 4528] close(3) = 0 [pid 4528] symlink("/dev/binderfs", "./binderfs" [pid 4526] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 4527 attached [pid 4526] chdir("./206"executing program [pid 4525] <... ioctl resumed>) = 0 [pid 4525] close(3) = 0 [pid 4525] close(4 [pid 4528] <... symlink resumed>) = 0 [pid 4528] write(1, "executing program\n", 18) = 18 [pid 4528] memfd_create("syzkaller", 0) = 3 [pid 4528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4526] <... chdir resumed>) = 0 [pid 4527] set_robust_list(0x555584fcf660, 24 [pid 4526] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4527] <... set_robust_list resumed>) = 0 [pid 4526] setpgid(0, 0 [pid 4527] chdir("./210" [pid 4526] <... setpgid resumed>) = 0 [pid 4526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4527] <... chdir resumed>) = 0 [pid 4526] <... openat resumed>) = 3 [pid 4527] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4526] write(3, "1000", 4 [pid 4527] <... prctl resumed>) = 0 [pid 4526] <... write resumed>) = 4 [pid 4527] setpgid(0, 0 [pid 4526] close(3) = 0 [pid 4527] <... setpgid resumed>) = 0 [pid 4528] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4528] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4528] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program executing program [pid 4526] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4526] write(1, "executing program\n", 18) = 18 [pid 4526] memfd_create("syzkaller", 0) = 3 [pid 4526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4527] write(3, "1000", 4) = 4 [pid 4527] close(3) = 0 [pid 4527] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4527] write(1, "executing program\n", 18) = 18 [pid 4527] memfd_create("syzkaller", 0) = 3 [pid 4527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4527] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4526] munmap(0x7f7c475b3000, 138412032 [pid 4527] <... write resumed>) = 262144 [pid 4527] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4526] <... munmap resumed>) = 0 [pid 4526] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4527] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4520] <... close resumed>) = 0 [pid 4520] exit_group(0) = ? [pid 4520] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4520, si_uid=0, si_status=0, si_utime=8, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4528] <... openat resumed>) = 4 [pid 4527] <... openat resumed>) = 4 [pid 4526] <... openat resumed>) = 4 [pid 4525] <... close resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 4527] ioctl(4, LOOP_SET_FD, 3 [pid 4525] mkdir("./bus", 0777) = 0 [pid 4525] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] umount2("./206", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./206/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./206/binderfs" [pid 4528] ioctl(4, LOOP_SET_FD, 3 [pid 344] <... unlink resumed>) = 0 [pid 344] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4526] ioctl(4, LOOP_SET_FD, 3 [pid 4527] <... ioctl resumed>) = 0 [pid 4527] close(3) = 0 [pid 4527] close(4 [pid 4528] <... ioctl resumed>) = 0 [pid 4528] close(3) = 0 [pid 4528] close(4 [pid 4525] <... mount resumed>) = 0 [pid 4525] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4525] chdir("./bus") = 0 [pid 4525] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4526] <... ioctl resumed>) = 0 [pid 4527] <... close resumed>) = 0 [pid 4526] close(3 [pid 4527] mkdir("./bus", 0777 [pid 4526] <... close resumed>) = 0 [pid 4527] <... mkdir resumed>) = 0 [pid 4526] close(4 [pid 4527] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4528] <... close resumed>) = 0 [pid 4526] <... close resumed>) = 0 [pid 4525] <... openat resumed>) = 4 [pid 344] <... umount2 resumed>) = 0 [pid 4528] mkdir("./bus", 0777 [pid 4525] ioctl(4, LOOP_CLR_FD [pid 344] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./206/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./206/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, [pid 4528] <... mkdir resumed>) = 0 [pid 4526] mkdir("./bus", 0777 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4528] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] close(4 [pid 4526] <... mkdir resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 344] rmdir("./206/bus" [pid 4526] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./206") = 0 [pid 344] mkdir("./207", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4527] <... mount resumed>) = 0 [pid 4527] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4527] chdir("./bus") = 0 [ 202.408390][ T4525] ext4 filesystem being mounted at /root/syzkaller.53SCZU/210/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4527] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4525] <... ioctl resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 4525] close(4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 4525] <... close resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4525] memfd_create("syzkaller", 0 [pid 344] close(3 [pid 4525] <... memfd_create resumed>) = 4 [pid 344] <... close resumed>) = 0 [pid 4525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4525] <... mmap resumed>) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4537 attached [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4537 [pid 4537] set_robust_list(0x555584fcf660, 24) = 0 [pid 4537] chdir("./207") = 0 [pid 4537] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4537] setpgid(0, 0) = 0 [pid 4537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4537] write(3, "1000", 4) = 4 [pid 4537] close(3) = 0 [pid 4537] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4537] write(1, "executing program\n", 18executing program ) = 18 [pid 4537] memfd_create("syzkaller", 0) = 3 [pid 4537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4537] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4537] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4528] <... mount resumed>) = 0 [pid 4528] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4528] chdir("./bus") = 0 [pid 4528] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4537] <... openat resumed>) = 4 [pid 4527] <... openat resumed>) = 4 [pid 4537] ioctl(4, LOOP_SET_FD, 3 [pid 4527] ioctl(4, LOOP_CLR_FD) = 0 [pid 4527] close(4 [pid 4537] <... ioctl resumed>) = 0 [pid 4527] <... close resumed>) = 0 [pid 4527] memfd_create("syzkaller", 0 [pid 4537] close(3 [pid 4527] <... memfd_create resumed>) = 4 [pid 4537] <... close resumed>) = 0 [pid 4527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4537] close(4 [pid 4527] <... mmap resumed>) = 0x7f7c475b3000 [pid 4537] <... close resumed>) = 0 [pid 4537] mkdir("./bus", 0777) = 0 [ 202.488324][ T4527] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/210/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4537] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4528] <... openat resumed>) = 4 [pid 4528] ioctl(4, LOOP_CLR_FD) = 0 [pid 4528] close(4) = 0 [pid 4528] memfd_create("syzkaller", 0) = 4 [pid 4528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4526] <... mount resumed>) = 0 [pid 4526] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4526] chdir("./bus") = 0 [pid 4526] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 202.534883][ T4528] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/210/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4526] ioctl(4, LOOP_CLR_FD) = 0 [pid 4526] close(4) = 0 [pid 4526] memfd_create("syzkaller", 0) = 4 [pid 4526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4537] <... mount resumed>) = 0 [pid 4537] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4537] chdir("./bus") = 0 [pid 4537] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4537] ioctl(4, LOOP_CLR_FD) = 0 [pid 4537] close(4) = 0 [pid 4537] memfd_create("syzkaller", 0) = 4 [pid 4537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 202.586400][ T4526] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/206/bus supports timestamps until (%ptR?) (0x7fffffff) [ 202.611205][ T4537] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/207/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4525] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4527] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4528] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4526] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4525] <... write resumed>) = 20699119 [pid 4525] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4525] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4525] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4525] ioctl(5, LOOP_CLR_FD) = 0 [pid 4525] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4525] close(5) = 0 [pid 4525] close(4 [pid 4537] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4528] <... write resumed>) = 20699119 [pid 4528] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4528] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4528] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4528] ioctl(5, LOOP_CLR_FD) = 0 [pid 4527] <... write resumed>) = 20699119 [pid 4527] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4528] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4528] close(5) = 0 [pid 4528] close(4 [pid 4527] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4527] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4527] ioctl(5, LOOP_CLR_FD) = 0 [pid 4525] <... close resumed>) = 0 [pid 4525] exit_group(0 [pid 4527] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4527] close(5) = 0 [pid 4525] <... exit_group resumed>) = ? [pid 4527] close(4 [pid 4526] <... write resumed>) = 20699119 [pid 4525] +++ exited with 0 +++ [pid 4526] munmap(0x7f7c475b3000, 138412032 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4525, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 4526] <... munmap resumed>) = 0 [pid 4526] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4526] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4526] ioctl(5, LOOP_CLR_FD) = 0 [pid 4526] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4526] close(5) = 0 [pid 4526] close(4 [pid 349] umount2("./210", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./210/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./210/binderfs") = 0 [pid 349] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4537] <... write resumed>) = 20699119 [pid 4537] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4537] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4526] <... close resumed>) = 0 [pid 4526] exit_group(0 [pid 4537] <... openat resumed>) = 5 [pid 4526] <... exit_group resumed>) = ? [pid 349] <... umount2 resumed>) = 0 [pid 4537] ioctl(5, LOOP_SET_FD, 4 [pid 4526] +++ exited with 0 +++ [pid 4537] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4526, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 4537] ioctl(5, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4537] <... ioctl resumed>) = 0 [pid 349] newfstatat(AT_FDCWD, "./210/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./206", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./210/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", [pid 342] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] newfstatat(3, "", [pid 349] getdents64(4, [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(3, [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 4537] ioctl(5, LOOP_SET_FD, 4 [pid 349] close(4 [pid 4537] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] umount2("./206/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4537] close(5 [pid 349] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4537] <... close resumed>) = 0 [pid 349] rmdir("./210/bus" [pid 342] newfstatat(AT_FDCWD, "./206/binderfs", [pid 4537] close(4 [pid 349] <... rmdir resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] getdents64(3, [pid 342] unlink("./206/binderfs" [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 342] <... unlink resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 342] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] rmdir("./210") = 0 [pid 349] mkdir("./211", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4528] <... close resumed>) = 0 [pid 4528] exit_group(0) = ? [pid 4528] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4528, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4527] <... close resumed>) = 0 [pid 4527] exit_group(0) = ? [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./210", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", [pid 4527] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4527, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./210/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./210/binderfs") = 0 [pid 343] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./210", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./210/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./210/binderfs") = 0 [pid 348] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4537] <... close resumed>) = 0 [pid 4537] exit_group(0) = ? [pid 4537] +++ exited with 0 +++ [pid 349] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4537, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 349] close(3 [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4545 [pid 342] newfstatat(AT_FDCWD, "./206/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./206/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./206/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./206/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./206") = 0 [pid 342] mkdir("./207", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 4545 attached [pid 4545] set_robust_list(0x555584fcf660, 24) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./207", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./207/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4545] chdir("./211") = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./207/binderfs") = 0 [pid 344] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4545] setpgid(0, 0) = 0 [pid 4545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4545] write(3, "1000", 4) = 4 [pid 4545] close(3) = 0 [pid 4545] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4545] write(1, "executing program\n", 18executing program ) = 18 [pid 4545] memfd_create("syzkaller", 0) = 3 [pid 4545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4545] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4545] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4545] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 348] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./210/bus", [pid 343] newfstatat(AT_FDCWD, "./210/bus", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./210/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./210/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 4 [pid 343] <... openat resumed>) = 4 [pid 348] newfstatat(4, "", [pid 343] newfstatat(4, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 343] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 343] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4 [pid 343] close(4 [pid 348] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 348] rmdir("./210/bus" [pid 343] rmdir("./210/bus" [pid 348] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 348] getdents64(3, [pid 343] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3 [pid 343] close(3 [pid 348] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 348] rmdir("./210" [pid 343] rmdir("./210" [pid 348] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 348] mkdir("./211", 0777 [pid 343] mkdir("./211", 0777 [pid 4545] <... openat resumed>) = 4 [pid 348] <... mkdir resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4545] ioctl(4, LOOP_SET_FD, 3 [pid 344] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] close(3 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./207/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./207/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... openat resumed>) = 4 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4 [pid 4545] <... ioctl resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 344] rmdir("./207/bus" [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4547 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] <... openat resumed>) = 3 [pid 344] close(3 [pid 343] <... openat resumed>) = 3 [pid 344] <... close resumed>) = 0 [pid 344] rmdir("./207") = 0 [pid 344] mkdir("./208", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4548 ./strace-static-x86_64: Process 4547 attached [pid 4547] set_robust_list(0x555584fcf660, 24) = 0 [pid 4547] chdir("./207" [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 343] close(3 [pid 348] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4548 attached [pid 4548] set_robust_list(0x555584fcf660, 24) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4549 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4550 [pid 4547] <... chdir resumed>) = 0 [pid 4548] chdir("./208" [pid 4547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4547] setpgid(0, 0./strace-static-x86_64: Process 4549 attached ) = 0 [pid 4548] <... chdir resumed>) = 0 [pid 4549] set_robust_list(0x555584fcf660, 24 [pid 4547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4548] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 4550 attached ) = 0 [pid 4549] <... set_robust_list resumed>) = 0 [pid 4548] setpgid(0, 0 [pid 4550] set_robust_list(0x555584fcf660, 24 [pid 4549] chdir("./211" [pid 4548] <... setpgid resumed>) = 0 [pid 4547] <... openat resumed>) = 3 [pid 4548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4550] <... set_robust_list resumed>) = 0 [pid 4550] chdir("./211" [pid 4549] <... chdir resumed>) = 0 [pid 4548] <... openat resumed>) = 3 [pid 4547] write(3, "1000", 4 [pid 4550] <... chdir resumed>) = 0 [pid 4549] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4547] <... write resumed>) = 4 [pid 4549] <... prctl resumed>) = 0 [pid 4550] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4547] close(3 [pid 4549] setpgid(0, 0 [pid 4550] <... prctl resumed>) = 0 [pid 4547] <... close resumed>) = 0 [pid 4550] setpgid(0, 0 [pid 4547] symlink("/dev/binderfs", "./binderfs" [pid 4549] <... setpgid resumed>) = 0 [pid 4545] close(3 [pid 4550] <... setpgid resumed>) = 0 [pid 4549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4547] <... symlink resumed>) = 0 [pid 4550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4548] write(3, "1000", 4 [pid 4545] <... close resumed>) = 0 executing program [pid 4550] <... openat resumed>) = 3 [pid 4549] <... openat resumed>) = 3 [pid 4548] <... write resumed>) = 4 [pid 4545] close(4 [pid 4550] write(3, "1000", 4 [pid 4549] write(3, "1000", 4 [pid 4548] close(3 [pid 4547] write(1, "executing program\n", 18 [pid 4550] <... write resumed>) = 4 [pid 4549] <... write resumed>) = 4 [pid 4548] <... close resumed>) = 0 [pid 4547] <... write resumed>) = 18 [pid 4550] close(3 [pid 4549] close(3 [pid 4548] symlink("/dev/binderfs", "./binderfs" [pid 4547] memfd_create("syzkaller", 0 [pid 4548] <... symlink resumed>) = 0 [pid 4550] <... close resumed>) = 0 [pid 4549] <... close resumed>) = 0 [pid 4547] <... memfd_create resumed>) = 3 [pid 4550] symlink("/dev/binderfs", "./binderfs" [pid 4549] symlink("/dev/binderfs", "./binderfs" [pid 4548] write(1, "executing program\n", 18 [pid 4547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 4550] <... symlink resumed>) = 0 executing program [pid 4550] write(1, "executing program\n", 18 [pid 4549] <... symlink resumed>) = 0 [pid 4548] <... write resumed>) = 18 [pid 4547] <... mmap resumed>) = 0x7f7c475b3000 [pid 4550] <... write resumed>) = 18 [pid 4549] write(1, "executing program\n", 18executing program [pid 4548] memfd_create("syzkaller", 0 [pid 4550] memfd_create("syzkaller", 0 [pid 4547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4550] <... memfd_create resumed>) = 3 [pid 4549] <... write resumed>) = 18 [pid 4548] <... memfd_create resumed>) = 3 [pid 4550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4549] memfd_create("syzkaller", 0 [pid 4548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4547] <... write resumed>) = 262144 [pid 4550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4549] <... memfd_create resumed>) = 3 [pid 4548] <... mmap resumed>) = 0x7f7c475b3000 [pid 4547] munmap(0x7f7c475b3000, 138412032 [pid 4550] <... write resumed>) = 262144 [pid 4549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4548] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4547] <... munmap resumed>) = 0 [pid 4550] munmap(0x7f7c475b3000, 138412032 [pid 4549] <... mmap resumed>) = 0x7f7c475b3000 [pid 4548] <... write resumed>) = 262144 [pid 4547] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4548] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4548] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4550] <... munmap resumed>) = 0 [pid 4550] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4549] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4549] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4545] <... close resumed>) = 0 [pid 4545] mkdir("./bus", 0777) = 0 [pid 4545] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4550] <... openat resumed>) = 4 [pid 4548] <... openat resumed>) = 4 [pid 4547] <... openat resumed>) = 4 [pid 4550] ioctl(4, LOOP_SET_FD, 3 [pid 4548] ioctl(4, LOOP_SET_FD, 3 [pid 4547] ioctl(4, LOOP_SET_FD, 3 [pid 4550] <... ioctl resumed>) = 0 [pid 4550] close(3) = 0 [pid 4550] close(4) = 0 [pid 4550] mkdir("./bus", 0777 [pid 4549] <... openat resumed>) = 4 [pid 4547] <... ioctl resumed>) = 0 [pid 4547] close(3) = 0 [pid 4547] close(4 [pid 4550] <... mkdir resumed>) = 0 [pid 4550] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4549] ioctl(4, LOOP_SET_FD, 3 [pid 4545] <... mount resumed>) = 0 [pid 4545] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4545] chdir("./bus") = 0 [pid 4545] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4547] <... close resumed>) = 0 [pid 4547] mkdir("./bus", 0777 [pid 4548] <... ioctl resumed>) = 0 [pid 4547] <... mkdir resumed>) = 0 [pid 4548] close(3 [pid 4547] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4548] <... close resumed>) = 0 [pid 4549] <... ioctl resumed>) = 0 [pid 4548] close(4 [pid 4545] <... openat resumed>) = 4 [pid 4549] close(3 [pid 4545] ioctl(4, LOOP_CLR_FD [pid 4549] <... close resumed>) = 0 [pid 4549] close(4 [pid 4550] <... mount resumed>) = 0 [pid 4550] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4550] chdir("./bus") = 0 [pid 4550] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4548] <... close resumed>) = 0 [pid 4548] mkdir("./bus", 0777 [pid 4545] <... ioctl resumed>) = 0 [pid 4548] <... mkdir resumed>) = 0 [pid 4545] close(4 [ 203.428634][ T4545] ext4 filesystem being mounted at /root/syzkaller.53SCZU/211/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4548] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4547] <... mount resumed>) = 0 [pid 4547] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4547] chdir("./bus") = 0 [ 203.488355][ T4550] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/211/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4547] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4549] <... close resumed>) = 0 [pid 4550] <... openat resumed>) = 4 [pid 4547] <... openat resumed>) = 4 [pid 4545] <... close resumed>) = 0 [pid 4550] ioctl(4, LOOP_CLR_FD [pid 4549] mkdir("./bus", 0777 [pid 4547] ioctl(4, LOOP_CLR_FD [pid 4545] memfd_create("syzkaller", 0 [pid 4550] <... ioctl resumed>) = 0 [pid 4549] <... mkdir resumed>) = 0 [pid 4547] <... ioctl resumed>) = 0 [pid 4545] <... memfd_create resumed>) = 4 [pid 4550] close(4 [pid 4549] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4547] close(4 [pid 4545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4550] <... close resumed>) = 0 [pid 4547] <... close resumed>) = 0 [pid 4545] <... mmap resumed>) = 0x7f7c475b3000 [pid 4550] memfd_create("syzkaller", 0 [pid 4547] memfd_create("syzkaller", 0 [pid 4550] <... memfd_create resumed>) = 4 [pid 4547] <... memfd_create resumed>) = 4 [pid 4550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4550] <... mmap resumed>) = 0x7f7c475b3000 [pid 4547] <... mmap resumed>) = 0x7f7c475b3000 [ 203.528515][ T4547] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/207/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4549] <... mount resumed>) = 0 [pid 4549] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4549] chdir("./bus") = 0 [pid 4549] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4549] ioctl(4, LOOP_CLR_FD) = 0 [pid 4549] close(4) = 0 [pid 4549] memfd_create("syzkaller", 0) = 4 [pid 4549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4548] <... mount resumed>) = 0 [pid 4548] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4548] chdir("./bus") = 0 [pid 4548] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4548] ioctl(4, LOOP_CLR_FD) = 0 [pid 4548] close(4) = 0 [pid 4548] memfd_create("syzkaller", 0) = 4 [pid 4548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 203.617622][ T4549] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/211/bus supports timestamps until (%ptR?) (0x7fffffff) [ 203.630762][ T4548] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/208/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4545] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4547] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4550] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4549] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4548] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4545] <... write resumed>) = 20699119 [pid 4545] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4549] <... write resumed>) = 20699119 [pid 4545] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4549] munmap(0x7f7c475b3000, 138412032 [pid 4545] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4545] ioctl(5, LOOP_CLR_FD) = 0 [pid 4549] <... munmap resumed>) = 0 [pid 4545] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4545] close(5 [pid 4549] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4545] <... close resumed>) = 0 [pid 4545] close(4 [pid 4549] <... openat resumed>) = 5 [pid 4549] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4549] ioctl(5, LOOP_CLR_FD) = 0 [pid 4550] <... write resumed>) = 20699119 [pid 4550] munmap(0x7f7c475b3000, 138412032 [pid 4549] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4549] close(5) = 0 [pid 4547] <... write resumed>) = 20699119 [pid 4547] munmap(0x7f7c475b3000, 138412032 [pid 4549] close(4 [pid 4547] <... munmap resumed>) = 0 [pid 4547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4547] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4547] ioctl(5, LOOP_CLR_FD) = 0 [pid 4548] <... write resumed>) = 20699119 [pid 4548] munmap(0x7f7c475b3000, 138412032 [pid 4547] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4547] close(5) = 0 [pid 4547] close(4 [pid 4548] <... munmap resumed>) = 0 [pid 4548] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4548] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4548] ioctl(5, LOOP_CLR_FD) = 0 [pid 4548] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4548] close(5) = 0 [pid 4548] close(4 [pid 4550] <... munmap resumed>) = 0 [pid 4550] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4550] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4550] ioctl(5, LOOP_CLR_FD) = 0 [pid 4550] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4550] close(5) = 0 [pid 4550] close(4 [pid 4547] <... close resumed>) = 0 [pid 4548] <... close resumed>) = 0 [pid 4548] exit_group(0) = ? [pid 4548] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4548, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4545] <... close resumed>) = 0 [pid 4545] exit_group(0) = ? [pid 4545] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4545, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4547] exit_group(0) = ? [pid 4547] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4547, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 349] umount2("./211", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] umount2("./208", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 3 [pid 344] openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(3, "", [pid 344] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] newfstatat(3, "", [pid 349] getdents64(3, [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] getdents64(3, [pid 349] umount2("./211/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./208/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] newfstatat(AT_FDCWD, "./211/binderfs", [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] newfstatat(AT_FDCWD, "./208/binderfs", [pid 349] unlink("./211/binderfs" [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... unlink resumed>) = 0 [pid 344] unlink("./208/binderfs" [pid 349] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... unlink resumed>) = 0 [pid 344] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./207", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./207/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./207/binderfs") = 0 [pid 342] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4549] <... close resumed>) = 0 [pid 4549] exit_group(0) = ? [pid 4549] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4549, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4550] <... close resumed>) = 0 [pid 4550] exit_group(0) = ? [pid 4550] +++ exited with 0 +++ [pid 348] <... restart_syscall resumed>) = 0 [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4550, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 348] umount2("./211", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./211/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./211/binderfs") = 0 [pid 348] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./208/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./208/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./208/bus") = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 343] umount2("./211", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... close resumed>) = 0 [pid 344] rmdir("./208") = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] mkdir("./209", 0777 [pid 343] openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... mkdir resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./211/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./211/binderfs") = 0 [pid 343] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 349] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./211/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./211/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] getdents64(4, [pid 344] ioctl(3, LOOP_CLR_FD [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./211/bus") = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./211") = 0 [pid 348] <... umount2 resumed>) = 0 [pid 342] newfstatat(AT_FDCWD, "./207/bus", [pid 349] mkdir("./212", 0777) = 0 [pid 348] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./207/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] newfstatat(AT_FDCWD, "./211/bus", [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] openat(AT_FDCWD, "./207/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(4, "", [pid 348] openat(AT_FDCWD, "./211/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... openat resumed>) = 4 [pid 342] getdents64(4, [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 342] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] getdents64(4, [pid 342] close(4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4 [pid 342] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 342] rmdir("./207/bus" [pid 348] rmdir("./211/bus" [pid 342] <... rmdir resumed>) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 342] getdents64(3, [pid 348] getdents64(3, [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3 [pid 348] close(3 [pid 342] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 342] rmdir("./207" [pid 348] rmdir("./211" [pid 342] <... rmdir resumed>) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 342] mkdir("./208", 0777 [pid 348] mkdir("./212", 0777 [pid 342] <... mkdir resumed>) = 0 [pid 348] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] close(3 [pid 343] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... openat resumed>) = 3 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... close resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 342] close(3 [pid 349] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4565 attached [pid 348] close(3 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 4566 attached [pid 4565] set_robust_list(0x555584fcf660, 24 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4565 [pid 348] <... close resumed>) = 0 [pid 4566] set_robust_list(0x555584fcf660, 24 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4566 [pid 4566] <... set_robust_list resumed>) = 0 [pid 4565] <... set_robust_list resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] newfstatat(AT_FDCWD, "./211/bus", [pid 4566] chdir("./208") = 0 [pid 4566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4567 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4568 [pid 343] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4565] chdir("./212" [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4565] <... chdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "./211/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4566] setpgid(0, 0 [pid 4565] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] <... openat resumed>) = 4 [pid 4566] <... setpgid resumed>) = 0 [pid 4565] <... prctl resumed>) = 0 [pid 343] newfstatat(4, "", [pid 4566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4565] setpgid(0, 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4566] <... openat resumed>) = 3 [pid 4565] <... setpgid resumed>) = 0 [pid 343] getdents64(4, [pid 4566] write(3, "1000", 4) = 4 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4566] close(3 [pid 343] getdents64(4, [pid 4565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4566] <... close resumed>) = 0 [pid 343] close(4) = 0 [pid 4565] <... openat resumed>) = 3 [pid 343] rmdir("./211/bus" [pid 4566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4565] write(3, "1000", 4 executing program [pid 343] <... rmdir resumed>) = 0 [pid 4566] write(1, "executing program\n", 18 [pid 343] getdents64(3, [pid 4565] <... write resumed>) = 4 [pid 4566] <... write resumed>) = 18 [pid 4565] close(3 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4566] memfd_create("syzkaller", 0 [pid 4565] <... close resumed>) = 0 [pid 343] close(3 [pid 4566] <... memfd_create resumed>) = 3 [pid 4565] symlink("/dev/binderfs", "./binderfs" [pid 343] <... close resumed>) = 0 [pid 4566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] rmdir("./211"./strace-static-x86_64: Process 4568 attached [pid 4566] <... mmap resumed>) = 0x7f7c475b3000 executing program [pid 4568] set_robust_list(0x555584fcf660, 24 [pid 4566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4565] <... symlink resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 4568] <... set_robust_list resumed>) = 0 [pid 4566] <... write resumed>) = 262144 [pid 4565] write(1, "executing program\n", 18 [pid 343] mkdir("./212", 0777 [pid 4568] chdir("./212"./strace-static-x86_64: Process 4567 attached ) = 0 [pid 4568] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4567] set_robust_list(0x555584fcf660, 24 [pid 343] <... mkdir resumed>) = 0 [pid 4565] <... write resumed>) = 18 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4568] <... prctl resumed>) = 0 [pid 4567] <... set_robust_list resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 4568] setpgid(0, 0 [pid 4567] chdir("./209" [pid 4565] memfd_create("syzkaller", 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4568] <... setpgid resumed>) = 0 [pid 4567] <... chdir resumed>) = 0 [pid 4566] munmap(0x7f7c475b3000, 138412032 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4565] <... memfd_create resumed>) = 3 [pid 343] close(3 [pid 4568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4567] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4566] <... munmap resumed>) = 0 [pid 4565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] <... close resumed>) = 0 executing program [pid 4568] <... openat resumed>) = 3 [pid 4567] <... prctl resumed>) = 0 [pid 4566] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4565] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4568] write(3, "1000", 4 [pid 4567] setpgid(0, 0 [pid 4566] <... openat resumed>) = 4 [pid 4568] <... write resumed>) = 4 [pid 4567] <... setpgid resumed>) = 0 [pid 4566] ioctl(4, LOOP_SET_FD, 3 [pid 4568] close(3 [pid 4567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4568] <... close resumed>) = 0 [pid 4567] <... openat resumed>) = 3 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4569 [pid 4568] symlink("/dev/binderfs", "./binderfs" [pid 4567] write(3, "1000", 4 [pid 4568] <... symlink resumed>) = 0 [pid 4567] <... write resumed>) = 4 [pid 4568] write(1, "executing program\n", 18 [pid 4567] close(3 [pid 4568] <... write resumed>) = 18 [pid 4567] <... close resumed>) = 0 [pid 4568] memfd_create("syzkaller", 0 [pid 4567] symlink("/dev/binderfs", "./binderfs"executing program [pid 4568] <... memfd_create resumed>) = 3 [pid 4567] <... symlink resumed>) = 0 [pid 4565] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4567] write(1, "executing program\n", 18 [pid 4568] <... mmap resumed>) = 0x7f7c475b3000 [pid 4567] <... write resumed>) = 18 [pid 4568] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4567] memfd_create("syzkaller", 0 [pid 4565] <... write resumed>) = 262144 [pid 4568] <... write resumed>) = 262144 [pid 4567] <... memfd_create resumed>) = 3 [pid 4565] munmap(0x7f7c475b3000, 138412032 [pid 4567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4569 attached [pid 4568] munmap(0x7f7c475b3000, 138412032 [pid 4567] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4565] <... munmap resumed>) = 0 [pid 4567] <... write resumed>) = 262144 [pid 4567] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4566] <... ioctl resumed>) = 0 [pid 4565] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4567] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4565] <... openat resumed>) = 4 [pid 4567] ioctl(4, LOOP_SET_FD, 3 [pid 4569] set_robust_list(0x555584fcf660, 24 [pid 4568] <... munmap resumed>) = 0 [pid 4566] close(3 [pid 4565] ioctl(4, LOOP_SET_FD, 3 [pid 4566] <... close resumed>) = 0 [pid 4566] close(4 [pid 4568] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4567] <... ioctl resumed>) = 0 [pid 4567] close(3 [pid 4569] <... set_robust_list resumed>) = 0 [pid 4565] <... ioctl resumed>) = 0 [pid 4569] chdir("./212" [pid 4566] <... close resumed>) = 0 [pid 4565] close(3 [pid 4569] <... chdir resumed>) = 0 [pid 4568] <... openat resumed>) = 4 [pid 4566] mkdir("./bus", 0777 [pid 4567] <... close resumed>) = 0 [pid 4567] close(4) = 0 [pid 4567] mkdir("./bus", 0777) = 0 [pid 4567] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4569] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4565] <... close resumed>) = 0 [pid 4566] <... mkdir resumed>) = 0 [pid 4565] close(4 [pid 4569] <... prctl resumed>) = 0 [pid 4568] ioctl(4, LOOP_SET_FD, 3 [pid 4566] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4569] setpgid(0, 0) = 0 [pid 4569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4569] write(3, "1000", 4) = 4 [pid 4569] close(3) = 0 [pid 4569] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4569] write(1, "executing program\n", 18executing program ) = 18 [pid 4569] memfd_create("syzkaller", 0) = 3 [pid 4569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4569] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4567] <... mount resumed>) = 0 [pid 4567] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4567] chdir("./bus") = 0 [pid 4567] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4569] <... write resumed>) = 262144 [pid 4569] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4569] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4565] <... close resumed>) = 0 [pid 4565] mkdir("./bus", 0777 [pid 4568] <... ioctl resumed>) = 0 [pid 4567] <... openat resumed>) = 4 [pid 4565] <... mkdir resumed>) = 0 [pid 4568] close(3) = 0 [pid 4568] close(4) = 0 [pid 4568] mkdir("./bus", 0777) = 0 [pid 4568] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4567] ioctl(4, LOOP_CLR_FD [pid 4565] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4568] <... mount resumed>) = 0 [pid 4568] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4568] chdir("./bus") = 0 [pid 4568] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4569] <... openat resumed>) = 4 [pid 4567] <... ioctl resumed>) = 0 [pid 4569] ioctl(4, LOOP_SET_FD, 3 [pid 4567] close(4 [pid 4569] <... ioctl resumed>) = 0 [pid 4567] <... close resumed>) = 0 [pid 4569] close(3) = 0 [pid 4569] close(4) = 0 [pid 4569] mkdir("./bus", 0777 [pid 4567] memfd_create("syzkaller", 0 [pid 4569] <... mkdir resumed>) = 0 [pid 4567] <... memfd_create resumed>) = 4 [pid 4569] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4568] <... openat resumed>) = 4 [pid 4568] ioctl(4, LOOP_CLR_FD) = 0 [pid 4568] close(4) = 0 [pid 4568] memfd_create("syzkaller", 0) = 4 [pid 4568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 204.479659][ T4567] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/209/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4569] <... mount resumed>) = 0 [pid 4569] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4569] chdir("./bus") = 0 [pid 4569] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4569] ioctl(4, LOOP_CLR_FD) = 0 [pid 4569] close(4) = 0 [ 204.538369][ T4568] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/212/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4569] memfd_create("syzkaller", 0) = 4 [pid 4569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4566] <... mount resumed>) = 0 [pid 4565] <... mount resumed>) = 0 [pid 4566] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4565] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4566] chdir("./bus") = 0 [pid 4565] <... openat resumed>) = 3 [pid 4566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4565] chdir("./bus" [pid 4566] ioctl(4, LOOP_CLR_FD) = 0 [pid 4565] <... chdir resumed>) = 0 [pid 4566] close(4) = 0 [pid 4566] memfd_create("syzkaller", 0) = 4 [pid 4565] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4565] <... openat resumed>) = 4 [pid 4565] ioctl(4, LOOP_CLR_FD) = 0 [pid 4565] close(4) = 0 [pid 4565] memfd_create("syzkaller", 0) = 4 [pid 4565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 204.590680][ T4566] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/208/bus supports timestamps until (%ptR?) (0x7fffffff) [ 204.606038][ T4569] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/212/bus supports timestamps until (%ptR?) (0x7fffffff) [ 204.619350][ T4565] ext4 filesystem being mounted at /root/syzkaller.53SCZU/212/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4568] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4567] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4569] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4566] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4565] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4567] <... write resumed>) = 20699119 [pid 4567] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4567] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4567] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4567] ioctl(5, LOOP_CLR_FD) = 0 [pid 4568] <... write resumed>) = 20699119 [pid 4568] munmap(0x7f7c475b3000, 138412032 [pid 4567] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4567] close(5) = 0 [pid 4568] <... munmap resumed>) = 0 [pid 4568] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4568] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4568] ioctl(5, LOOP_CLR_FD) = 0 [pid 4568] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4568] close(5) = 0 [pid 4568] close(4 [pid 4567] close(4 [pid 4566] <... write resumed>) = 20699119 [pid 4566] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4566] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4566] ioctl(5, LOOP_CLR_FD) = 0 [pid 4566] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4566] close(5) = 0 [pid 4566] close(4 [pid 4569] <... write resumed>) = 20699119 [pid 4569] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4569] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4569] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4569] ioctl(5, LOOP_CLR_FD) = 0 [pid 4569] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4569] close(5 [pid 4568] <... close resumed>) = 0 [pid 4569] <... close resumed>) = 0 [pid 4569] close(4 [pid 4568] exit_group(0) = ? [pid 4568] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4568, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4567] <... close resumed>) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 4567] exit_group(0) = ? [pid 4567] +++ exited with 0 +++ [pid 348] umount2("./212", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4567, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./212/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./212/binderfs") = 0 [pid 348] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4566] <... close resumed>) = 0 [pid 4565] <... write resumed>) = 20699119 [pid 4566] exit_group(0 [pid 4565] munmap(0x7f7c475b3000, 138412032 [pid 4566] <... exit_group resumed>) = ? [pid 4566] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4566, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 344] umount2("./209", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./209/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./209/binderfs") = 0 [pid 344] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4565] <... munmap resumed>) = 0 [pid 4565] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./208", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./208/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./208/binderfs") = 0 [pid 342] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4569] <... close resumed>) = 0 [pid 4569] exit_group(0) = ? [pid 4569] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4569, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./212", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./212/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./212/binderfs") = 0 [pid 343] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./212/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./212/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./212/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./212") = 0 [pid 348] mkdir("./213", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4565] <... openat resumed>) = 5 [pid 4565] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4565] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./209/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./209/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4565] ioctl(5, LOOP_SET_FD, 4 [pid 344] newfstatat(4, "", [pid 4565] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4565] close(5 [pid 344] getdents64(4, [pid 4565] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4565] close(4 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./209/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./209") = 0 [pid 344] mkdir("./210", 0777 [pid 348] <... openat resumed>) = 3 [pid 344] <... mkdir resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 342] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] <... openat resumed>) = 3 [pid 343] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./208/bus", [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4585 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] close(3 [pid 343] newfstatat(AT_FDCWD, "./212/bus", [pid 342] umount2("./208/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... close resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] openat(AT_FDCWD, "./208/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4586 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] openat(AT_FDCWD, "./212/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... openat resumed>) = 4 [pid 342] getdents64(4, [pid 343] newfstatat(4, "", [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] close(4 [pid 343] getdents64(4, [pid 342] <... close resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] rmdir("./208/bus" [pid 343] getdents64(4, [pid 342] <... rmdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] getdents64(3, [pid 343] close(4 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... close resumed>) = 0 [pid 342] close(3 [pid 343] rmdir("./212/bus" [pid 342] <... close resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 342] rmdir("./208") = 0 [pid 343] getdents64(3, [pid 342] mkdir("./209", 0777) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./212" [pid 342] <... openat resumed>) = 3 [pid 343] <... rmdir resumed>) = 0 [pid 342] ioctl(3, LOOP_CLR_FD [pid 343] mkdir("./213", 0777 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... mkdir resumed>) = 0 [pid 342] close(3 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] <... close resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4587 [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4586 attached [pid 4586] set_robust_list(0x555584fcf660, 24 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4588 [pid 4586] <... set_robust_list resumed>) = 0 [pid 4586] chdir("./213") = 0 [pid 4586] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4586] setpgid(0, 0) = 0 [pid 4586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4586] write(3, "1000", 4) = 4 [pid 4586] close(3) = 0 [pid 4586] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 4588 attached ./strace-static-x86_64: Process 4585 attached executing program [pid 4586] write(1, "executing program\n", 18) = 18 [pid 4586] memfd_create("syzkaller", 0) = 3 [pid 4586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4588] set_robust_list(0x555584fcf660, 24 [pid 4585] set_robust_list(0x555584fcf660, 24 [pid 4588] <... set_robust_list resumed>) = 0 [pid 4585] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 4587 attached [pid 4588] chdir("./213" [pid 4585] chdir("./210" [pid 4588] <... chdir resumed>) = 0 [pid 4588] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4585] <... chdir resumed>) = 0 [pid 4588] <... prctl resumed>) = 0 [pid 4585] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4588] setpgid(0, 0 [pid 4585] <... prctl resumed>) = 0 [pid 4588] <... setpgid resumed>) = 0 [pid 4585] setpgid(0, 0 [pid 4588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4585] <... setpgid resumed>) = 0 [pid 4588] <... openat resumed>) = 3 [pid 4588] write(3, "1000", 4 [pid 4585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4588] <... write resumed>) = 4 [pid 4588] close(3 [pid 4585] <... openat resumed>) = 3 [pid 4588] <... close resumed>) = 0 [pid 4585] write(3, "1000", 4 [pid 4588] symlink("/dev/binderfs", "./binderfs" [pid 4585] <... write resumed>) = 4 executing program [pid 4587] set_robust_list(0x555584fcf660, 24 [pid 4588] <... symlink resumed>) = 0 [pid 4585] close(3 [pid 4588] write(1, "executing program\n", 18 [pid 4585] <... close resumed>) = 0 [pid 4588] <... write resumed>) = 18 [pid 4585] symlink("/dev/binderfs", "./binderfs" [pid 4588] memfd_create("syzkaller", 0 [pid 4587] <... set_robust_list resumed>) = 0 executing program [pid 4587] chdir("./209" [pid 4585] <... symlink resumed>) = 0 [pid 4588] <... memfd_create resumed>) = 3 [pid 4585] write(1, "executing program\n", 18 [pid 4588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4585] <... write resumed>) = 18 [pid 4588] <... mmap resumed>) = 0x7f7c475b3000 [pid 4585] memfd_create("syzkaller", 0 [pid 4587] <... chdir resumed>) = 0 [pid 4587] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4587] setpgid(0, 0 [pid 4585] <... memfd_create resumed>) = 3 [pid 4585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4587] <... setpgid resumed>) = 0 [pid 4586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4586] <... write resumed>) = 262144 [pid 4587] <... openat resumed>) = 3 [pid 4585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4587] write(3, "1000", 4) = 4 [pid 4587] close(3) = 0 [pid 4587] symlink("/dev/binderfs", "./binderfs" [pid 4588] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4585] <... write resumed>) = 262144 [pid 4587] <... symlink resumed>) = 0 [pid 4587] write(1, "executing program\n", 18 [pid 4588] <... write resumed>) = 262144 [pid 4585] munmap(0x7f7c475b3000, 138412032executing program [pid 4587] <... write resumed>) = 18 [pid 4587] memfd_create("syzkaller", 0) = 3 [pid 4588] munmap(0x7f7c475b3000, 138412032 [pid 4585] <... munmap resumed>) = 0 [pid 4587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4586] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4586] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4585] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4588] <... munmap resumed>) = 0 [pid 4585] <... openat resumed>) = 4 [pid 4588] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4586] <... openat resumed>) = 4 [pid 4586] ioctl(4, LOOP_SET_FD, 3 [pid 4585] ioctl(4, LOOP_SET_FD, 3 [pid 4587] <... write resumed>) = 262144 [pid 4588] <... openat resumed>) = 4 [pid 4588] ioctl(4, LOOP_SET_FD, 3 [pid 4586] <... ioctl resumed>) = 0 [pid 4587] munmap(0x7f7c475b3000, 138412032 [pid 4585] <... ioctl resumed>) = 0 [pid 4585] close(3) = 0 [pid 4585] close(4) = 0 [pid 4588] <... ioctl resumed>) = 0 [pid 4588] close(3 [pid 4586] close(3 [pid 4585] mkdir("./bus", 0777 [pid 4588] <... close resumed>) = 0 [pid 4585] <... mkdir resumed>) = 0 [pid 4588] close(4 [pid 4586] <... close resumed>) = 0 [pid 4585] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4587] <... munmap resumed>) = 0 [pid 4586] close(4 [pid 4587] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4565] <... close resumed>) = 0 [pid 4565] exit_group(0) = ? [pid 4565] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4565, si_uid=0, si_status=0, si_utime=8, si_stime=10} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./212", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./212/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./212/binderfs") = 0 [pid 4588] <... close resumed>) = 0 [pid 4588] mkdir("./bus", 0777 [pid 349] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4586] <... close resumed>) = 0 [pid 4586] mkdir("./bus", 0777) = 0 [pid 4586] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4588] <... mkdir resumed>) = 0 [pid 4588] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4585] <... mount resumed>) = 0 [pid 4585] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4585] chdir("./bus") = 0 [pid 4585] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4587] <... openat resumed>) = 4 [pid 4587] ioctl(4, LOOP_SET_FD, 3 [pid 4585] <... openat resumed>) = 4 [pid 4585] ioctl(4, LOOP_CLR_FD [pid 4587] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 4587] close(3 [pid 349] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4587] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4587] close(4 [pid 349] newfstatat(AT_FDCWD, "./212/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./212/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./212/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./212") = 0 [pid 349] mkdir("./213", 0777) = 0 [ 205.378601][ T4585] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/210/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4586] <... mount resumed>) = 0 [pid 4586] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4586] chdir("./bus") = 0 [pid 4586] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4588] <... mount resumed>) = 0 [pid 4588] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4588] chdir("./bus") = 0 [pid 4588] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4587] <... close resumed>) = 0 [pid 4585] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 4585] close(4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4585] <... close resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4587] mkdir("./bus", 0777 [pid 4586] <... openat resumed>) = 4 [pid 4585] memfd_create("syzkaller", 0 [pid 349] close(3 [pid 4585] <... memfd_create resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 4585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4587] <... mkdir resumed>) = 0 [pid 4586] ioctl(4, LOOP_CLR_FD [pid 4585] <... mmap resumed>) = 0x7f7c475b3000 [pid 4587] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4586] <... ioctl resumed>) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4599 [pid 4586] close(4./strace-static-x86_64: Process 4599 attached [pid 4599] set_robust_list(0x555584fcf660, 24) = 0 [pid 4599] chdir("./213") = 0 [pid 4599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4599] setpgid(0, 0) = 0 [pid 4599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4599] write(3, "1000", 4) = 4 [pid 4599] close(3) = 0 [pid 4599] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4599] write(1, "executing program\n", 18executing program ) = 18 [pid 4599] memfd_create("syzkaller", 0) = 3 [pid 4599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4599] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4599] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4599] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4586] <... close resumed>) = 0 [pid 4586] memfd_create("syzkaller", 0) = 4 [pid 4586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4588] <... openat resumed>) = 4 [pid 4588] ioctl(4, LOOP_CLR_FD) = 0 [pid 4588] close(4) = 0 [pid 4588] memfd_create("syzkaller", 0) = 4 [pid 4588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4599] <... openat resumed>) = 4 [ 205.478329][ T4586] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/213/bus supports timestamps until (%ptR?) (0x7fffffff) [ 205.492252][ T4588] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/213/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4599] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4599] close(3) = 0 [pid 4599] close(4 [pid 4587] <... mount resumed>) = 0 [pid 4587] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4587] chdir("./bus") = 0 [pid 4587] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4599] <... close resumed>) = 0 [pid 4599] mkdir("./bus", 0777) = 0 [pid 4599] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4587] <... openat resumed>) = 4 [pid 4587] ioctl(4, LOOP_CLR_FD) = 0 [pid 4587] close(4) = 0 [pid 4587] memfd_create("syzkaller", 0) = 4 [pid 4587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4585] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4599] <... mount resumed>) = 0 [pid 4599] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4599] chdir("./bus") = 0 [pid 4599] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4599] ioctl(4, LOOP_CLR_FD) = 0 [pid 4599] close(4) = 0 [pid 4599] memfd_create("syzkaller", 0) = 4 [pid 4599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 205.607466][ T4587] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/209/bus supports timestamps until (%ptR?) (0x7fffffff) [ 205.663407][ T4599] ext4 filesystem being mounted at /root/syzkaller.53SCZU/213/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4588] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4585] <... write resumed>) = 20699119 [pid 4585] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4585] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4585] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4585] ioctl(5, LOOP_CLR_FD) = 0 [pid 4585] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4585] close(5) = 0 [pid 4585] close(4 [pid 4586] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4587] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4599] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4585] <... close resumed>) = 0 [pid 4585] exit_group(0) = ? [pid 4585] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4585, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4588] <... write resumed>) = 20699119 [pid 4588] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4588] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4588] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4588] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./210", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4588] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4588] close(5 [pid 344] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", [pid 4588] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4588] close(4 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./210/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./210/binderfs") = 0 [pid 344] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4586] <... write resumed>) = 20699119 [pid 4586] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4586] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 4586] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4586] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./210/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4586] ioctl(5, LOOP_SET_FD, 4 [pid 344] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4586] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4586] close(5) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4586] close(4 [pid 344] openat(AT_FDCWD, "./210/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./210/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./210") = 0 [pid 344] mkdir("./211", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4605 ./strace-static-x86_64: Process 4605 attached [pid 4605] set_robust_list(0x555584fcf660, 24) = 0 [pid 4605] chdir("./211") = 0 [pid 4605] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4605] setpgid(0, 0) = 0 [pid 4605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4588] <... close resumed>) = 0 [pid 4588] exit_group(0) = ? [pid 4605] write(3, "1000", 4) = 4 [pid 4605] close(3) = 0 [pid 4605] symlink("/dev/binderfs", "./binderfs" [pid 4588] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4588, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 4605] <... symlink resumed>) = 0 [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 4605] write(1, "executing program\n", 18executing program ) = 18 [pid 4605] memfd_create("syzkaller", 0 [pid 343] umount2("./213", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4605] <... memfd_create resumed>) = 3 [pid 343] openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] newfstatat(3, "", [pid 4605] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4605] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 4605] <... write resumed>) = 262144 [pid 343] umount2("./213/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4605] munmap(0x7f7c475b3000, 138412032 [pid 343] newfstatat(AT_FDCWD, "./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./213/binderfs") = 0 [pid 343] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4605] <... munmap resumed>) = 0 [pid 4605] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4587] <... write resumed>) = 20699119 [pid 4599] <... write resumed>) = 20699119 [pid 4587] munmap(0x7f7c475b3000, 138412032 [pid 4599] munmap(0x7f7c475b3000, 138412032 [pid 4586] <... close resumed>) = 0 [pid 4586] exit_group(0) = ? [pid 4599] <... munmap resumed>) = 0 [pid 4599] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4586] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4586, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4587] <... munmap resumed>) = 0 [pid 4587] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4605] <... openat resumed>) = 4 [pid 4599] <... openat resumed>) = 5 [pid 4587] <... openat resumed>) = 5 [pid 348] <... restart_syscall resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 4605] ioctl(4, LOOP_SET_FD, 3 [pid 343] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./213", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./213/bus", [pid 348] openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... openat resumed>) = 3 [pid 343] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] newfstatat(3, "", [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] openat(AT_FDCWD, "./213/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] getdents64(3, [pid 343] <... openat resumed>) = 4 [pid 4605] <... ioctl resumed>) = 0 [pid 4599] ioctl(5, LOOP_SET_FD, 4 [pid 4587] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] newfstatat(4, "", [pid 4599] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4587] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] umount2("./213/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] getdents64(4, [pid 348] newfstatat(AT_FDCWD, "./213/binderfs", [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4605] close(3 [pid 4599] ioctl(5, LOOP_CLR_FD [pid 4587] ioctl(5, LOOP_CLR_FD [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] getdents64(4, [pid 4605] <... close resumed>) = 0 [pid 4599] <... ioctl resumed>) = 0 [pid 4605] close(4 [pid 4587] <... ioctl resumed>) = 0 [pid 4605] <... close resumed>) = 0 [pid 348] unlink("./213/binderfs" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4605] mkdir("./bus", 0777 [pid 348] <... unlink resumed>) = 0 [pid 343] close(4 [pid 4605] <... mkdir resumed>) = 0 [pid 348] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = 0 [pid 4605] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] rmdir("./213/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./213") = 0 [pid 343] mkdir("./214", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 4599] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4599] close(5 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4587] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4607 [pid 4587] close(5./strace-static-x86_64: Process 4607 attached [pid 4607] set_robust_list(0x555584fcf660, 24) = 0 [pid 4607] chdir("./214") = 0 [pid 4607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4607] setpgid(0, 0) = 0 [pid 4607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4607] write(3, "1000", 4) = 4 [pid 4607] close(3) = 0 [pid 4607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4607] write(1, "executing program\n", 18executing program ) = 18 [pid 4607] memfd_create("syzkaller", 0) = 3 [pid 4607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4607] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4607] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4607] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4599] <... close resumed>) = 0 [pid 4587] <... close resumed>) = 0 [pid 4599] close(4 [pid 4587] close(4 [pid 4599] <... close resumed>) = 0 [pid 4599] exit_group(0) = ? [pid 4599] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4599, si_uid=0, si_status=0, si_utime=4, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4587] <... close resumed>) = 0 [pid 4587] exit_group(0) = ? [pid 4587] +++ exited with 0 +++ [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./213", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4587, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] umount2("./213/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./213/binderfs") = 0 [pid 349] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./209", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./209/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./209/binderfs") = 0 [pid 342] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4607] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 4607] ioctl(4, LOOP_SET_FD, 3 [pid 348] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./213/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./213/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./213/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./213") = 0 [pid 348] mkdir("./214", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4605] <... mount resumed>) = 0 [pid 4605] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4605] chdir("./bus") = 0 [pid 4605] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4607] <... ioctl resumed>) = 0 [pid 4607] close(3) = 0 [pid 4607] close(4 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./209/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./209/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./209/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./209/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./209") = 0 [pid 342] mkdir("./210", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 4605] <... openat resumed>) = 4 [ 206.228256][ T4605] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/211/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4605] ioctl(4, LOOP_CLR_FD [pid 4607] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 4607] mkdir("./bus", 0777) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 4607] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./213/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./213/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./213/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./213") = 0 [pid 349] mkdir("./214", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4605] <... ioctl resumed>) = 0 [pid 4605] close(4) = 0 [pid 4605] memfd_create("syzkaller", 0) = 4 [pid 4605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] <... openat resumed>) = 3 [pid 348] <... close resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4611 [pid 342] close(3 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4612 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4613 ./strace-static-x86_64: Process 4613 attached [pid 4613] set_robust_list(0x555584fcf660, 24) = 0 [pid 4613] chdir("./210") = 0 [pid 4613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4613] setpgid(0, 0) = 0 [pid 4613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4613] write(3, "1000", 4) = 4 [pid 4613] close(3) = 0 [pid 4613] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4613] write(1, "executing program\n", 18) = 18 ./strace-static-x86_64: Process 4612 attached [pid 4613] memfd_create("syzkaller", 0 [pid 4612] set_robust_list(0x555584fcf660, 24) = 0 [pid 4612] chdir("./214" [pid 4613] <... memfd_create resumed>) = 3 [pid 4613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4612] <... chdir resumed>) = 0 [pid 4613] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 4611 attached [pid 4612] setpgid(0, 0 [pid 4611] set_robust_list(0x555584fcf660, 24 [pid 4612] <... setpgid resumed>) = 0 [pid 4612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4611] <... set_robust_list resumed>) = 0 [pid 4611] chdir("./214" [pid 4612] <... openat resumed>) = 3 [pid 4611] <... chdir resumed>) = 0 [pid 4611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4611] setpgid(0, 0) = 0 [pid 4612] write(3, "1000", 4 [pid 4611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4612] <... write resumed>) = 4 [pid 4612] close(3) = 0 [pid 4612] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4611] <... openat resumed>) = 3 [pid 4611] write(3, "1000", 4) = 4 [pid 4611] close(3) = 0 [pid 4611] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4612] write(1, "executing program\n", 18) = 18 [pid 4612] memfd_create("syzkaller", 0executing program ) = 3 [pid 4611] write(1, "executing program\n", 18) = 18 [pid 4611] memfd_create("syzkaller", 0 [pid 4612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4611] <... memfd_create resumed>) = 3 [pid 4611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4611] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4613] <... write resumed>) = 262144 [pid 4612] <... write resumed>) = 262144 [pid 4613] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4611] <... write resumed>) = 262144 [pid 4613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4613] ioctl(4, LOOP_SET_FD, 3 [pid 4612] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4611] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4612] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4611] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4613] <... ioctl resumed>) = 0 [pid 4612] <... openat resumed>) = 4 [pid 4611] <... openat resumed>) = 4 [pid 4612] ioctl(4, LOOP_SET_FD, 3 [pid 4611] ioctl(4, LOOP_SET_FD, 3 [pid 4613] close(3) = 0 [pid 4613] close(4 [pid 4612] <... ioctl resumed>) = 0 [pid 4612] close(3) = 0 [pid 4612] close(4 [pid 4607] <... mount resumed>) = 0 [pid 4613] <... close resumed>) = 0 [pid 4612] <... close resumed>) = 0 [pid 4611] <... ioctl resumed>) = 0 [pid 4613] mkdir("./bus", 0777 [pid 4612] mkdir("./bus", 0777 [pid 4611] close(3 [pid 4613] <... mkdir resumed>) = 0 [pid 4612] <... mkdir resumed>) = 0 [pid 4611] <... close resumed>) = 0 [pid 4612] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4611] close(4 [pid 4613] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4611] <... close resumed>) = 0 [pid 4607] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4607] chdir("./bus") = 0 [pid 4607] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4607] ioctl(4, LOOP_CLR_FD [pid 4611] mkdir("./bus", 0777) = 0 [pid 4611] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4605] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4607] <... ioctl resumed>) = 0 [pid 4607] close(4) = 0 [pid 4607] memfd_create("syzkaller", 0) = 4 [pid 4607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 206.445493][ T4607] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/214/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4612] <... mount resumed>) = 0 [pid 4611] <... mount resumed>) = 0 [pid 4612] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4611] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4612] <... openat resumed>) = 3 [pid 4611] <... openat resumed>) = 3 [pid 4612] chdir("./bus" [pid 4611] chdir("./bus" [pid 4612] <... chdir resumed>) = 0 [pid 4611] <... chdir resumed>) = 0 [pid 4612] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4611] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4612] <... openat resumed>) = 4 [pid 4612] ioctl(4, LOOP_CLR_FD [pid 4611] <... openat resumed>) = 4 [pid 4612] <... ioctl resumed>) = 0 [pid 4611] ioctl(4, LOOP_CLR_FD [pid 4612] close(4 [pid 4611] <... ioctl resumed>) = 0 [pid 4613] <... mount resumed>) = 0 [pid 4612] <... close resumed>) = 0 [pid 4611] close(4 [pid 4605] <... write resumed>) = 20699119 [pid 4612] memfd_create("syzkaller", 0 [pid 4613] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4611] <... close resumed>) = 0 [pid 4605] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4611] memfd_create("syzkaller", 0 [pid 4612] <... memfd_create resumed>) = 4 [pid 4611] <... memfd_create resumed>) = 4 [pid 4612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4613] <... openat resumed>) = 3 [pid 4612] <... mmap resumed>) = 0x7f7c475b3000 [pid 4611] <... mmap resumed>) = 0x7f7c475b3000 [pid 4605] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4605] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4605] ioctl(5, LOOP_CLR_FD [pid 4613] chdir("./bus" [pid 4605] <... ioctl resumed>) = 0 [pid 4613] <... chdir resumed>) = 0 [pid 4613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4613] ioctl(4, LOOP_CLR_FD) = 0 [pid 4613] close(4) = 0 [pid 4605] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4605] close(5) = 0 [pid 4605] close(4 [pid 4613] memfd_create("syzkaller", 0) = 4 [pid 4613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 206.546431][ T4612] ext4 filesystem being mounted at /root/syzkaller.53SCZU/214/bus supports timestamps until (%ptR?) (0x7fffffff) [ 206.558843][ T4611] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/214/bus supports timestamps until (%ptR?) (0x7fffffff) [ 206.559673][ T4613] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/210/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4607] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4605] <... close resumed>) = 0 [pid 4605] exit_group(0) = ? [pid 4605] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4605, si_uid=0, si_status=0, si_utime=2, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./211", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./211/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./211/binderfs") = 0 [pid 344] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4611] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4612] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./211/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./211/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./211/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./211") = 0 [pid 344] mkdir("./212", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4625 [pid 4613] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 4625 attached [pid 4625] set_robust_list(0x555584fcf660, 24) = 0 [pid 4625] chdir("./212") = 0 [pid 4625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4625] setpgid(0, 0) = 0 [pid 4625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4625] write(3, "1000", 4) = 4 [pid 4625] close(3) = 0 [pid 4625] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4625] write(1, "executing program\n", 18executing program ) = 18 [pid 4625] memfd_create("syzkaller", 0) = 3 [pid 4625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4625] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4625] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4625] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4625] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4625] close(3) = 0 [pid 4625] close(4) = 0 [pid 4625] mkdir("./bus", 0777) = 0 [pid 4625] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4607] <... write resumed>) = 20699119 [pid 4607] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4607] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4607] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4607] ioctl(5, LOOP_CLR_FD) = 0 [pid 4607] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4607] close(5) = 0 [pid 4607] close(4 [pid 4625] <... mount resumed>) = 0 [pid 4625] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4625] chdir("./bus") = 0 [pid 4625] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4625] ioctl(4, LOOP_CLR_FD) = 0 [pid 4625] close(4) = 0 [pid 4625] memfd_create("syzkaller", 0) = 4 [pid 4625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 206.903449][ T4625] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/212/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4613] <... write resumed>) = 20699119 [pid 4613] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4613] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4613] ioctl(5, LOOP_CLR_FD) = 0 [pid 4612] <... write resumed>) = 20699119 [pid 4612] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4612] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4612] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4612] ioctl(5, LOOP_CLR_FD) = 0 [pid 4613] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4613] close(5) = 0 [pid 4612] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4612] close(5) = 0 [pid 4612] close(4 [pid 4613] close(4 [pid 4611] <... write resumed>) = 20699119 [pid 4611] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4611] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4611] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4611] ioctl(5, LOOP_CLR_FD) = 0 [pid 4611] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4611] close(5) = 0 [pid 4611] close(4 [pid 4607] <... close resumed>) = 0 [pid 4607] exit_group(0) = ? [pid 4607] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4607, si_uid=0, si_status=0, si_utime=8, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./214", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./214/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./214/binderfs") = 0 [pid 343] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 343] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./214/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./214/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./214/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./214") = 0 [pid 343] mkdir("./215", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4629 ./strace-static-x86_64: Process 4629 attached [pid 4629] set_robust_list(0x555584fcf660, 24) = 0 [pid 4629] chdir("./215") = 0 [pid 4629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4629] setpgid(0, 0) = 0 [pid 4629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4629] write(3, "1000", 4) = 4 [pid 4629] close(3) = 0 [pid 4629] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4629] write(1, "executing program\n", 18executing program ) = 18 [pid 4629] memfd_create("syzkaller", 0) = 3 [pid 4629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4612] <... close resumed>) = 0 [pid 4629] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4629] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4629] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4629] ioctl(4, LOOP_SET_FD, 3 [pid 4612] exit_group(0) = ? [pid 4612] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4612, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./214", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./214/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./214/binderfs") = 0 [pid 349] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4629] <... ioctl resumed>) = 0 [pid 4629] close(3) = 0 [pid 4629] close(4 [pid 4613] <... close resumed>) = 0 [pid 4613] exit_group(0) = ? [pid 4613] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4613, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./210", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./210/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./210/binderfs") = 0 [pid 342] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4625] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4611] <... close resumed>) = 0 [pid 4629] <... close resumed>) = 0 [pid 4611] exit_group(0 [pid 349] <... umount2 resumed>) = 0 [pid 4629] mkdir("./bus", 0777) = 0 [pid 4611] <... exit_group resumed>) = ? [pid 349] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4629] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] newfstatat(AT_FDCWD, "./214/bus", [pid 4611] +++ exited with 0 +++ [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4611, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 349] openat(AT_FDCWD, "./214/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./214/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./214") = 0 [pid 349] mkdir("./215", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./214", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./214/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./214/binderfs") = 0 [pid 348] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4625] <... write resumed>) = 20699119 [pid 4625] munmap(0x7f7c475b3000, 138412032 [pid 349] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./210/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./210/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./210/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./210/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./210") = 0 [pid 342] mkdir("./211", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4625] <... munmap resumed>) = 0 [pid 4625] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... umount2 resumed>) = 0 [pid 349] close(3 [pid 348] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] newfstatat(AT_FDCWD, "./214/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4631 [pid 348] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./214/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./214/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./214") = 0 [pid 348] mkdir("./215", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program , child_tidptr=0x555584fcf650) = 4632 ./strace-static-x86_64: Process 4631 attached [pid 4631] set_robust_list(0x555584fcf660, 24) = 0 [pid 4631] chdir("./215") = 0 [pid 4631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4631] setpgid(0, 0) = 0 [pid 4631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4631] write(3, "1000", 4) = 4 [pid 4631] close(3) = 0 [pid 4631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4631] write(1, "executing program\n", 18) = 18 [pid 4631] memfd_create("syzkaller", 0) = 3 [pid 4631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4631] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4631] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4631] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4631] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4632 attached [pid 4632] set_robust_list(0x555584fcf660, 24) = 0 [pid 4632] chdir("./215") = 0 [pid 4632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4632] setpgid(0, 0) = 0 [pid 4632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4632] write(3, "1000", 4) = 4 [pid 4632] close(3) = 0 executing program [pid 4632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4632] write(1, "executing program\n", 18) = 18 [pid 4632] memfd_create("syzkaller", 0) = 3 [pid 4632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4631] <... ioctl resumed>) = 0 [pid 4631] close(3) = 0 [pid 4631] close(4 [pid 4632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4632] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4632] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4631] <... close resumed>) = 0 [pid 4625] <... openat resumed>) = 5 [pid 342] <... openat resumed>) = 3 [pid 4631] mkdir("./bus", 0777 [pid 4625] ioctl(5, LOOP_SET_FD, 4 [pid 342] ioctl(3, LOOP_CLR_FD [pid 4631] <... mkdir resumed>) = 0 [pid 4625] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4631] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4625] ioctl(5, LOOP_CLR_FD [pid 342] close(3 [pid 4625] <... ioctl resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4634 [pid 4632] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4634 attached [pid 4625] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4625] close(5 [pid 4634] set_robust_list(0x555584fcf660, 24) = 0 [pid 4634] chdir("./211") = 0 [pid 4634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4634] setpgid(0, 0) = 0 [pid 4634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4634] write(3, "1000", 4) = 4 [pid 4634] close(3) = 0 [pid 4634] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4632] <... ioctl resumed>) = 0 [pid 4629] <... mount resumed>) = 0 [pid 4625] <... close resumed>) = 0 executing program [pid 4634] write(1, "executing program\n", 18 [pid 4625] close(4 [pid 4634] <... write resumed>) = 18 [pid 4634] memfd_create("syzkaller", 0) = 3 [pid 4634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4634] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4634] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4634] ioctl(4, LOOP_SET_FD, 3 [pid 4632] close(3) = 0 [pid 4632] close(4 [pid 4629] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4629] chdir("./bus") = 0 [pid 4629] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4634] <... ioctl resumed>) = 0 [pid 4634] close(3) = 0 [pid 4634] close(4 [pid 4631] <... mount resumed>) = 0 [pid 4631] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4631] chdir("./bus") = 0 [pid 4631] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4625] <... close resumed>) = 0 [pid 4634] <... close resumed>) = 0 [pid 4625] exit_group(0 [pid 4634] mkdir("./bus", 0777 [pid 4625] <... exit_group resumed>) = ? [pid 4634] <... mkdir resumed>) = 0 [pid 4634] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4625] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4625, si_uid=0, si_status=0, si_utime=8, si_stime=10} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./212", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./212/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./212/binderfs") = 0 [pid 344] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4632] <... close resumed>) = 0 [pid 4629] <... openat resumed>) = 4 [pid 4632] mkdir("./bus", 0777 [pid 4629] ioctl(4, LOOP_CLR_FD [pid 4632] <... mkdir resumed>) = 0 [pid 4632] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4634] <... mount resumed>) = 0 [pid 4631] <... openat resumed>) = 4 [pid 4629] <... ioctl resumed>) = 0 [pid 4631] ioctl(4, LOOP_CLR_FD [pid 4629] close(4 [pid 4631] <... ioctl resumed>) = 0 [pid 4629] <... close resumed>) = 0 [pid 4631] close(4 [pid 4629] memfd_create("syzkaller", 0 [pid 344] <... umount2 resumed>) = 0 [pid 4631] <... close resumed>) = 0 [pid 4629] <... memfd_create resumed>) = 4 [pid 4631] memfd_create("syzkaller", 0 [pid 4629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4631] <... memfd_create resumed>) = 4 [pid 4629] <... mmap resumed>) = 0x7f7c475b3000 [pid 4634] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4631] <... mmap resumed>) = 0x7f7c475b3000 [ 207.350428][ T4629] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/215/bus supports timestamps until (%ptR?) (0x7fffffff) [ 207.353713][ T4631] ext4 filesystem being mounted at /root/syzkaller.53SCZU/215/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4634] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./212/bus", [pid 4634] chdir("./bus" [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4634] <... chdir resumed>) = 0 [pid 4634] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./212/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./212/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./212") = 0 [pid 344] mkdir("./213", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4634] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 4634] ioctl(4, LOOP_CLR_FD) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4634] close(4 [pid 344] close(3 [pid 4634] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 4634] memfd_create("syzkaller", 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4634] <... memfd_create resumed>) = 4 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4643 [pid 4634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4643 attached [pid 4643] set_robust_list(0x555584fcf660, 24) = 0 [pid 4643] chdir("./213") = 0 [pid 4643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4643] setpgid(0, 0) = 0 executing program [pid 4643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4643] write(3, "1000", 4) = 4 [pid 4643] close(3) = 0 [pid 4643] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4643] write(1, "executing program\n", 18) = 18 [pid 4643] memfd_create("syzkaller", 0) = 3 [pid 4643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4643] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4643] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4643] close(3) = 0 [ 207.428304][ T4634] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/211/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4643] close(4 [pid 4632] <... mount resumed>) = 0 [pid 4632] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4632] chdir("./bus") = 0 [pid 4632] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4643] <... close resumed>) = 0 [pid 4632] <... openat resumed>) = 4 [pid 4643] mkdir("./bus", 0777) = 0 [pid 4632] ioctl(4, LOOP_CLR_FD) = 0 [pid 4632] close(4 [pid 4643] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4632] <... close resumed>) = 0 [pid 4632] memfd_create("syzkaller", 0) = 4 [pid 4632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4629] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 207.512035][ T4632] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/215/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4631] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4643] <... mount resumed>) = 0 [pid 4643] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4643] chdir("./bus") = 0 [pid 4643] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4643] ioctl(4, LOOP_CLR_FD) = 0 [pid 4643] close(4) = 0 [pid 4643] memfd_create("syzkaller", 0) = 4 [pid 4643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 207.638680][ T4643] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/213/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4634] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4631] <... write resumed>) = 20699119 [pid 4631] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4631] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4631] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4631] ioctl(5, LOOP_CLR_FD) = 0 [pid 4631] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4631] close(5) = 0 [pid 4631] close(4 [pid 4629] <... write resumed>) = 20699119 [pid 4632] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4629] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4629] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4629] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4629] ioctl(5, LOOP_CLR_FD) = 0 [pid 4629] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4629] close(5) = 0 [pid 4629] close(4 [pid 4634] <... write resumed>) = 20699119 [pid 4634] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4634] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4634] ioctl(5, LOOP_CLR_FD) = 0 [pid 4634] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4634] close(5) = 0 [pid 4634] close(4 [pid 4631] <... close resumed>) = 0 [pid 4631] exit_group(0) = ? [pid 4631] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4631, si_uid=0, si_status=0, si_utime=8, si_stime=21} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./215", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./215/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./215/binderfs") = 0 [pid 349] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4634] <... close resumed>) = 0 [pid 4634] exit_group(0) = ? [pid 4634] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4634, si_uid=0, si_status=0, si_utime=8, si_stime=9} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4629] <... close resumed>) = 0 [pid 4629] exit_group(0) = ? [pid 4629] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4629, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./215", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./215/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./215/binderfs") = 0 [pid 343] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./211", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, [pid 4643] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./211/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./211/binderfs") = 0 [pid 342] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./215/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./215/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./215/bus" [pid 4632] <... write resumed>) = 20699119 [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./215" [pid 4632] munmap(0x7f7c475b3000, 138412032 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./216", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4632] <... munmap resumed>) = 0 [pid 4632] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4643] <... write resumed>) = 20699119 [pid 4643] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4643] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./215/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./215/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./215/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./215") = 0 [pid 343] mkdir("./216", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4643] <... openat resumed>) = 5 [pid 4632] <... openat resumed>) = 5 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4632] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... umount2 resumed>) = 0 [pid 349] close(3 [pid 343] <... openat resumed>) = 3 [pid 349] <... close resumed>) = 0 [pid 342] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4632] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] newfstatat(AT_FDCWD, "./211/bus", [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4649 [pid 343] close(3 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... close resumed>) = 0 [pid 342] umount2("./211/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./211/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4632] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... openat resumed>) = 4 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4650 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./211/bus"./strace-static-x86_64: Process 4649 attached ) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./211" [pid 4632] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4632] close(5) = 0 [pid 4632] close(4 [pid 342] <... rmdir resumed>) = 0 [pid 4649] set_robust_list(0x555584fcf660, 24) = 0 [pid 4649] chdir("./216") = 0 [pid 4649] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4649] setpgid(0, 0) = 0 [pid 4649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 342] mkdir("./212", 0777./strace-static-x86_64: Process 4650 attached [pid 4643] ioctl(5, LOOP_SET_FD, 4 [pid 4649] write(3, "1000", 4 [pid 342] <... mkdir resumed>) = 0 [pid 4649] <... write resumed>) = 4 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4649] close(3) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4649] symlink("/dev/binderfs", "./binderfs" [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4651 [pid 4643] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4643] ioctl(5, LOOP_CLR_FD [pid 4649] <... symlink resumed>) = 0 [pid 4643] <... ioctl resumed>) = 0 [pid 4650] set_robust_list(0x555584fcf660, 24 [pid 4649] write(1, "executing program\n", 18executing program [pid 4650] <... set_robust_list resumed>) = 0 [pid 4650] chdir("./216" [pid 4649] <... write resumed>) = 18 [pid 4650] <... chdir resumed>) = 0 [pid 4650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4650] setpgid(0, 0) = 0 [pid 4649] memfd_create("syzkaller", 0 [pid 4643] ioctl(5, LOOP_SET_FD, 4 [pid 4649] <... memfd_create resumed>) = 3 [pid 4643] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4643] close(5) = 0 [pid 4643] close(4 [pid 4649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4649] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4649] munmap(0x7f7c475b3000, 138412032 [pid 4650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4649] <... munmap resumed>) = 0 [pid 4650] write(3, "1000", 4) = 4 [pid 4650] close(3) = 0 [pid 4650] symlink("/dev/binderfs", "./binderfs" [pid 4649] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4649] ioctl(4, LOOP_SET_FD, 3 [pid 4650] <... symlink resumed>) = 0 [pid 4650] write(1, "executing program\n", 18executing program ) = 18 [pid 4650] memfd_create("syzkaller", 0) = 3 [pid 4650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4651 attached [pid 4651] set_robust_list(0x555584fcf660, 24) = 0 [pid 4651] chdir("./212") = 0 [pid 4650] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4651] setpgid(0, 0) = 0 [pid 4651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4651] write(3, "1000", 4) = 4 [pid 4651] close(3) = 0 [pid 4649] <... ioctl resumed>) = 0 [pid 4651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4649] close(3) = 0 [pid 4651] write(1, "executing program\n", 18executing program [pid 4649] close(4 [pid 4651] <... write resumed>) = 18 [pid 4651] memfd_create("syzkaller", 0) = 3 [pid 4651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4651] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4650] <... write resumed>) = 262144 [pid 4650] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4650] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4651] <... write resumed>) = 262144 [pid 4651] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4651] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4632] <... close resumed>) = 0 [pid 4632] exit_group(0) = ? [pid 4632] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4632, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./215", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./215/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./215/binderfs") = 0 [pid 348] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4643] <... close resumed>) = 0 [pid 4650] <... openat resumed>) = 4 [pid 4651] <... openat resumed>) = 4 [pid 4649] <... close resumed>) = 0 [pid 4651] ioctl(4, LOOP_SET_FD, 3 [pid 4649] mkdir("./bus", 0777 [pid 4643] exit_group(0 [pid 4650] ioctl(4, LOOP_SET_FD, 3 [pid 4649] <... mkdir resumed>) = 0 [pid 4649] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4643] <... exit_group resumed>) = ? [pid 4643] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4643, si_uid=0, si_status=0, si_utime=5, si_stime=9} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./213", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./213/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./213/binderfs") = 0 [pid 344] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4651] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 4651] close(3 [pid 348] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4651] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4651] close(4 [pid 348] newfstatat(AT_FDCWD, "./215/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./215/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./215/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./215") = 0 [pid 348] mkdir("./216", 0777 [pid 4650] <... ioctl resumed>) = 0 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4651] <... close resumed>) = 0 [pid 4651] mkdir("./bus", 0777) = 0 [pid 4650] close(3 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4655 [pid 344] <... umount2 resumed>) = 0 [pid 4651] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4650] <... close resumed>) = 0 [pid 344] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4650] close(4 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4650] <... close resumed>) = 0 [pid 4650] mkdir("./bus", 0777 [pid 344] newfstatat(AT_FDCWD, "./213/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4650] <... mkdir resumed>) = 0 [pid 344] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4650] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./213/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./213/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 4655 attached [pid 344] close(3) = 0 [pid 344] rmdir("./213") = 0 [pid 344] mkdir("./214", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4655] set_robust_list(0x555584fcf660, 24) = 0 [pid 4655] chdir("./216") = 0 [pid 4655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4655] setpgid(0, 0) = 0 [pid 4655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4655] write(3, "1000", 4) = 4 [pid 4655] close(3) = 0 [pid 4655] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4655] write(1, "executing program\n", 18executing program ) = 18 [pid 4655] memfd_create("syzkaller", 0) = 3 [pid 4655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4655] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4655] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4650] <... mount resumed>) = 0 [pid 4650] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4650] chdir("./bus") = 0 [pid 4650] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4649] <... mount resumed>) = 0 [pid 4649] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4649] chdir("./bus") = 0 [pid 4649] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4651] <... mount resumed>) = 0 [pid 4651] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4651] chdir("./bus") = 0 [pid 4651] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4655] <... openat resumed>) = 4 [pid 4650] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 4655] ioctl(4, LOOP_SET_FD, 3 [pid 4650] ioctl(4, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 4655] <... ioctl resumed>) = 0 [pid 4650] <... ioctl resumed>) = 0 [pid 4655] close(3 [pid 4650] close(4 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4655] <... close resumed>) = 0 [pid 344] close(3 [pid 4655] close(4 [pid 344] <... close resumed>) = 0 [pid 4649] <... openat resumed>) = 4 [pid 4649] ioctl(4, LOOP_CLR_FD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4663 attached , child_tidptr=0x555584fcf650) = 4663 [pid 4663] set_robust_list(0x555584fcf660, 24) = 0 [pid 4663] chdir("./214") = 0 [pid 4663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4663] setpgid(0, 0) = 0 [pid 4663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4663] write(3, "1000", 4) = 4 [pid 4663] close(3) = 0 [pid 4663] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4663] write(1, "executing program\n", 18executing program ) = 18 [pid 4663] memfd_create("syzkaller", 0) = 3 [pid 4663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4663] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4663] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4663] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4655] <... close resumed>) = 0 [pid 4651] <... openat resumed>) = 4 [pid 4650] <... close resumed>) = 0 [pid 4649] <... ioctl resumed>) = 0 [pid 4655] mkdir("./bus", 0777 [pid 4651] ioctl(4, LOOP_CLR_FD [pid 4649] close(4 [pid 4655] <... mkdir resumed>) = 0 [pid 4650] memfd_create("syzkaller", 0 [pid 4655] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4650] <... memfd_create resumed>) = 4 [pid 4650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 208.213961][ T4649] ext4 filesystem being mounted at /root/syzkaller.53SCZU/216/bus supports timestamps until (%ptR?) (0x7fffffff) [ 208.226706][ T4651] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/212/bus supports timestamps until (%ptR?) (0x7fffffff) [ 208.226713][ T4650] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/216/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4650] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4651] <... ioctl resumed>) = 0 [pid 4649] <... close resumed>) = 0 [pid 4651] close(4 [pid 4649] memfd_create("syzkaller", 0 [pid 4651] <... close resumed>) = 0 [pid 4649] <... memfd_create resumed>) = 4 [pid 4651] memfd_create("syzkaller", 0 [pid 4649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4651] <... memfd_create resumed>) = 4 [pid 4649] <... mmap resumed>) = 0x7f7c475b3000 [pid 4651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4663] <... openat resumed>) = 4 [pid 4663] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4663] close(3) = 0 [pid 4663] close(4 [pid 4655] <... mount resumed>) = 0 [pid 4655] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4655] chdir("./bus") = 0 [pid 4655] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4650] <... write resumed>) = 20699119 [pid 4650] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4650] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4663] <... close resumed>) = 0 [pid 4655] <... openat resumed>) = 4 [pid 4663] mkdir("./bus", 0777 [pid 4655] ioctl(4, LOOP_CLR_FD [pid 4663] <... mkdir resumed>) = 0 [pid 4655] <... ioctl resumed>) = 0 [pid 4655] close(4) = 0 [pid 4655] memfd_create("syzkaller", 0) = 4 [pid 4655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4663] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4650] <... openat resumed>) = 5 [pid 4650] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4650] ioctl(5, LOOP_CLR_FD) = 0 [pid 4650] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4650] close(5) = 0 [ 208.397956][ T4655] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/216/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4650] close(4 [pid 4663] <... mount resumed>) = 0 [pid 4663] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4663] chdir("./bus") = 0 [pid 4663] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4663] ioctl(4, LOOP_CLR_FD) = 0 [pid 4663] close(4) = 0 [pid 4663] memfd_create("syzkaller", 0) = 4 [pid 4663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4650] <... close resumed>) = 0 [pid 4650] exit_group(0) = ? [pid 4651] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4650] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4650, si_uid=0, si_status=0, si_utime=2, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 4649] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] umount2("./216", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./216/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./216/binderfs") = 0 [ 208.486631][ T4663] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/214/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 343] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./216/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./216/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./216/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./216") = 0 [pid 343] mkdir("./217", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4669 ./strace-static-x86_64: Process 4669 attached [pid 4669] set_robust_list(0x555584fcf660, 24) = 0 [pid 4669] chdir("./217") = 0 [pid 4669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4669] setpgid(0, 0) = 0 [pid 4669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4669] write(3, "1000", 4) = 4 [pid 4669] close(3) = 0 [pid 4669] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4669] write(1, "executing program\n", 18) = 18 [pid 4669] memfd_create("syzkaller", 0) = 3 [pid 4669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4669] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4669] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4669] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4669] close(3) = 0 [pid 4669] close(4 [pid 4655] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4663] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4649] <... write resumed>) = 20699119 [pid 4649] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4649] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4669] <... close resumed>) = 0 [pid 4649] <... openat resumed>) = 5 [pid 4669] mkdir("./bus", 0777) = 0 [pid 4649] ioctl(5, LOOP_SET_FD, 4 [pid 4669] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4649] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4649] ioctl(5, LOOP_CLR_FD [pid 4651] <... write resumed>) = 20699119 [pid 4651] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4651] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4663] <... write resumed>) = 20699119 [pid 4663] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4663] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4655] <... write resumed>) = 20699119 [pid 4655] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4655] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4649] <... ioctl resumed>) = 0 [pid 4651] <... openat resumed>) = 5 [pid 4651] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4651] ioctl(5, LOOP_CLR_FD) = 0 [pid 4663] <... openat resumed>) = 5 [pid 4649] ioctl(5, LOOP_SET_FD, 4 [pid 4663] ioctl(5, LOOP_SET_FD, 4 [pid 4655] <... openat resumed>) = 5 [pid 4649] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4663] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4655] ioctl(5, LOOP_SET_FD, 4 [pid 4649] close(5 [pid 4663] ioctl(5, LOOP_CLR_FD [pid 4655] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4649] <... close resumed>) = 0 [pid 4655] ioctl(5, LOOP_CLR_FD [pid 4651] ioctl(5, LOOP_SET_FD, 4 [pid 4649] close(4 [pid 4651] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4651] close(5) = 0 [pid 4651] close(4 [pid 4655] <... ioctl resumed>) = 0 [pid 4655] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4655] close(5) = 0 [pid 4655] close(4 [pid 4663] <... ioctl resumed>) = 0 [pid 4663] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4663] close(5) = 0 [pid 4663] close(4 [pid 4669] <... mount resumed>) = 0 [pid 4669] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4669] chdir("./bus") = 0 [pid 4669] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4669] ioctl(4, LOOP_CLR_FD) = 0 [pid 4669] close(4) = 0 [pid 4669] memfd_create("syzkaller", 0) = 4 [pid 4669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4651] <... close resumed>) = 0 [pid 4651] exit_group(0) = ? [pid 4651] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4651, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./212", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./212/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./212/binderfs") = 0 [pid 342] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4655] <... close resumed>) = 0 [pid 4655] exit_group(0) = ? [pid 4655] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4655, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./216", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./216/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./216/binderfs") = 0 [ 208.839718][ T4669] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/217/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 348] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4663] <... close resumed>) = 0 [pid 4663] exit_group(0 [pid 4649] <... close resumed>) = 0 [pid 4663] <... exit_group resumed>) = ? [pid 4663] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4663, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4649] exit_group(0) = ? [pid 4649] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4649, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./214", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./214/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./214/binderfs") = 0 [pid 344] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./216", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./216/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./216/binderfs") = 0 [pid 349] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./212/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./212/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./212/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./212/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./212") = 0 [pid 342] mkdir("./213", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4669] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 4669] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4669] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... umount2 resumed>) = 0 [pid 4669] <... openat resumed>) = 5 [pid 4669] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4669] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4673 ./strace-static-x86_64: Process 4673 attached [pid 349] <... umount2 resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./216/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./216/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(AT_FDCWD, "./216/bus", [pid 348] <... openat resumed>) = 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] newfstatat(4, "", [pid 344] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] getdents64(4, [pid 349] openat(AT_FDCWD, "./216/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 4 [pid 348] getdents64(4, [pid 349] newfstatat(4, "", [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] newfstatat(AT_FDCWD, "./214/bus", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] close(4 [pid 349] getdents64(4, [pid 348] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4673] set_robust_list(0x555584fcf660, 24 [pid 4669] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] rmdir("./216/bus" [pid 4673] <... set_robust_list resumed>) = 0 [pid 4669] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] getdents64(4, [pid 348] <... rmdir resumed>) = 0 [pid 344] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./216" [pid 4673] chdir("./213" [pid 4669] close(5 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program executing program [pid 349] close(4 [pid 348] mkdir("./217", 0777 [pid 344] openat(AT_FDCWD, "./214/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4674 ./strace-static-x86_64: Process 4674 attached [pid 4674] set_robust_list(0x555584fcf660, 24) = 0 [pid 4674] chdir("./217") = 0 [pid 4674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4674] setpgid(0, 0) = 0 [pid 4674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4674] write(3, "1000", 4) = 4 [pid 4674] close(3) = 0 [pid 4674] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4674] write(1, "executing program\n", 18) = 18 [pid 4674] memfd_create("syzkaller", 0) = 3 [pid 4674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4674] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4674] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4674] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4674] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4674] close(3) = 0 [pid 4674] close(4 [pid 4673] <... chdir resumed>) = 0 [pid 4673] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4673] setpgid(0, 0) = 0 [pid 4673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4673] write(3, "1000", 4) = 4 [pid 4673] close(3) = 0 [pid 4673] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4673] write(1, "executing program\n", 18) = 18 [pid 4673] memfd_create("syzkaller", 0) = 3 [pid 4673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4673] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4673] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... openat resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] rmdir("./216/bus" [pid 344] getdents64(4, [pid 349] <... rmdir resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(3, [pid 344] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 344] close(4 [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./216" [pid 344] <... close resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 344] rmdir("./214/bus" [pid 349] mkdir("./217", 0777 [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 344] close(3) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] rmdir("./214") = 0 [pid 344] mkdir("./215", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4674] <... close resumed>) = 0 [pid 4673] <... openat resumed>) = 4 [pid 4673] ioctl(4, LOOP_SET_FD, 3 [pid 4674] mkdir("./bus", 0777) = 0 [pid 4674] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4673] <... ioctl resumed>) = 0 [pid 4669] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4677 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4678 [pid 4673] close(3) = 0 [pid 4673] close(4 [pid 4669] close(4./strace-static-x86_64: Process 4677 attached ./strace-static-x86_64: Process 4678 attached [pid 4678] set_robust_list(0x555584fcf660, 24 [pid 4677] set_robust_list(0x555584fcf660, 24) = 0 [pid 4678] <... set_robust_list resumed>) = 0 [pid 4678] chdir("./217" [pid 4677] chdir("./215") = 0 [pid 4678] <... chdir resumed>) = 0 [pid 4678] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4677] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4678] <... prctl resumed>) = 0 [pid 4677] <... prctl resumed>) = 0 [pid 4678] setpgid(0, 0 [pid 4677] setpgid(0, 0 [pid 4678] <... setpgid resumed>) = 0 [pid 4677] <... setpgid resumed>) = 0 [pid 4678] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4677] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4678] <... openat resumed>) = 3 [pid 4677] <... openat resumed>) = 3 [pid 4678] write(3, "1000", 4) = 4 [pid 4677] write(3, "1000", 4 [pid 4678] close(3 [pid 4677] <... write resumed>) = 4 [pid 4678] <... close resumed>) = 0 [pid 4677] close(3 [pid 4678] symlink("/dev/binderfs", "./binderfs" [pid 4677] <... close resumed>) = 0 [pid 4678] <... symlink resumed>) = 0 [pid 4677] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4678] write(1, "executing program\n", 18 [pid 4677] write(1, "executing program\n", 18 [pid 4678] <... write resumed>) = 18 executing program [pid 4677] <... write resumed>) = 18 [pid 4678] memfd_create("syzkaller", 0 [pid 4677] memfd_create("syzkaller", 0 [pid 4678] <... memfd_create resumed>) = 3 [pid 4677] <... memfd_create resumed>) = 3 [pid 4678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4678] <... mmap resumed>) = 0x7f7c475b3000 [pid 4677] <... mmap resumed>) = 0x7f7c475b3000 [pid 4677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4678] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4677] <... write resumed>) = 262144 [pid 4678] <... write resumed>) = 262144 [pid 4677] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4678] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4677] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4678] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4677] <... openat resumed>) = 4 [pid 4673] <... close resumed>) = 0 [pid 4678] ioctl(4, LOOP_SET_FD, 3 [pid 4677] ioctl(4, LOOP_SET_FD, 3 [pid 4673] mkdir("./bus", 0777) = 0 [pid 4673] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4669] <... close resumed>) = 0 [pid 4669] exit_group(0) = ? [pid 4669] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4669, si_uid=0, si_status=0, si_utime=4, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./217", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./217/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./217/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./217/binderfs") = 0 [pid 343] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4678] <... ioctl resumed>) = 0 [pid 4678] close(3 [pid 4677] <... ioctl resumed>) = 0 [pid 4678] <... close resumed>) = 0 [pid 4677] close(3 [pid 4678] close(4 [pid 4677] <... close resumed>) = 0 [pid 4677] close(4) = 0 [pid 4677] mkdir("./bus", 0777 [pid 4678] <... close resumed>) = 0 [pid 4677] <... mkdir resumed>) = 0 [pid 4678] mkdir("./bus", 0777 [pid 4677] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4678] <... mkdir resumed>) = 0 [pid 4678] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4674] <... mount resumed>) = 0 [pid 4673] <... mount resumed>) = 0 [pid 4673] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4673] chdir("./bus") = 0 [pid 4673] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4674] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4674] chdir("./bus") = 0 [pid 4674] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4677] <... mount resumed>) = 0 [pid 4674] <... openat resumed>) = 4 [pid 343] <... umount2 resumed>) = 0 [pid 4673] <... openat resumed>) = 4 [pid 4673] ioctl(4, LOOP_CLR_FD) = 0 [pid 4673] close(4) = 0 [pid 4673] memfd_create("syzkaller", 0) = 4 [pid 4673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4674] ioctl(4, LOOP_CLR_FD [pid 343] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4674] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4674] close(4) = 0 [pid 343] newfstatat(AT_FDCWD, "./217/bus", [pid 4674] memfd_create("syzkaller", 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4674] <... memfd_create resumed>) = 4 [pid 343] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./217/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./217/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./217") = 0 [pid 343] mkdir("./218", 0777) = 0 [pid 4678] <... mount resumed>) = 0 [pid 4678] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4678] chdir("./bus") = 0 [pid 4678] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4678] ioctl(4, LOOP_CLR_FD) = 0 [pid 4678] close(4) = 0 [pid 4678] memfd_create("syzkaller", 0) = 4 [pid 4678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 209.209546][ T4673] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/213/bus supports timestamps until (%ptR?) (0x7fffffff) [ 209.209643][ T4674] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/217/bus supports timestamps until (%ptR?) (0x7fffffff) [ 209.238861][ T4677] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/215/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4689 [pid 4677] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 4689 attached [pid 4689] set_robust_list(0x555584fcf660, 24 [pid 4677] <... openat resumed>) = 3 [pid 4689] <... set_robust_list resumed>) = 0 [pid 4689] chdir("./218") = 0 [pid 4689] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4689] setpgid(0, 0) = 0 [pid 4689] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4689] write(3, "1000", 4) = 4 [pid 4689] close(3) = 0 [pid 4689] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4677] chdir("./bus"executing program [pid 4689] write(1, "executing program\n", 18) = 18 [pid 4689] memfd_create("syzkaller", 0) = 3 [pid 4689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4677] <... chdir resumed>) = 0 [pid 4677] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4689] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4677] <... openat resumed>) = 4 [pid 4677] ioctl(4, LOOP_CLR_FD [pid 4689] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4677] <... ioctl resumed>) = 0 [pid 4689] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4689] ioctl(4, LOOP_SET_FD, 3 [pid 4677] close(4 [pid 4689] <... ioctl resumed>) = 0 [pid 4677] <... close resumed>) = 0 [pid 4689] close(3) = 0 [pid 4689] close(4 [pid 4677] memfd_create("syzkaller", 0) = 4 [pid 4677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 209.238935][ T4678] ext4 filesystem being mounted at /root/syzkaller.53SCZU/217/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4689] <... close resumed>) = 0 [pid 4689] mkdir("./bus", 0777) = 0 [pid 4689] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4673] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4689] <... mount resumed>) = 0 [pid 4689] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4689] chdir("./bus") = 0 [pid 4689] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4689] ioctl(4, LOOP_CLR_FD) = 0 [pid 4689] close(4) = 0 [pid 4689] memfd_create("syzkaller", 0) = 4 [pid 4689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 209.418242][ T4689] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/218/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4678] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4677] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4674] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4673] <... write resumed>) = 20699119 [pid 4673] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4673] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4673] ioctl(5, LOOP_CLR_FD) = 0 [pid 4673] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4673] close(5) = 0 [pid 4673] close(4 [pid 4674] <... write resumed>) = 20699119 [pid 4689] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4674] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4674] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4674] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4674] ioctl(5, LOOP_CLR_FD) = 0 [pid 4677] <... write resumed>) = 20699119 [pid 4677] munmap(0x7f7c475b3000, 138412032 [pid 4674] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4674] close(5) = 0 [pid 4674] close(4 [pid 4677] <... munmap resumed>) = 0 [pid 4677] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4677] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4677] ioctl(5, LOOP_CLR_FD) = 0 [pid 4677] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4677] close(5 [pid 4678] <... write resumed>) = 20699119 [pid 4678] munmap(0x7f7c475b3000, 138412032 [pid 4677] <... close resumed>) = 0 [pid 4677] close(4 [pid 4678] <... munmap resumed>) = 0 [pid 4678] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4678] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4678] ioctl(5, LOOP_CLR_FD) = 0 [pid 4678] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4678] close(5) = 0 [pid 4678] close(4 [pid 4673] <... close resumed>) = 0 [pid 4673] exit_group(0) = ? [pid 4673] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4673, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./213", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./213/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./213/binderfs") = 0 [pid 342] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4674] <... close resumed>) = 0 [pid 4674] exit_group(0) = ? [pid 4674] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4674, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4677] <... close resumed>) = 0 [pid 4677] exit_group(0) = ? [pid 4677] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4677, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 348] umount2("./217", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./215", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... openat resumed>) = 3 [pid 348] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 344] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./217/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./215/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./217/binderfs", [pid 344] newfstatat(AT_FDCWD, "./215/binderfs", [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./217/binderfs" [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./215/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 348] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4678] <... close resumed>) = 0 [pid 4678] exit_group(0) = ? [pid 4678] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4678, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./217", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./217/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./217/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./217/binderfs") = 0 [pid 349] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4689] <... write resumed>) = 20699119 [pid 4689] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4689] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./213/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./213/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./213/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./213/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./213") = 0 [pid 342] mkdir("./214", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4689] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 344] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./215/bus", [pid 349] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./217/bus", [pid 344] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./217/bus", [pid 348] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] openat(AT_FDCWD, "./215/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... openat resumed>) = 4 [pid 349] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] openat(AT_FDCWD, "./217/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] newfstatat(4, "", [pid 342] close(3executing program [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... openat resumed>) = 4 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] openat(AT_FDCWD, "./217/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] newfstatat(4, "", [pid 344] getdents64(4, [pid 342] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./215/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./215") = 0 [pid 344] mkdir("./216", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4693 ./strace-static-x86_64: Process 4693 attached [pid 4693] set_robust_list(0x555584fcf660, 24) = 0 [pid 4693] chdir("./216") = 0 [pid 4693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4693] setpgid(0, 0) = 0 [pid 4693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4693] write(3, "1000", 4) = 4 [pid 4693] close(3) = 0 [pid 4693] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4693] write(1, "executing program\n", 18) = 18 [pid 4693] memfd_create("syzkaller", 0) = 3 [pid 4693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... openat resumed>) = 4 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] newfstatat(4, "", [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4694 [pid 349] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] close(4) = 0 [pid 349] getdents64(4, [pid 348] rmdir("./217/bus") = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 348] close(3) = 0 [pid 349] <... close resumed>) = 0 [pid 348] rmdir("./217") = 0 [pid 349] rmdir("./217/bus" [pid 348] mkdir("./218", 0777 [pid 4693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 348] <... mkdir resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4693] <... write resumed>) = 262144 [pid 4693] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4693] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4693] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4693] close(3) = 0 [pid 4693] close(4 [pid 4689] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4689] ioctl(5, LOOP_CLR_FD./strace-static-x86_64: Process 4694 attached [pid 4694] set_robust_list(0x555584fcf660, 24) = 0 [pid 4694] chdir("./214") = 0 [pid 4694] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4694] setpgid(0, 0) = 0 [pid 4694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4694] write(3, "1000", 4 [pid 349] getdents64(3, [pid 4694] <... write resumed>) = 4 executing program [pid 4694] close(3) = 0 [pid 4694] symlink("/dev/binderfs", "./binderfs") = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 4694] write(1, "executing program\n", 18) = 18 [pid 4694] memfd_create("syzkaller", 0 [pid 349] <... close resumed>) = 0 [pid 4694] <... memfd_create resumed>) = 3 [pid 349] rmdir("./217" [pid 4694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./218", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4694] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4694] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4694] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4693] <... close resumed>) = 0 [pid 4689] <... ioctl resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 4693] mkdir("./bus", 0777 [pid 348] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4693] <... mkdir resumed>) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4696 [pid 4689] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4689] close(5) = 0 [pid 4689] close(4./strace-static-x86_64: Process 4696 attached [pid 4693] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4696] set_robust_list(0x555584fcf660, 24) = 0 [pid 4696] chdir("./218") = 0 [pid 4696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4696] setpgid(0, 0) = 0 [pid 4696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4696] write(3, "1000", 4) = 4 [pid 4696] close(3) = 0 [pid 4696] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4696] write(1, "executing program\n", 18executing program ) = 18 [pid 4696] memfd_create("syzkaller", 0) = 3 [pid 4696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4696] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4696] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4696] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4689] <... close resumed>) = 0 [pid 4689] exit_group(0) = ? [pid 4689] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4689, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 4696] <... openat resumed>) = 4 [pid 4694] <... openat resumed>) = 4 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4694] ioctl(4, LOOP_SET_FD, 3 [pid 349] close(3 [pid 343] umount2("./218", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./218/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./218/binderfs") = 0 [pid 343] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4696] ioctl(4, LOOP_SET_FD, 3 [pid 4694] <... ioctl resumed>) = 0 [pid 4694] close(3 [pid 349] <... close resumed>) = 0 [pid 4694] <... close resumed>) = 0 [pid 4694] close(4 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4698 attached [pid 4698] set_robust_list(0x555584fcf660, 24 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4698 [pid 4698] <... set_robust_list resumed>) = 0 [pid 4698] chdir("./218") = 0 [pid 4698] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4698] setpgid(0, 0) = 0 [pid 4698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4698] write(3, "1000", 4) = 4 [pid 4698] close(3) = 0 [pid 4698] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4698] write(1, "executing program\n", 18) = 18 [pid 4698] memfd_create("syzkaller", 0) = 3 [pid 4698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4698] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4698] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4698] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4693] <... mount resumed>) = 0 [pid 4693] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4693] chdir("./bus") = 0 [pid 4693] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4694] <... close resumed>) = 0 [pid 4694] mkdir("./bus", 0777) = 0 [pid 4694] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4696] <... ioctl resumed>) = 0 [pid 4696] close(3) = 0 [ 210.098728][ T4693] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/216/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4696] close(4 [pid 4698] <... openat resumed>) = 4 [pid 4693] <... openat resumed>) = 4 [pid 4698] ioctl(4, LOOP_SET_FD, 3 [pid 4693] ioctl(4, LOOP_CLR_FD [pid 4696] <... close resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 4696] mkdir("./bus", 0777 [pid 4698] <... ioctl resumed>) = 0 [pid 4696] <... mkdir resumed>) = 0 [pid 4693] <... ioctl resumed>) = 0 [pid 343] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4696] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4698] close(3 [pid 4693] close(4 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4698] <... close resumed>) = 0 [pid 4693] <... close resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./218/bus", [pid 4698] close(4 [pid 4693] memfd_create("syzkaller", 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4693] <... memfd_create resumed>) = 4 [pid 343] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4693] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] openat(AT_FDCWD, "./218/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./218/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./218") = 0 [pid 343] mkdir("./219", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4696] <... mount resumed>) = 0 [pid 4696] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4696] chdir("./bus") = 0 [pid 4696] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4694] <... mount resumed>) = 0 [pid 4694] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4694] chdir("./bus") = 0 [pid 4694] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4698] <... close resumed>) = 0 [pid 4698] mkdir("./bus", 0777) = 0 [pid 4698] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4693] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4696] <... openat resumed>) = 4 [pid 343] <... openat resumed>) = 3 [pid 4696] ioctl(4, LOOP_CLR_FD) = 0 [pid 4696] close(4) = 0 [pid 4696] memfd_create("syzkaller", 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4696] <... memfd_create resumed>) = 4 [pid 4696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4696] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4708 [pid 4694] <... openat resumed>) = 4 [pid 4694] ioctl(4, LOOP_CLR_FD) = 0 [pid 4694] close(4) = 0 [pid 4694] memfd_create("syzkaller", 0) = 4 [pid 4694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 210.263562][ T4696] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/218/bus supports timestamps until (%ptR?) (0x7fffffff) [ 210.278797][ T4694] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/214/bus supports timestamps until (%ptR?) (0x7fffffff) ./strace-static-x86_64: Process 4708 attached [pid 4708] set_robust_list(0x555584fcf660, 24) = 0 [pid 4708] chdir("./219") = 0 [pid 4708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4708] setpgid(0, 0) = 0 [pid 4708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4708] write(3, "1000", 4) = 4 [pid 4708] close(3) = 0 [pid 4708] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4708] write(1, "executing program\n", 18executing program ) = 18 [pid 4708] memfd_create("syzkaller", 0) = 3 [pid 4708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4708] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4693] <... write resumed>) = 20699119 [pid 4698] <... mount resumed>) = 0 [pid 4698] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4698] chdir("./bus") = 0 [pid 4698] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4698] ioctl(4, LOOP_CLR_FD) = 0 [pid 4698] close(4) = 0 [pid 4698] memfd_create("syzkaller", 0) = 4 [pid 4698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4708] <... write resumed>) = 262144 [pid 4708] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4708] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4708] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4708] close(3) = 0 [pid 4708] close(4 [pid 4693] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4693] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4708] <... close resumed>) = 0 [pid 4708] mkdir("./bus", 0777) = 0 [ 210.381762][ T4698] ext4 filesystem being mounted at /root/syzkaller.53SCZU/218/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4708] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4693] <... openat resumed>) = 5 [pid 4693] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4693] ioctl(5, LOOP_CLR_FD) = 0 [pid 4693] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4693] close(5 [pid 4696] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4693] <... close resumed>) = 0 [pid 4693] close(4 [pid 4694] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4708] <... mount resumed>) = 0 [pid 4708] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4708] chdir("./bus") = 0 [pid 4708] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4708] ioctl(4, LOOP_CLR_FD) = 0 [pid 4708] close(4) = 0 [pid 4708] memfd_create("syzkaller", 0) = 4 [pid 4708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4693] <... close resumed>) = 0 [pid 4693] exit_group(0) = ? [pid 4693] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4693, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4698] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./216", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./216/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./216/binderfs") = 0 [pid 344] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4696] <... write resumed>) = 20699119 [pid 4696] munmap(0x7f7c475b3000, 138412032) = 0 [ 210.567950][ T4708] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/219/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4696] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 4696] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 344] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4696] ioctl(5, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./216/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./216/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, [pid 4696] <... ioctl resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./216/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./216") = 0 [pid 344] mkdir("./217", 0777) = 0 [pid 4696] ioctl(5, LOOP_SET_FD, 4 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 4696] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4696] close(5) = 0 [pid 4696] close(4 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4713 ./strace-static-x86_64: Process 4713 attached [pid 4713] set_robust_list(0x555584fcf660, 24) = 0 [pid 4713] chdir("./217") = 0 [pid 4713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4713] setpgid(0, 0) = 0 [pid 4713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4713] write(3, "1000", 4) = 4 [pid 4713] close(3) = 0 [pid 4713] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4713] write(1, "executing program\n", 18executing program ) = 18 [pid 4713] memfd_create("syzkaller", 0) = 3 [pid 4713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4713] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4713] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4713] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4713] ioctl(4, LOOP_SET_FD, 3 [pid 4698] <... write resumed>) = 20699119 [pid 4698] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4713] <... ioctl resumed>) = 0 [pid 4713] close(3) = 0 [pid 4713] close(4) = 0 [pid 4713] mkdir("./bus", 0777) = 0 [pid 4713] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4698] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4698] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4698] ioctl(5, LOOP_CLR_FD) = 0 [pid 4698] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4698] close(5) = 0 [pid 4698] close(4 [pid 4694] <... write resumed>) = 20699119 [pid 4694] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4694] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4694] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4694] ioctl(5, LOOP_CLR_FD) = 0 [pid 4694] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4694] close(5) = 0 [pid 4694] close(4 [pid 4708] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4713] <... mount resumed>) = 0 [pid 4713] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4713] chdir("./bus") = 0 [pid 4713] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4713] ioctl(4, LOOP_CLR_FD) = 0 [pid 4713] close(4) = 0 [pid 4713] memfd_create("syzkaller", 0) = 4 [pid 4713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4696] <... close resumed>) = 0 [pid 4696] exit_group(0) = ? [pid 4696] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4696, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./218", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./218/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./218/binderfs") = 0 [ 210.778509][ T4713] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/217/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 348] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4698] <... close resumed>) = 0 [pid 4698] exit_group(0) = ? [pid 4698] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4698, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4694] <... close resumed>) = 0 [pid 4694] exit_group(0) = ? [pid 4694] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4694, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 349] umount2("./218", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./214", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 349] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, [pid 342] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./218/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./214/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./218/binderfs", [pid 342] newfstatat(AT_FDCWD, "./214/binderfs", [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./218/binderfs" [pid 342] unlink("./214/binderfs" [pid 349] <... unlink resumed>) = 0 [pid 342] <... unlink resumed>) = 0 [pid 349] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4708] <... write resumed>) = 20699119 [pid 4708] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4708] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./218/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./218/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./218/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./218") = 0 [pid 348] mkdir("./219", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4713] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 4713] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4713] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4708] <... openat resumed>) = 5 [pid 4708] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4708] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./214/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./214/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./214/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./214/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./214") = 0 [pid 342] mkdir("./215", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4717 ./strace-static-x86_64: Process 4717 attached [pid 4713] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 4717] set_robust_list(0x555584fcf660, 24 [pid 4713] ioctl(5, LOOP_SET_FD, 4 [pid 4708] ioctl(5, LOOP_SET_FD, 4 [pid 349] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program , child_tidptr=0x555584fcf650) = 4718 ./strace-static-x86_64: Process 4718 attached [pid 4718] set_robust_list(0x555584fcf660, 24) = 0 [pid 4718] chdir("./219") = 0 [pid 4718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4718] setpgid(0, 0) = 0 [pid 4718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4718] write(3, "1000", 4) = 4 [pid 4718] close(3) = 0 [pid 4718] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4718] write(1, "executing program\n", 18) = 18 [pid 4718] memfd_create("syzkaller", 0) = 3 [pid 4718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4718] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4717] <... set_robust_list resumed>) = 0 [pid 4713] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4708] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./218/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./218/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", [pid 4718] <... write resumed>) = 262144 [pid 4717] chdir("./215" [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4718] munmap(0x7f7c475b3000, 138412032 [pid 4717] <... chdir resumed>) = 0 [pid 4713] ioctl(5, LOOP_CLR_FD [pid 4708] close(5 [pid 349] getdents64(4, [pid 4713] <... ioctl resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4718] <... munmap resumed>) = 0 [pid 4718] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4718] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4718] close(3) = 0 [pid 4718] close(4) = 0 [pid 4718] mkdir("./bus", 0777) = 0 [pid 4718] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4717] setpgid(0, 0) = 0 [pid 4717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4717] write(3, "1000", 4) = 4 [pid 4717] close(3) = 0 [pid 4717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4717] write(1, "executing program\n", 18executing program ) = 18 [pid 4717] memfd_create("syzkaller", 0) = 3 [pid 4717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4717] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4717] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4717] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4717] close(3) = 0 [pid 4717] close(4 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./218/bus") = 0 [pid 349] getdents64(3, [pid 4713] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4713] close(5 [pid 349] close(3) = 0 [pid 349] rmdir("./218") = 0 [pid 349] mkdir("./219", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4718] <... mount resumed>) = 0 [pid 4718] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4718] chdir("./bus") = 0 [pid 4718] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4717] <... close resumed>) = 0 [pid 4717] mkdir("./bus", 0777) = 0 [pid 4717] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4708] <... close resumed>) = 0 [pid 4708] close(4 [pid 4713] <... close resumed>) = 0 [pid 4718] <... openat resumed>) = 4 [pid 4718] ioctl(4, LOOP_CLR_FD) = 0 [pid 4718] close(4) = 0 [pid 4718] memfd_create("syzkaller", 0) = 4 [pid 4718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4713] close(4 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4723 ./strace-static-x86_64: Process 4723 attached [pid 4723] set_robust_list(0x555584fcf660, 24) = 0 [pid 4723] chdir("./219") = 0 [pid 4723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4723] setpgid(0, 0) = 0 [pid 4723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4723] write(3, "1000", 4) = 4 [pid 4723] close(3) = 0 [pid 4723] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4723] write(1, "executing program\n", 18) = 18 [pid 4723] memfd_create("syzkaller", 0) = 3 [pid 4723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4723] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4723] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4723] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 211.038973][ T4718] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/219/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4723] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4723] close(3) = 0 [pid 4723] close(4) = 0 [pid 4723] mkdir("./bus", 0777) = 0 [pid 4723] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4717] <... mount resumed>) = 0 [pid 4717] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4717] chdir("./bus") = 0 [pid 4717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4717] ioctl(4, LOOP_CLR_FD) = 0 [pid 4717] close(4) = 0 [pid 4717] memfd_create("syzkaller", 0) = 4 [pid 4717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4708] <... close resumed>) = 0 [pid 4708] exit_group(0) = ? [pid 4708] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4708, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4723] <... mount resumed>) = 0 [pid 4723] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4723] chdir("./bus") = 0 [pid 4723] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4723] ioctl(4, LOOP_CLR_FD) = 0 [pid 4723] close(4 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./219", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./219/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./219/binderfs") = 0 [ 211.147143][ T4717] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/215/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4713] <... close resumed>) = 0 [pid 4723] <... close resumed>) = 0 [pid 4723] memfd_create("syzkaller", 0) = 4 [pid 4723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4713] exit_group(0) = ? [pid 4713] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4713, si_uid=0, si_status=0, si_utime=7, si_stime=8} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 343] <... umount2 resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./217", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./217/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./219/bus", [pid 344] newfstatat(AT_FDCWD, "./217/binderfs", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] unlink("./217/binderfs" [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... unlink resumed>) = 0 [pid 344] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] openat(AT_FDCWD, "./219/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./219/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./219") = 0 [pid 343] mkdir("./220", 0777) = 0 [ 211.190430][ T4723] ext4 filesystem being mounted at /root/syzkaller.53SCZU/219/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4729 [pid 344] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./217/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./217/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./217/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./217") = 0 [pid 344] mkdir("./218", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4718] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4730 ./strace-static-x86_64: Process 4729 attached [pid 4729] set_robust_list(0x555584fcf660, 24) = 0 [pid 4729] chdir("./220") = 0 [pid 4729] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4729] setpgid(0, 0) = 0 [pid 4729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4729] write(3, "1000", 4) = 4 [pid 4729] close(3) = 0 [pid 4729] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4729] write(1, "executing program\n", 18executing program ) = 18 [pid 4729] memfd_create("syzkaller", 0./strace-static-x86_64: Process 4730 attached [pid 4730] set_robust_list(0x555584fcf660, 24) = 0 [pid 4730] chdir("./218" [pid 4729] <... memfd_create resumed>) = 3 [pid 4729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4729] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4729] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4729] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4729] ioctl(4, LOOP_SET_FD, 3 [pid 4730] <... chdir resumed>) = 0 [pid 4730] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4730] setpgid(0, 0) = 0 [pid 4730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4730] write(3, "1000", 4) = 4 [pid 4730] close(3) = 0 [pid 4730] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4730] write(1, "executing program\n", 18executing program ) = 18 [pid 4730] memfd_create("syzkaller", 0) = 3 [pid 4730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4730] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4730] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4730] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4729] <... ioctl resumed>) = 0 [pid 4730] <... openat resumed>) = 4 [pid 4730] ioctl(4, LOOP_SET_FD, 3 [pid 4729] close(3) = 0 [pid 4729] close(4 [pid 4730] <... ioctl resumed>) = 0 [pid 4730] close(3 [pid 4729] <... close resumed>) = 0 [pid 4730] <... close resumed>) = 0 [pid 4730] close(4 [pid 4729] mkdir("./bus", 0777) = 0 [pid 4729] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4730] <... close resumed>) = 0 [pid 4730] mkdir("./bus", 0777 [pid 4717] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4730] <... mkdir resumed>) = 0 [pid 4730] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4723] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4718] <... write resumed>) = 20699119 [pid 4718] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4718] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4718] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4718] ioctl(5, LOOP_CLR_FD) = 0 [pid 4718] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4718] close(5) = 0 [pid 4718] close(4 [pid 4723] <... write resumed>) = 20699119 [pid 4723] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4723] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4723] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4723] ioctl(5, LOOP_CLR_FD) = 0 [pid 4730] <... mount resumed>) = 0 [pid 4730] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4730] chdir("./bus") = 0 [pid 4730] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4730] ioctl(4, LOOP_CLR_FD) = 0 [pid 4730] close(4) = 0 [pid 4723] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4723] close(5) = 0 [pid 4723] close(4 [pid 4730] memfd_create("syzkaller", 0) = 4 [pid 4730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4729] <... mount resumed>) = 0 [pid 4729] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4729] chdir("./bus") = 0 [pid 4718] <... close resumed>) = 0 [pid 4729] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4729] ioctl(4, LOOP_CLR_FD) = 0 [pid 4729] close(4) = 0 [pid 4729] memfd_create("syzkaller", 0) = 4 [pid 4729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4718] exit_group(0 [pid 4717] <... write resumed>) = 20699119 [pid 4718] <... exit_group resumed>) = ? [pid 4718] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4718, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./219", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./219/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4717] munmap(0x7f7c475b3000, 138412032 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./219/binderfs") = 0 [pid 348] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4717] <... munmap resumed>) = 0 [pid 4717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4717] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4717] ioctl(5, LOOP_CLR_FD) = 0 [pid 4717] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [ 211.488190][ T4730] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/218/bus supports timestamps until (%ptR?) (0x7fffffff) [ 211.502065][ T4729] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/220/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4717] close(5 [pid 4723] <... close resumed>) = 0 [pid 4723] exit_group(0) = ? [pid 4723] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4723, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./219", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./219/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./219/binderfs") = 0 [pid 349] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4717] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./219/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./219/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./219/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./219") = 0 [pid 348] mkdir("./220", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4717] close(4 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 349] <... umount2 resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4737 ./strace-static-x86_64: Process 4737 attached [pid 4737] set_robust_list(0x555584fcf660, 24) = 0 [pid 4737] chdir("./220") = 0 [pid 4737] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4737] setpgid(0, 0) = 0 [pid 4737] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4737] write(3, "1000", 4) = 4 [pid 4737] close(3) = 0 [pid 4737] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4737] write(1, "executing program\n", 18executing program ) = 18 [pid 4737] memfd_create("syzkaller", 0) = 3 [pid 4737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./219/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./219/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./219/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./219" [pid 4730] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4737] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] <... rmdir resumed>) = 0 [pid 4737] <... write resumed>) = 262144 [pid 349] mkdir("./220", 0777 [pid 4737] munmap(0x7f7c475b3000, 138412032 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4737] <... munmap resumed>) = 0 [pid 4729] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4737] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4737] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4737] close(3) = 0 [pid 4737] close(4) = 0 [pid 4737] mkdir("./bus", 0777) = 0 [pid 4737] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4739 ./strace-static-x86_64: Process 4739 attached [pid 4739] set_robust_list(0x555584fcf660, 24) = 0 [pid 4739] chdir("./220") = 0 [pid 4739] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4739] setpgid(0, 0) = 0 [pid 4739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4739] write(3, "1000", 4) = 4 [pid 4739] close(3) = 0 [pid 4739] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4739] write(1, "executing program\n", 18) = 18 [pid 4739] memfd_create("syzkaller", 0) = 3 [pid 4739] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4739] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4739] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4739] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4739] ioctl(4, LOOP_SET_FD, 3 [pid 4737] <... mount resumed>) = 0 [pid 4739] <... ioctl resumed>) = 0 [pid 4739] close(3) = 0 [pid 4739] close(4) = 0 [pid 4739] mkdir("./bus", 0777) = 0 [pid 4739] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4737] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4737] chdir("./bus") = 0 [pid 4737] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4737] ioctl(4, LOOP_CLR_FD) = 0 [pid 4737] close(4) = 0 [pid 4737] memfd_create("syzkaller", 0) = 4 [pid 4737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4717] <... close resumed>) = 0 [pid 4717] exit_group(0) = ? [pid 4717] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4717, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./215", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./215/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./215/binderfs") = 0 [pid 342] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4739] <... mount resumed>) = 0 [pid 4739] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4739] chdir("./bus") = 0 [ 211.729093][ T4737] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/220/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4739] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4730] <... write resumed>) = 20699119 [pid 4730] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4739] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 4739] ioctl(4, LOOP_CLR_FD) = 0 [pid 342] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4739] close(4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4739] <... close resumed>) = 0 [pid 4729] <... write resumed>) = 20699119 [pid 4729] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4729] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4729] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4729] ioctl(5, LOOP_CLR_FD [pid 4739] memfd_create("syzkaller", 0 [pid 342] newfstatat(AT_FDCWD, "./215/bus", [pid 4739] <... memfd_create resumed>) = 4 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4739] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] umount2("./215/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4739] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4729] <... ioctl resumed>) = 0 [pid 4729] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4729] close(5) = 0 [pid 4729] close(4 [pid 342] openat(AT_FDCWD, "./215/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4730] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 342] getdents64(4, [pid 4730] <... openat resumed>) = 5 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4730] ioctl(5, LOOP_SET_FD, 4 [pid 342] close(4 [pid 4730] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... close resumed>) = 0 [pid 4730] ioctl(5, LOOP_CLR_FD [pid 342] rmdir("./215/bus") = 0 [pid 4730] <... ioctl resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./215") = 0 [pid 342] mkdir("./216", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4730] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... openat resumed>) = 3 [pid 4730] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] ioctl(3, LOOP_CLR_FD [pid 4730] close(5 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4730] <... close resumed>) = 0 [pid 342] close(3 [pid 4730] close(4 [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4745 ./strace-static-x86_64: Process 4745 attached [pid 4745] set_robust_list(0x555584fcf660, 24) = 0 [pid 4745] chdir("./216") = 0 [pid 4745] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4745] setpgid(0, 0) = 0 [pid 4745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4745] write(3, "1000", 4) = 4 [pid 4745] close(3) = 0 [pid 4745] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4745] write(1, "executing program\n", 18executing program ) = 18 [pid 4745] memfd_create("syzkaller", 0) = 3 [pid 4745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4745] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [ 211.786921][ T4739] ext4 filesystem being mounted at /root/syzkaller.53SCZU/220/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4745] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4745] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4745] close(3) = 0 [pid 4745] close(4) = 0 [pid 4745] mkdir("./bus", 0777) = 0 [pid 4745] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 4745] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4745] chdir("./bus") = 0 [pid 4745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4745] ioctl(4, LOOP_CLR_FD) = 0 [pid 4745] close(4) = 0 [pid 4745] memfd_create("syzkaller", 0) = 4 [pid 4745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4729] <... close resumed>) = 0 [pid 4729] exit_group(0) = ? [pid 4729] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4729, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4737] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./220", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./220/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./220/binderfs") = 0 [pid 343] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4730] <... close resumed>) = 0 [pid 4730] exit_group(0) = ? [pid 4730] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4730, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./218", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./218/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./218/binderfs") = 0 [ 211.919606][ T4745] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/216/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./220/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./220/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./220/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./220") = 0 [pid 4739] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] mkdir("./221", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4737] <... write resumed>) = 20699119 [pid 4737] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4737] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./218/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./218/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./218/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./218" [pid 4737] <... openat resumed>) = 5 [pid 343] <... openat resumed>) = 3 [pid 4737] ioctl(5, LOOP_SET_FD, 4 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4737] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4737] ioctl(5, LOOP_CLR_FD [pid 343] close(3 [pid 4737] <... ioctl resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4749 [pid 344] <... rmdir resumed>) = 0 [pid 344] mkdir("./219", 0777) = 0 [pid 4737] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4737] close(5) = 0 [pid 4737] close(4 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4750 ./strace-static-x86_64: Process 4750 attached [pid 4750] set_robust_list(0x555584fcf660, 24) = 0 [pid 4750] chdir("./219") = 0 [pid 4750] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4750] setpgid(0, 0) = 0 [pid 4750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4750] write(3, "1000", 4) = 4 [pid 4750] close(3) = 0 [pid 4750] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4750] write(1, "executing program\n", 18) = 18 [pid 4750] memfd_create("syzkaller", 0) = 3 [pid 4750] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4750] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 4749 attached [pid 4749] set_robust_list(0x555584fcf660, 24) = 0 [pid 4749] chdir("./221") = 0 [pid 4749] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4749] setpgid(0, 0) = 0 [pid 4749] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4749] write(3, "1000", 4) = 4 [pid 4749] close(3) = 0 [pid 4749] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4749] write(1, "executing program\n", 18) = 18 [pid 4749] memfd_create("syzkaller", 0) = 3 [pid 4749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4749] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4749] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4749] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4749] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4750] <... write resumed>) = 262144 [pid 4750] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4749] close(3) = 0 [pid 4749] close(4) = 0 [pid 4749] mkdir("./bus", 0777 [pid 4750] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4749] <... mkdir resumed>) = 0 [pid 4749] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4750] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4750] close(3) = 0 [pid 4750] close(4) = 0 [pid 4750] mkdir("./bus", 0777) = 0 [pid 4750] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4745] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4750] <... mount resumed>) = 0 [pid 4750] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4750] chdir("./bus") = 0 [pid 4750] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4750] ioctl(4, LOOP_CLR_FD) = 0 [pid 4750] close(4) = 0 [pid 4750] memfd_create("syzkaller", 0) = 4 [pid 4750] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4739] <... write resumed>) = 20699119 [pid 4739] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4739] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4739] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4739] ioctl(5, LOOP_CLR_FD) = 0 [pid 4739] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4739] close(5) = 0 [pid 4739] close(4 [pid 4749] <... mount resumed>) = 0 [pid 4737] <... close resumed>) = 0 [pid 4749] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4749] chdir("./bus" [pid 4737] exit_group(0 [pid 4749] <... chdir resumed>) = 0 [pid 4737] <... exit_group resumed>) = ? [pid 4749] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4749] ioctl(4, LOOP_CLR_FD) = 0 [ 212.140752][ T4750] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/219/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4749] close(4) = 0 [pid 4737] +++ exited with 0 +++ [pid 4749] memfd_create("syzkaller", 0 [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4737, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 4749] <... memfd_create resumed>) = 4 [pid 4749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] umount2("./220", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./220/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./220/binderfs") = 0 [pid 348] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 348] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./220/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./220/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [ 212.195193][ T4749] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/221/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 348] rmdir("./220/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./220") = 0 [pid 348] mkdir("./221", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4757 [pid 4745] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 4757 attached [pid 4757] set_robust_list(0x555584fcf660, 24) = 0 [pid 4757] chdir("./221") = 0 [pid 4757] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4757] setpgid(0, 0) = 0 [pid 4757] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4757] write(3, "1000", 4) = 4 [pid 4757] close(3) = 0 [pid 4757] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4745] munmap(0x7f7c475b3000, 138412032 [pid 4757] write(1, "executing program\n", 18) = 18 [pid 4757] memfd_create("syzkaller", 0) = 3 [pid 4757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4757] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4745] <... munmap resumed>) = 0 [pid 4757] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4745] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4757] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4745] <... openat resumed>) = 5 [pid 4757] ioctl(4, LOOP_SET_FD, 3 [pid 4745] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4745] ioctl(5, LOOP_CLR_FD [pid 4757] <... ioctl resumed>) = 0 [pid 4757] close(3 [pid 4745] <... ioctl resumed>) = 0 [pid 4757] <... close resumed>) = 0 [pid 4757] close(4) = 0 [pid 4757] mkdir("./bus", 0777) = 0 [pid 4757] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4745] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4745] close(5) = 0 [pid 4745] close(4 [pid 4739] <... close resumed>) = 0 [pid 4739] exit_group(0) = ? [pid 4739] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4739, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./220", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./220/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./220/binderfs") = 0 [pid 349] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4750] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4757] <... mount resumed>) = 0 [pid 4757] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./220/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./220/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 4757] <... openat resumed>) = 3 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 4757] chdir("./bus" [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./220/bus" [pid 4757] <... chdir resumed>) = 0 [pid 4757] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 4757] <... openat resumed>) = 4 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4757] ioctl(4, LOOP_CLR_FD [pid 349] close(3 [pid 4757] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 4757] close(4 [pid 349] rmdir("./220" [pid 4757] <... close resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 4757] memfd_create("syzkaller", 0 [pid 349] mkdir("./221", 0777 [pid 4757] <... memfd_create resumed>) = 4 [pid 349] <... mkdir resumed>) = 0 [pid 4757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4757] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4749] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4761 ./strace-static-x86_64: Process 4761 attached [pid 4761] set_robust_list(0x555584fcf660, 24 [pid 4745] <... close resumed>) = 0 [pid 4761] <... set_robust_list resumed>) = 0 [pid 4761] chdir("./221" [pid 4745] exit_group(0 [pid 4761] <... chdir resumed>) = 0 [pid 4745] <... exit_group resumed>) = ? [pid 4761] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4745] +++ exited with 0 +++ [pid 4761] setpgid(0, 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4745, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 4761] <... setpgid resumed>) = 0 [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4761] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4761] write(3, "1000", 4) = 4 [pid 4761] close(3) = 0 [pid 4761] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4761] write(1, "executing program\n", 18) = 18 [pid 4761] memfd_create("syzkaller", 0) = 3 [pid 4761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4761] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4761] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4761] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 342] <... restart_syscall resumed>) = 0 [pid 4761] ioctl(4, LOOP_SET_FD, 3 [pid 342] umount2("./216", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./216/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./216/binderfs") = 0 [pid 342] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4761] <... ioctl resumed>) = 0 [pid 4761] close(3) = 0 [ 212.374949][ T4757] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/221/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4761] close(4 [pid 4749] <... write resumed>) = 20699119 [pid 4749] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4749] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4761] <... close resumed>) = 0 [pid 4749] <... openat resumed>) = 5 [pid 342] <... umount2 resumed>) = 0 [pid 4761] mkdir("./bus", 0777 [pid 4749] ioctl(5, LOOP_SET_FD, 4 [pid 4761] <... mkdir resumed>) = 0 [pid 4749] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4761] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4749] ioctl(5, LOOP_CLR_FD [pid 342] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./216/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./216/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./216/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./216/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./216") = 0 [pid 342] mkdir("./217", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4750] <... write resumed>) = 20699119 [pid 4750] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4750] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4757] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4749] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4764 [pid 4749] ioctl(5, LOOP_SET_FD, 4./strace-static-x86_64: Process 4764 attached ) = -1 EBUSY (Device or resource busy) [pid 4750] <... openat resumed>) = 5 [pid 4750] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4750] ioctl(5, LOOP_CLR_FD) = 0 [pid 4764] set_robust_list(0x555584fcf660, 24 [pid 4749] close(5 [pid 4764] <... set_robust_list resumed>) = 0 [pid 4764] chdir("./217") = 0 [pid 4764] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4764] setpgid(0, 0 [pid 4749] <... close resumed>) = 0 [pid 4749] close(4 [pid 4750] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4750] close(5) = 0 [pid 4750] close(4 [pid 4764] <... setpgid resumed>) = 0 executing program [pid 4764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4764] write(3, "1000", 4) = 4 [pid 4764] close(3) = 0 [pid 4764] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4764] write(1, "executing program\n", 18) = 18 [pid 4764] memfd_create("syzkaller", 0) = 3 [pid 4764] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4764] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4764] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4764] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4764] ioctl(4, LOOP_SET_FD, 3 [pid 4757] <... write resumed>) = 20699119 [pid 4764] <... ioctl resumed>) = 0 [pid 4757] munmap(0x7f7c475b3000, 138412032 [pid 4764] close(3) = 0 [pid 4764] close(4) = 0 [pid 4764] mkdir("./bus", 0777) = 0 [pid 4764] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4757] <... munmap resumed>) = 0 [pid 4761] <... mount resumed>) = 0 [pid 4761] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4761] chdir("./bus") = 0 [pid 4761] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4761] ioctl(4, LOOP_CLR_FD) = 0 [pid 4761] close(4 [pid 4757] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4757] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4761] <... close resumed>) = 0 [pid 4757] ioctl(5, LOOP_CLR_FD) = 0 [pid 4761] memfd_create("syzkaller", 0 [pid 4757] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4757] close(5) = 0 [pid 4761] <... memfd_create resumed>) = 4 [pid 4761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4757] close(4 [pid 4750] <... close resumed>) = 0 [pid 4764] <... mount resumed>) = 0 [pid 4764] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4764] chdir("./bus") = 0 [pid 4764] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4764] ioctl(4, LOOP_CLR_FD) = 0 [pid 4764] close(4) = 0 [pid 4764] memfd_create("syzkaller", 0) = 4 [pid 4764] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 212.608290][ T4761] ext4 filesystem being mounted at /root/syzkaller.53SCZU/221/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4750] exit_group(0) = ? [pid 4750] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4750, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./219", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./219/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./219/binderfs") = 0 [pid 344] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4757] <... close resumed>) = 0 [pid 4757] exit_group(0) = ? [pid 4757] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4757, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4749] <... close resumed>) = 0 [pid 4749] exit_group(0) = ? [pid 4749] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4749, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 348] umount2("./221", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./221", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 343] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 343] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./221/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./221/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./221/binderfs", [pid 343] newfstatat(AT_FDCWD, "./221/binderfs", [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./221/binderfs" [pid 343] unlink("./221/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 348] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./219/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./219/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./219/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./219") = 0 [pid 344] mkdir("./220", 0777) = 0 [ 212.669865][ T4764] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/217/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./221/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./221/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./221/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./221") = 0 [pid 348] mkdir("./222", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4761] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4769 [pid 343] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./221/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./221/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./221/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./221" [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... rmdir resumed>) = 0 [pid 343] mkdir("./222", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4770 [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4771 ./strace-static-x86_64: Process 4770 attached [pid 4770] set_robust_list(0x555584fcf660, 24) = 0 [pid 4770] chdir("./222") = 0 [pid 4770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4770] setpgid(0, 0) = 0 [pid 4770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 4771 attached [pid 4771] set_robust_list(0x555584fcf660, 24 [pid 4770] <... openat resumed>) = 3 [pid 4771] <... set_robust_list resumed>) = 0 [pid 4771] chdir("./220" [pid 4770] write(3, "1000", 4) = 4 [pid 4771] <... chdir resumed>) = 0 [pid 4770] close(3) = 0 [pid 4771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4770] symlink("/dev/binderfs", "./binderfs" [pid 4771] setpgid(0, 0 [pid 4770] <... symlink resumed>) = 0 [pid 4771] <... setpgid resumed>) = 0 [pid 4771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4771] write(3, "1000", 4) = 4 [pid 4770] write(1, "executing program\n", 18 [pid 4771] close(3executing program [pid 4770] <... write resumed>) = 18 [pid 4771] <... close resumed>) = 0 [pid 4770] memfd_create("syzkaller", 0 [pid 4771] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4770] <... memfd_create resumed>) = 3 [pid 4770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4770] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144executing program [pid 4771] write(1, "executing program\n", 18) = 18 [pid 4771] memfd_create("syzkaller", 0) = 3 [pid 4771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4771] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4770] <... write resumed>) = 262144 [pid 4771] <... write resumed>) = 262144 [pid 4770] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4771] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4770] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4770] ioctl(4, LOOP_SET_FD, 3 [pid 4771] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4770] <... ioctl resumed>) = 0 [pid 4771] <... openat resumed>) = 4 [pid 4771] ioctl(4, LOOP_SET_FD, 3 [pid 4770] close(3) = 0 [pid 4770] close(4./strace-static-x86_64: Process 4769 attached [pid 4769] set_robust_list(0x555584fcf660, 24) = 0 [pid 4769] chdir("./222") = 0 [pid 4769] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4769] setpgid(0, 0) = 0 [pid 4769] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4769] write(3, "1000", 4) = 4 [pid 4769] close(3) = 0 [pid 4769] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4769] write(1, "executing program\n", 18) = 18 [pid 4769] memfd_create("syzkaller", 0) = 3 [pid 4769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4769] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4769] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4769] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4771] <... ioctl resumed>) = 0 [pid 4770] <... close resumed>) = 0 [pid 4770] mkdir("./bus", 0777) = 0 [pid 4771] close(3) = 0 [pid 4771] close(4 [pid 4770] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4764] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4769] <... openat resumed>) = 4 [pid 4771] <... close resumed>) = 0 [pid 4769] ioctl(4, LOOP_SET_FD, 3 [pid 4771] mkdir("./bus", 0777) = 0 [pid 4771] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4769] <... ioctl resumed>) = 0 [pid 4769] close(3) = 0 [pid 4769] close(4 [pid 4761] <... write resumed>) = 20699119 [pid 4761] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4761] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4770] <... mount resumed>) = 0 [pid 4770] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4770] chdir("./bus") = 0 [pid 4770] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4769] <... close resumed>) = 0 [pid 4769] mkdir("./bus", 0777) = 0 [pid 4764] <... write resumed>) = 20699119 [pid 4769] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4764] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4764] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4761] <... openat resumed>) = 5 [pid 4761] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4761] ioctl(5, LOOP_CLR_FD) = 0 [pid 4770] <... openat resumed>) = 4 [pid 4764] <... openat resumed>) = 5 [pid 4761] ioctl(5, LOOP_SET_FD, 4 [pid 4771] <... mount resumed>) = 0 [pid 4770] ioctl(4, LOOP_CLR_FD [pid 4764] ioctl(5, LOOP_SET_FD, 4 [pid 4761] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4771] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4770] <... ioctl resumed>) = 0 [pid 4764] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4761] close(5 [pid 4764] ioctl(5, LOOP_CLR_FD [pid 4761] <... close resumed>) = 0 [pid 4764] <... ioctl resumed>) = 0 [pid 4761] close(4 [pid 4770] close(4) = 0 [pid 4770] memfd_create("syzkaller", 0 [pid 4764] ioctl(5, LOOP_SET_FD, 4 [pid 4770] <... memfd_create resumed>) = 4 [pid 4764] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4764] close(5) = 0 [pid 4764] close(4 [pid 4771] <... openat resumed>) = 3 [pid 4771] chdir("./bus") = 0 [pid 4771] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4771] ioctl(4, LOOP_CLR_FD) = 0 [pid 4771] close(4) = 0 [pid 4771] memfd_create("syzkaller", 0) = 4 [pid 4771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 212.901024][ T4770] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/222/bus supports timestamps until (%ptR?) (0x7fffffff) [ 212.938225][ T4771] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/220/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4769] <... mount resumed>) = 0 [pid 4769] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4769] chdir("./bus") = 0 [pid 4769] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4769] ioctl(4, LOOP_CLR_FD) = 0 [pid 4769] close(4) = 0 [pid 4769] memfd_create("syzkaller", 0) = 4 [pid 4769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4761] <... close resumed>) = 0 [pid 4764] <... close resumed>) = 0 [pid 4764] exit_group(0) = ? [pid 4764] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4764, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4761] exit_group(0) = ? [pid 4761] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4761, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 349] umount2("./221", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] umount2("./217", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(3, "", [pid 342] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] newfstatat(3, "", [pid 349] getdents64(3, [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] getdents64(3, [pid 349] umount2("./221/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] newfstatat(AT_FDCWD, "./221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./217/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] unlink("./221/binderfs" [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... unlink resumed>) = 0 [pid 342] newfstatat(AT_FDCWD, "./217/binderfs", [pid 349] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./217/binderfs") = 0 [ 213.008243][ T4769] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/222/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./221/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./221/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./221/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./221") = 0 [pid 349] mkdir("./222", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4771] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4781 [pid 342] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./217/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./217/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./217/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./217/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./217") = 0 [pid 342] mkdir("./218", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4782 ./strace-static-x86_64: Process 4781 attached [pid 4781] set_robust_list(0x555584fcf660, 24) = 0 [pid 4781] chdir("./222"./strace-static-x86_64: Process 4782 attached [pid 4782] set_robust_list(0x555584fcf660, 24 [pid 4781] <... chdir resumed>) = 0 [pid 4782] <... set_robust_list resumed>) = 0 [pid 4781] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4782] chdir("./218" [pid 4781] setpgid(0, 0 [pid 4782] <... chdir resumed>) = 0 [pid 4781] <... setpgid resumed>) = 0 [pid 4782] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4781] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4782] <... prctl resumed>) = 0 [pid 4781] <... openat resumed>) = 3 [pid 4782] setpgid(0, 0 [pid 4781] write(3, "1000", 4 [pid 4782] <... setpgid resumed>) = 0 [pid 4781] <... write resumed>) = 4 [pid 4782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4781] close(3) = 0 [pid 4782] <... openat resumed>) = 3 [pid 4781] symlink("/dev/binderfs", "./binderfs"executing program [pid 4782] write(3, "1000", 4 [pid 4781] <... symlink resumed>) = 0 [pid 4782] <... write resumed>) = 4 [pid 4781] write(1, "executing program\n", 18 [pid 4782] close(3 [pid 4781] <... write resumed>) = 18 [pid 4781] memfd_create("syzkaller", 0 [pid 4782] <... close resumed>) = 0 [pid 4782] symlink("/dev/binderfs", "./binderfs" [pid 4781] <... memfd_create resumed>) = 3 [pid 4782] <... symlink resumed>) = 0 [pid 4781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 4782] write(1, "executing program\n", 18 [pid 4781] <... mmap resumed>) = 0x7f7c475b3000 [pid 4782] <... write resumed>) = 18 [pid 4781] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4782] memfd_create("syzkaller", 0 [pid 4781] <... write resumed>) = 262144 [pid 4782] <... memfd_create resumed>) = 3 [pid 4782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4781] munmap(0x7f7c475b3000, 138412032 [pid 4782] <... mmap resumed>) = 0x7f7c475b3000 [pid 4781] <... munmap resumed>) = 0 [pid 4782] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4781] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4781] ioctl(4, LOOP_SET_FD, 3 [pid 4782] <... write resumed>) = 262144 [pid 4782] munmap(0x7f7c475b3000, 138412032 [pid 4770] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4781] <... ioctl resumed>) = 0 [pid 4782] <... munmap resumed>) = 0 [pid 4781] close(3 [pid 4782] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4781] <... close resumed>) = 0 [pid 4782] <... openat resumed>) = 4 [pid 4781] close(4 [pid 4782] ioctl(4, LOOP_SET_FD, 3 [pid 4781] <... close resumed>) = 0 [pid 4781] mkdir("./bus", 0777) = 0 [pid 4781] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4782] <... ioctl resumed>) = 0 [pid 4782] close(3) = 0 [pid 4782] close(4) = 0 [pid 4782] mkdir("./bus", 0777) = 0 [pid 4782] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4769] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4781] <... mount resumed>) = 0 [pid 4781] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4781] chdir("./bus") = 0 [pid 4781] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4781] ioctl(4, LOOP_CLR_FD) = 0 [pid 4781] close(4) = 0 [pid 4781] memfd_create("syzkaller", 0) = 4 [pid 4781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4771] <... write resumed>) = 20699119 [pid 4771] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4782] <... mount resumed>) = 0 [pid 4771] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4782] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4771] <... openat resumed>) = 5 [pid 4782] chdir("./bus" [pid 4771] ioctl(5, LOOP_SET_FD, 4 [pid 4782] <... chdir resumed>) = 0 [pid 4771] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4782] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4771] ioctl(5, LOOP_CLR_FD [pid 4782] <... openat resumed>) = 4 [pid 4771] <... ioctl resumed>) = 0 [pid 4782] ioctl(4, LOOP_CLR_FD) = 0 [pid 4782] close(4) = 0 [pid 4771] ioctl(5, LOOP_SET_FD, 4 [pid 4782] memfd_create("syzkaller", 0 [pid 4771] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4782] <... memfd_create resumed>) = 4 [pid 4771] close(5 [pid 4782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4771] <... close resumed>) = 0 [pid 4771] close(4 [pid 4782] <... mmap resumed>) = 0x7f7c475b3000 [ 213.227491][ T4781] ext4 filesystem being mounted at /root/syzkaller.53SCZU/222/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4770] <... write resumed>) = 20699119 [pid 4770] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4770] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4770] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4770] ioctl(5, LOOP_CLR_FD) = 0 [pid 4770] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4770] close(5) = 0 [ 213.283045][ T4782] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/218/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4770] close(4 [pid 4769] <... write resumed>) = 20699119 [pid 4769] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4769] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4769] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4769] ioctl(5, LOOP_CLR_FD) = 0 [pid 4769] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4769] close(5) = 0 [pid 4769] close(4 [pid 4771] <... close resumed>) = 0 [pid 4771] exit_group(0) = ? [pid 4771] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4771, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./220", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./220/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./220/binderfs") = 0 [pid 344] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4781] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4770] <... close resumed>) = 0 [pid 4770] exit_group(0) = ? [pid 4770] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4770, si_uid=0, si_status=0, si_utime=9, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./222", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./222/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./222/binderfs") = 0 [pid 343] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./220/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./220/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./220/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./220") = 0 [pid 344] mkdir("./221", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4782] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4769] <... close resumed>) = 0 [pid 4769] exit_group(0) = ? [pid 4769] +++ exited with 0 +++ [pid 4781] <... write resumed>) = 20699119 [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4769, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4781] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4781] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./222", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./222/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./222/binderfs" [pid 4781] <... openat resumed>) = 5 [pid 348] <... unlink resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 348] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4781] ioctl(5, LOOP_SET_FD, 4 [pid 344] close(3 [pid 343] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4781] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... close resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4781] ioctl(5, LOOP_CLR_FD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] newfstatat(AT_FDCWD, "./222/bus", [pid 4781] <... ioctl resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4789 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./222/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 4789 attached [pid 4789] set_robust_list(0x555584fcf660, 24) = 0 [pid 4789] chdir("./221" [pid 343] <... openat resumed>) = 4 [pid 4789] <... chdir resumed>) = 0 [pid 4789] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4789] setpgid(0, 0) = 0 [pid 4789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] newfstatat(4, "", [pid 4789] <... openat resumed>) = 3 [pid 4781] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4789] write(3, "1000", 4) = 4 [pid 4789] close(3) = 0 [pid 4789] symlink("/dev/binderfs", "./binderfs" [pid 4781] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] getdents64(4, [pid 4781] close(5 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./222/bus"executing program [pid 4789] <... symlink resumed>) = 0 [pid 4789] write(1, "executing program\n", 18) = 18 [pid 4789] memfd_create("syzkaller", 0 [pid 343] <... rmdir resumed>) = 0 [pid 4789] <... memfd_create resumed>) = 3 [pid 4789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./222") = 0 [pid 343] mkdir("./223", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4789] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4789] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4789] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4782] <... write resumed>) = 20699119 [pid 4782] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4782] openat(AT_FDCWD, "/dev/loop0", O_RDWRexecuting program [pid 4789] <... openat resumed>) = 4 [pid 4781] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4790 [pid 4789] ioctl(4, LOOP_SET_FD, 3 [pid 4781] close(4./strace-static-x86_64: Process 4790 attached [pid 4790] set_robust_list(0x555584fcf660, 24) = 0 [pid 4790] chdir("./223") = 0 [pid 4790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4790] setpgid(0, 0) = 0 [pid 4790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4790] write(3, "1000", 4) = 4 [pid 4790] close(3) = 0 [pid 4790] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4790] write(1, "executing program\n", 18) = 18 [pid 4790] memfd_create("syzkaller", 0) = 3 [pid 4790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4790] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4790] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4790] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./222/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./222/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./222/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./222") = 0 [pid 348] mkdir("./223", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4789] <... ioctl resumed>) = 0 [pid 4789] close(3) = 0 [pid 4789] close(4 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4792 [pid 4782] <... openat resumed>) = 5 [pid 4790] <... openat resumed>) = 4 [pid 4790] ioctl(4, LOOP_SET_FD, 3 [pid 4782] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4782] ioctl(5, LOOP_CLR_FD./strace-static-x86_64: Process 4792 attached [pid 4792] set_robust_list(0x555584fcf660, 24) = 0 [pid 4792] chdir("./223") = 0 [pid 4792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4792] setpgid(0, 0) = 0 [pid 4792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4792] write(3, "1000", 4) = 4 [pid 4792] close(3) = 0 [pid 4792] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4792] write(1, "executing program\n", 18executing program ) = 18 [pid 4792] memfd_create("syzkaller", 0) = 3 [pid 4792] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4792] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4792] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4792] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4789] <... close resumed>) = 0 [pid 4789] mkdir("./bus", 0777) = 0 [pid 4789] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4790] <... ioctl resumed>) = 0 [pid 4782] <... ioctl resumed>) = 0 [pid 4790] close(3) = 0 [pid 4790] close(4 [pid 4782] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4782] close(5 [pid 4781] <... close resumed>) = 0 [pid 4781] exit_group(0) = ? [pid 4781] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4781, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./222", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./222/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./222/binderfs") = 0 [pid 349] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4789] <... mount resumed>) = 0 [pid 4789] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4789] chdir("./bus") = 0 [pid 4789] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4790] <... close resumed>) = 0 [pid 4792] <... openat resumed>) = 4 [pid 4782] <... close resumed>) = 0 [pid 4782] close(4 [pid 4792] ioctl(4, LOOP_SET_FD, 3 [pid 4790] mkdir("./bus", 0777) = 0 [pid 4790] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4792] <... ioctl resumed>) = 0 [pid 4792] close(3) = 0 [pid 4792] close(4 [pid 4782] <... close resumed>) = 0 [pid 4782] exit_group(0) = ? [pid 4782] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4782, si_uid=0, si_status=0, si_utime=6, si_stime=9} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./218", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./218/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./218/binderfs") = 0 [ 213.688876][ T4789] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/221/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4792] <... close resumed>) = 0 [pid 4790] <... mount resumed>) = 0 [pid 4792] mkdir("./bus", 0777) = 0 [pid 4790] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4792] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4790] <... openat resumed>) = 3 [pid 4790] chdir("./bus") = 0 [pid 4790] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4789] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 [pid 4789] ioctl(4, LOOP_CLR_FD) = 0 [pid 4789] close(4 [pid 4790] <... openat resumed>) = 4 [pid 349] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] newfstatat(AT_FDCWD, "./222/bus", [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] newfstatat(AT_FDCWD, "./218/bus", [pid 349] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./218/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "./222/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 4 [pid 342] openat(AT_FDCWD, "./218/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(4, "", [pid 342] <... openat resumed>) = 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] newfstatat(4, "", [pid 349] getdents64(4, [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, [pid 349] getdents64(4, [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4790] ioctl(4, LOOP_CLR_FD [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] getdents64(4, [pid 4790] <... ioctl resumed>) = 0 [pid 349] close(4 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4790] close(4 [pid 349] <... close resumed>) = 0 [pid 342] close(4 [pid 4790] <... close resumed>) = 0 [pid 349] rmdir("./222/bus" [pid 342] <... close resumed>) = 0 [pid 4790] memfd_create("syzkaller", 0 [pid 349] <... rmdir resumed>) = 0 [pid 342] rmdir("./218/bus" [pid 4790] <... memfd_create resumed>) = 4 [pid 349] getdents64(3, [pid 342] <... rmdir resumed>) = 0 [pid 4790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] getdents64(3, [pid 4790] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] close(3 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] <... close resumed>) = 0 [pid 342] close(3 [pid 349] rmdir("./222" [pid 342] <... close resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 342] rmdir("./218" [pid 349] mkdir("./223", 0777 [pid 342] <... rmdir resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 342] mkdir("./219", 0777 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... mkdir resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] <... openat resumed>) = 3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] close(3 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... close resumed>) = 0 [pid 342] close(3 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4801 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4802 ./strace-static-x86_64: Process 4802 attached [pid 4802] set_robust_list(0x555584fcf660, 24) = 0 executing program executing program [pid 4789] <... close resumed>) = 0 [pid 4802] chdir("./219") = 0 [pid 4802] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4802] setpgid(0, 0) = 0 [pid 4802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4802] write(3, "1000", 4) = 4 [pid 4802] close(3) = 0 [pid 4802] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 4801 attached [pid 4801] set_robust_list(0x555584fcf660, 24) = 0 [pid 4801] chdir("./223") = 0 [pid 4802] write(1, "executing program\n", 18) = 18 [pid 4801] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4802] memfd_create("syzkaller", 0 [pid 4801] <... prctl resumed>) = 0 [pid 4801] setpgid(0, 0) = 0 [pid 4801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4802] <... memfd_create resumed>) = 3 [pid 4801] <... openat resumed>) = 3 [pid 4802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4802] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4801] write(3, "1000", 4) = 4 [pid 4801] close(3) = 0 [pid 4801] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4801] write(1, "executing program\n", 18) = 18 [pid 4801] memfd_create("syzkaller", 0) = 3 [pid 4801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4801] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4802] <... write resumed>) = 262144 [pid 4789] memfd_create("syzkaller", 0) = 4 [pid 4789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4802] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4801] <... write resumed>) = 262144 [pid 4802] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4802] ioctl(4, LOOP_SET_FD, 3 [pid 4801] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4801] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4802] <... ioctl resumed>) = 0 [pid 4802] close(3) = 0 [pid 4802] close(4 [pid 4801] <... openat resumed>) = 4 [pid 4801] ioctl(4, LOOP_SET_FD, 3 [pid 4792] <... mount resumed>) = 0 [pid 4792] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4792] chdir("./bus") = 0 [ 213.808326][ T4790] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/223/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4792] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4801] <... ioctl resumed>) = 0 [pid 4801] close(3) = 0 [pid 4801] close(4 [pid 4792] <... openat resumed>) = 4 [pid 4792] ioctl(4, LOOP_CLR_FD) = 0 [pid 4792] close(4) = 0 [pid 4792] memfd_create("syzkaller", 0) = 4 [pid 4802] <... close resumed>) = 0 [pid 4792] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4802] mkdir("./bus", 0777) = 0 [pid 4802] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4801] <... close resumed>) = 0 [pid 4801] mkdir("./bus", 0777 [pid 4792] <... mmap resumed>) = 0x7f7c475b3000 [pid 4801] <... mkdir resumed>) = 0 [pid 4801] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 4801] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4801] chdir("./bus") = 0 [pid 4801] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4801] ioctl(4, LOOP_CLR_FD) = 0 [pid 4801] close(4) = 0 [pid 4801] memfd_create("syzkaller", 0) = 4 [pid 4801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 213.888535][ T4792] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/223/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4802] <... mount resumed>) = 0 [ 213.933298][ T4801] ext4 filesystem being mounted at /root/syzkaller.53SCZU/223/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4802] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4802] chdir("./bus") = 0 [pid 4802] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4802] ioctl(4, LOOP_CLR_FD) = 0 [pid 4802] close(4) = 0 [pid 4802] memfd_create("syzkaller", 0) = 4 [pid 4802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 213.977863][ T4802] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/219/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4790] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4789] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4792] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4801] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4789] <... write resumed>) = 20699119 [pid 4789] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4789] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4789] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4789] ioctl(5, LOOP_CLR_FD) = 0 [pid 4789] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4789] close(5) = 0 [pid 4789] close(4 [pid 4790] <... write resumed>) = 20699119 [pid 4802] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4790] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4790] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4790] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4790] ioctl(5, LOOP_CLR_FD) = 0 [pid 4790] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4790] close(5) = 0 [pid 4790] close(4 [pid 4792] <... write resumed>) = 20699119 [pid 4792] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4792] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4792] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4792] ioctl(5, LOOP_CLR_FD) = 0 [pid 4792] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4792] close(5) = 0 [pid 4792] close(4 [pid 4801] <... write resumed>) = 20699119 [pid 4801] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4789] <... close resumed>) = 0 [pid 4789] exit_group(0 [pid 4801] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4789] <... exit_group resumed>) = ? [pid 4801] <... openat resumed>) = 5 [pid 4801] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4801] ioctl(5, LOOP_CLR_FD [pid 4789] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4789, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4801] <... ioctl resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./221", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./221/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./221/binderfs") = 0 [pid 344] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4801] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4801] close(5) = 0 [pid 4801] close(4 [pid 4790] <... close resumed>) = 0 [pid 4790] exit_group(0) = ? [pid 4790] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4790, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./223", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./223/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./223/binderfs") = 0 [pid 343] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4792] <... close resumed>) = 0 [pid 4792] exit_group(0) = ? [pid 4792] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4792, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./223", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./223/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./223/binderfs") = 0 [pid 348] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4802] <... write resumed>) = 20699119 [pid 4802] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4802] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./221/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./221/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./221/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./221") = 0 [pid 344] mkdir("./222", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4801] <... close resumed>) = 0 [pid 4801] exit_group(0) = ? [pid 4801] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4801, si_uid=0, si_status=0, si_utime=1, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./223", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./223/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./223/binderfs") = 0 [pid 349] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4802] <... openat resumed>) = 5 [pid 4802] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4802] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4809 ./strace-static-x86_64: Process 4809 attached [pid 343] <... umount2 resumed>) = 0 [pid 4809] set_robust_list(0x555584fcf660, 24 [pid 343] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4802] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4809] <... set_robust_list resumed>) = 0 [pid 4802] close(5 [pid 4809] chdir("./222" [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4809] <... chdir resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./223/bus", [pid 4809] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4809] <... prctl resumed>) = 0 [pid 343] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4809] setpgid(0, 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4809] <... setpgid resumed>) = 0 [pid 343] openat(AT_FDCWD, "./223/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4809] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", [pid 4809] <... openat resumed>) = 3 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 4809] write(3, "1000", 4) = 4 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4809] close(3 [pid 343] getdents64(4, [pid 4809] <... close resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4809] symlink("/dev/binderfs", "./binderfs" [pid 343] close(4) = 0 [pid 343] rmdir("./223/bus") = 0 [pid 343] getdents64(3, [pid 4809] <... symlink resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4809] write(1, "executing program\n", 18executing program [pid 343] close(3 [pid 4809] <... write resumed>) = 18 [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./223") = 0 [pid 4809] memfd_create("syzkaller", 0 [pid 343] mkdir("./224", 0777 [pid 4809] <... memfd_create resumed>) = 3 [pid 4809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] <... mkdir resumed>) = 0 [pid 4809] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4809] <... write resumed>) = 262144 [pid 4809] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4809] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... umount2 resumed>) = 0 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4810 ./strace-static-x86_64: Process 4810 attached [pid 4810] set_robust_list(0x555584fcf660, 24) = 0 [pid 4810] chdir("./224") = 0 [pid 4810] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4810] setpgid(0, 0) = 0 [pid 4810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4810] write(3, "1000", 4) = 4 [pid 4810] close(3) = 0 [pid 4810] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4810] write(1, "executing program\n", 18) = 18 [pid 4810] memfd_create("syzkaller", 0) = 3 [pid 4810] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4810] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4810] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4810] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4810] ioctl(4, LOOP_SET_FD, 3 [pid 348] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./223/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./223/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./223/bus") = 0 [pid 348] getdents64(3, [pid 4810] <... ioctl resumed>) = 0 [pid 4809] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] close(3 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./223/bus", [pid 348] <... close resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] rmdir("./223" [pid 349] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4802] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4802] close(4 [pid 349] openat(AT_FDCWD, "./223/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... rmdir resumed>) = 0 [pid 4809] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", [pid 348] mkdir("./224", 0777 [pid 4810] close(3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4810] <... close resumed>) = 0 [pid 349] getdents64(4, [pid 348] <... mkdir resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./223/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./223" [pid 4810] close(4 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./224", 0777 [pid 348] <... openat resumed>) = 3 [pid 4810] <... close resumed>) = 0 [pid 4810] mkdir("./bus", 0777 [pid 349] <... mkdir resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 4810] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4809] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 348] close(3 [pid 4809] close(3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 348] <... close resumed>) = 0 [pid 4810] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 4809] <... close resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4809] close(4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4813 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4814 [pid 4809] <... close resumed>) = 0 [pid 4809] mkdir("./bus", 0777) = 0 ./strace-static-x86_64: Process 4813 attached ./strace-static-x86_64: Process 4814 attached [pid 4813] set_robust_list(0x555584fcf660, 24 [pid 4814] set_robust_list(0x555584fcf660, 24 [pid 4809] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4814] <... set_robust_list resumed>) = 0 [pid 4813] <... set_robust_list resumed>) = 0 [pid 4814] chdir("./224" [pid 4813] chdir("./224") = 0 [pid 4814] <... chdir resumed>) = 0 [pid 4813] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4814] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4813] <... prctl resumed>) = 0 [pid 4813] setpgid(0, 0 [pid 4814] <... prctl resumed>) = 0 [pid 4814] setpgid(0, 0 [pid 4813] <... setpgid resumed>) = 0 [pid 4813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4814] <... setpgid resumed>) = 0 [pid 4814] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4813] <... openat resumed>) = 3 [pid 4814] <... openat resumed>) = 3 [pid 4813] write(3, "1000", 4 [pid 4814] write(3, "1000", 4 [pid 4813] <... write resumed>) = 4 [pid 4814] <... write resumed>) = 4 [pid 4813] close(3 [pid 4814] close(3 [pid 4813] <... close resumed>) = 0 [pid 4814] <... close resumed>) = 0 [pid 4813] symlink("/dev/binderfs", "./binderfs" [pid 4814] symlink("/dev/binderfs", "./binderfs" [pid 4813] <... symlink resumed>) = 0 executing program [pid 4814] <... symlink resumed>) = 0 [pid 4813] write(1, "executing program\n", 18executing program [pid 4814] write(1, "executing program\n", 18 [pid 4813] <... write resumed>) = 18 [pid 4814] <... write resumed>) = 18 [pid 4813] memfd_create("syzkaller", 0 [pid 4814] memfd_create("syzkaller", 0 [pid 4813] <... memfd_create resumed>) = 3 [pid 4814] <... memfd_create resumed>) = 3 [pid 4813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4813] <... mmap resumed>) = 0x7f7c475b3000 [pid 4814] <... mmap resumed>) = 0x7f7c475b3000 [pid 4813] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4814] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4813] <... write resumed>) = 262144 [pid 4814] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4813] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4814] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4814] ioctl(4, LOOP_SET_FD, 3 [pid 4813] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4814] <... ioctl resumed>) = 0 [pid 4810] <... mount resumed>) = 0 [pid 4813] <... openat resumed>) = 4 [pid 4813] ioctl(4, LOOP_SET_FD, 3 [pid 4814] close(3) = 0 [pid 4814] close(4 [pid 4810] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4810] chdir("./bus") = 0 [pid 4810] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4813] <... ioctl resumed>) = 0 [pid 4813] close(3) = 0 [pid 4813] close(4 [pid 4809] <... mount resumed>) = 0 [pid 4809] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4809] chdir("./bus") = 0 [pid 4809] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4802] <... close resumed>) = 0 [pid 4813] <... close resumed>) = 0 [pid 4814] <... close resumed>) = 0 [pid 4813] mkdir("./bus", 0777 [pid 4802] exit_group(0 [pid 4814] mkdir("./bus", 0777 [pid 4802] <... exit_group resumed>) = ? [pid 4814] <... mkdir resumed>) = 0 [pid 4813] <... mkdir resumed>) = 0 [pid 4814] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4813] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4802] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4802, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./219", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./219/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./219/binderfs") = 0 [pid 342] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4810] <... openat resumed>) = 4 [pid 4810] ioctl(4, LOOP_CLR_FD) = 0 [pid 4810] close(4) = 0 [pid 4810] memfd_create("syzkaller", 0) = 4 [pid 4810] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4809] <... openat resumed>) = 4 [pid 4809] ioctl(4, LOOP_CLR_FD [pid 4813] <... mount resumed>) = 0 [pid 4813] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4814] <... mount resumed>) = 0 [pid 4813] <... openat resumed>) = 3 [pid 4813] chdir("./bus" [pid 4814] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4813] <... chdir resumed>) = 0 [pid 4813] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4814] <... openat resumed>) = 3 [pid 4814] chdir("./bus") = 0 [pid 4814] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4809] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 4809] close(4) = 0 [pid 4809] memfd_create("syzkaller", 0) = 4 [pid 4809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4813] <... openat resumed>) = 4 [pid 342] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./219/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./219/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./219/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./219/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./219") = 0 [pid 342] mkdir("./220", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4825 [pid 4813] ioctl(4, LOOP_CLR_FD) = 0 [pid 4813] close(4) = 0 [pid 4813] memfd_create("syzkaller", 0) = 4 [ 214.617678][ T4810] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/224/bus supports timestamps until (%ptR?) (0x7fffffff) [ 214.633433][ T4809] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/222/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4825 attached [pid 4825] set_robust_list(0x555584fcf660, 24) = 0 [pid 4825] chdir("./220") = 0 [pid 4825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4825] setpgid(0, 0executing program ) = 0 [pid 4825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4825] write(3, "1000", 4) = 4 [pid 4825] close(3) = 0 [pid 4825] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4825] write(1, "executing program\n", 18) = 18 [pid 4825] memfd_create("syzkaller", 0) = 3 [pid 4825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4825] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4825] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4825] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4825] close(3) = 0 [pid 4825] close(4) = 0 [pid 4825] mkdir("./bus", 0777) = 0 [pid 4814] <... openat resumed>) = 4 [pid 4825] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 214.698332][ T4813] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/224/bus supports timestamps until (%ptR?) (0x7fffffff) [ 214.712310][ T4814] ext4 filesystem being mounted at /root/syzkaller.53SCZU/224/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4814] ioctl(4, LOOP_CLR_FD [pid 4810] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4814] <... ioctl resumed>) = 0 [pid 4814] close(4) = 0 [pid 4814] memfd_create("syzkaller", 0) = 4 [pid 4814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4809] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4825] <... mount resumed>) = 0 [pid 4825] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4825] chdir("./bus") = 0 [pid 4825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4825] ioctl(4, LOOP_CLR_FD) = 0 [pid 4825] close(4) = 0 [pid 4825] memfd_create("syzkaller", 0) = 4 [pid 4825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4813] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4810] <... write resumed>) = 20699119 [pid 4810] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4810] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4810] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4810] ioctl(5, LOOP_CLR_FD) = 0 [ 214.878047][ T4825] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/220/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4810] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4810] close(5) = 0 [pid 4810] close(4 [pid 4809] <... write resumed>) = 20699119 [pid 4809] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4809] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4809] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4809] ioctl(5, LOOP_CLR_FD) = 0 [pid 4809] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4809] close(5) = 0 [pid 4809] close(4 [pid 4814] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4813] <... write resumed>) = 20699119 [pid 4810] <... close resumed>) = 0 [pid 4810] exit_group(0) = ? [pid 4810] +++ exited with 0 +++ [pid 4813] munmap(0x7f7c475b3000, 138412032 [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4810, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4813] <... munmap resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 4813] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] umount2("./224", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4813] <... openat resumed>) = 5 [pid 343] <... openat resumed>) = 3 [pid 4813] ioctl(5, LOOP_SET_FD, 4 [pid 343] newfstatat(3, "", [pid 4813] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4813] ioctl(5, LOOP_CLR_FD [pid 343] getdents64(3, [pid 4813] <... ioctl resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./224/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./224/binderfs") = 0 [pid 343] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4813] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4813] close(5 [pid 4825] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./224/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./224/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./224/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./224") = 0 [pid 343] mkdir("./225", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4829 [pid 4813] <... close resumed>) = 0 [pid 4813] close(4 [pid 4809] <... close resumed>) = 0 [pid 4809] exit_group(0) = ? [pid 4809] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4809, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- ./strace-static-x86_64: Process 4829 attached [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4829] set_robust_list(0x555584fcf660, 24) = 0 [pid 4829] chdir("./225") = 0 [pid 4829] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4829] setpgid(0, 0) = 0 [pid 4829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4829] write(3, "1000", 4) = 4 [pid 4829] close(3) = 0 [pid 4829] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4829] write(1, "executing program\n", 18executing program ) = 18 [pid 4829] memfd_create("syzkaller", 0) = 3 [pid 4829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./222", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./222/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./222/binderfs") = 0 [pid 344] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4829] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4829] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4829] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 344] <... umount2 resumed>) = 0 [pid 4829] ioctl(4, LOOP_SET_FD, 3 [pid 344] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./222/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./222/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./222/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./222") = 0 [pid 344] mkdir("./223", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4825] <... write resumed>) = 20699119 [pid 4825] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4825] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4829] <... ioctl resumed>) = 0 [pid 4829] close(3) = 0 [pid 4829] close(4 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3 [pid 4814] <... write resumed>) = 20699119 [pid 4814] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4814] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4813] <... close resumed>) = 0 [pid 4813] exit_group(0) = ? [pid 4813] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4813, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./224", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./224/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./224/binderfs") = 0 [pid 348] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4829] <... close resumed>) = 0 [pid 4825] <... openat resumed>) = 5 [pid 344] <... close resumed>) = 0 [pid 4829] mkdir("./bus", 0777 [pid 4825] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4825] ioctl(5, LOOP_CLR_FD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4831 ./strace-static-x86_64: Process 4831 attached [pid 4829] <... mkdir resumed>) = 0 [pid 4829] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4831] set_robust_list(0x555584fcf660, 24) = 0 [pid 4831] chdir("./223") = 0 [pid 4831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4831] setpgid(0, 0) = 0 [pid 4831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4831] write(3, "1000", 4) = 4 [pid 4831] close(3) = 0 [pid 4831] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4831] write(1, "executing program\n", 18) = 18 [pid 4831] memfd_create("syzkaller", 0) = 3 [pid 4831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4831] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4831] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4814] <... openat resumed>) = 5 [pid 4814] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4814] ioctl(5, LOOP_CLR_FD [pid 4831] <... openat resumed>) = 4 [pid 4825] <... ioctl resumed>) = 0 [pid 4814] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4831] ioctl(4, LOOP_SET_FD, 3 [pid 348] newfstatat(AT_FDCWD, "./224/bus", [pid 4831] <... ioctl resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4825] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4825] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] openat(AT_FDCWD, "./224/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4831] close(3 [pid 4825] close(5 [pid 348] <... openat resumed>) = 4 [pid 4831] <... close resumed>) = 0 [pid 4825] <... close resumed>) = 0 [pid 4814] ioctl(5, LOOP_SET_FD, 4 [pid 348] newfstatat(4, "", [pid 4831] close(4 [pid 4825] close(4 [pid 4814] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4814] close(5 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./224/bus") = 0 [pid 4831] <... close resumed>) = 0 [pid 348] getdents64(3, [pid 4831] mkdir("./bus", 0777 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 4831] <... mkdir resumed>) = 0 [pid 348] rmdir("./224" [pid 4831] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4829] <... mount resumed>) = 0 [pid 4825] <... close resumed>) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 4825] exit_group(0 [pid 348] mkdir("./225", 0777 [pid 4829] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4825] <... exit_group resumed>) = ? [pid 348] <... mkdir resumed>) = 0 [pid 4829] <... openat resumed>) = 3 [pid 4825] +++ exited with 0 +++ [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4825, si_uid=0, si_status=0, si_utime=4, si_stime=14} --- [pid 4829] chdir("./bus") = 0 [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4829] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./220", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./220/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./220/binderfs") = 0 [pid 342] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4814] <... close resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 4814] close(4 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4835 [pid 4829] <... openat resumed>) = 4 [pid 4829] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 4835 attached [pid 4835] set_robust_list(0x555584fcf660, 24) = 0 [ 215.364878][ T4829] EXT4-fs mount: 120 callbacks suppressed [ 215.364893][ T4829] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 215.386599][ T4829] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/225/bus supports timestamps until (%ptR?) (0x7fffffff) executing program [pid 4835] chdir("./225") = 0 [pid 4835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4835] setpgid(0, 0) = 0 [pid 4835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4835] write(3, "1000", 4) = 4 [pid 4835] close(3) = 0 [pid 4835] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4835] write(1, "executing program\n", 18) = 18 [pid 4835] memfd_create("syzkaller", 0) = 3 [pid 4835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4814] <... close resumed>) = 0 [pid 4835] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4814] exit_group(0 [pid 4835] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4814] <... exit_group resumed>) = ? [pid 4831] <... mount resumed>) = 0 [pid 4814] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4814, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 4831] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] umount2("./224", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4831] <... openat resumed>) = 3 [pid 349] openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4831] chdir("./bus" [pid 349] newfstatat(3, "", [pid 4831] <... chdir resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4831] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./224/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./224/binderfs") = 0 [pid 349] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4829] <... ioctl resumed>) = 0 [pid 4829] close(4) = 0 [pid 4829] memfd_create("syzkaller", 0) = 4 [pid 4829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4835] <... openat resumed>) = 4 [pid 4835] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4835] <... ioctl resumed>) = 0 [pid 342] newfstatat(AT_FDCWD, "./220/bus", [pid 4831] <... openat resumed>) = 4 [pid 4835] close(3) = 0 [pid 4835] close(4 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4831] ioctl(4, LOOP_CLR_FD [pid 342] umount2("./220/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./220/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./220/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./220") = 0 [pid 342] mkdir("./221", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 215.461881][ T4831] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 215.476286][ T4831] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/223/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4829] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 4829] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4829] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4835] <... close resumed>) = 0 [pid 4831] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 4835] mkdir("./bus", 0777 [pid 4831] close(4 [pid 4829] <... openat resumed>) = 5 [pid 349] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... openat resumed>) = 3 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4835] <... mkdir resumed>) = 0 [pid 4829] ioctl(5, LOOP_SET_FD, 4 [pid 349] newfstatat(AT_FDCWD, "./224/bus", [pid 342] ioctl(3, LOOP_CLR_FD [pid 4835] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4829] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4829] ioctl(5, LOOP_CLR_FD [pid 349] openat(AT_FDCWD, "./224/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./224/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./224") = 0 [pid 349] mkdir("./225", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4831] <... close resumed>) = 0 [pid 4829] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4831] memfd_create("syzkaller", 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4831] <... memfd_create resumed>) = 4 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] close(3 [pid 4831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] close(3 [pid 4831] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... close resumed>) = 0 [pid 4829] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4841 ./strace-static-x86_64: Process 4841 attached [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4829] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4841] set_robust_list(0x555584fcf660, 24) = 0 [pid 4841] chdir("./225") = 0 [pid 4841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4841] setpgid(0, 0) = 0 [pid 4841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4841] write(3, "1000", 4) = 4 [pid 4841] close(3) = 0 [pid 4829] close(5 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4842 [pid 4841] symlink("/dev/binderfs", "./binderfs" [pid 4829] <... close resumed>) = 0 [pid 4841] <... symlink resumed>) = 0 executing program [pid 4829] close(4 [pid 4841] write(1, "executing program\n", 18) = 18 executing program [pid 4841] memfd_create("syzkaller", 0) = 3 [pid 4841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4841] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 4842 attached [pid 4842] set_robust_list(0x555584fcf660, 24) = 0 [pid 4842] chdir("./221") = 0 [pid 4842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4842] setpgid(0, 0) = 0 [pid 4842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4841] <... write resumed>) = 262144 [pid 4842] write(3, "1000", 4) = 4 [pid 4842] close(3) = 0 [pid 4842] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4842] write(1, "executing program\n", 18) = 18 [pid 4842] memfd_create("syzkaller", 0) = 3 [pid 4842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4842] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4841] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4841] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4841] ioctl(4, LOOP_SET_FD, 3 [pid 4842] <... write resumed>) = 262144 [pid 4842] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4842] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4841] <... ioctl resumed>) = 0 [pid 4841] close(3) = 0 [pid 4841] close(4) = 0 [pid 4835] <... mount resumed>) = 0 [pid 4842] <... openat resumed>) = 4 [pid 4841] mkdir("./bus", 0777 [pid 4842] ioctl(4, LOOP_SET_FD, 3 [pid 4841] <... mkdir resumed>) = 0 [pid 4841] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4835] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4835] chdir("./bus") = 0 [pid 4835] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4842] <... ioctl resumed>) = 0 [pid 4842] close(3) = 0 [pid 4842] close(4 [pid 4829] <... close resumed>) = 0 [pid 4829] exit_group(0 [pid 4831] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4842] <... close resumed>) = 0 [pid 4842] mkdir("./bus", 0777) = 0 [pid 4842] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4835] <... openat resumed>) = 4 [pid 4835] ioctl(4, LOOP_CLR_FD) = 0 [pid 4835] close(4) = 0 [pid 4835] memfd_create("syzkaller", 0) = 4 [pid 4835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 215.689250][ T4835] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 215.727400][ T4835] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/225/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4829] <... exit_group resumed>) = ? [pid 4829] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4829, si_uid=0, si_status=0, si_utime=3, si_stime=10} --- [pid 343] umount2("./225", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4841] <... mount resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4841] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4841] <... openat resumed>) = 3 [pid 343] newfstatat(3, "", [pid 4841] chdir("./bus" [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4841] <... chdir resumed>) = 0 [pid 343] getdents64(3, [pid 4841] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./225/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4841] <... openat resumed>) = 4 [pid 343] newfstatat(AT_FDCWD, "./225/binderfs", [pid 4841] ioctl(4, LOOP_CLR_FD [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4841] <... ioctl resumed>) = 0 [pid 343] unlink("./225/binderfs" [pid 4841] close(4 [pid 343] <... unlink resumed>) = 0 [pid 4841] <... close resumed>) = 0 [pid 343] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4841] memfd_create("syzkaller", 0) = 4 [pid 4841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 215.776966][ T4841] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 215.808556][ T4842] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4842] <... mount resumed>) = 0 [pid 4842] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4842] chdir("./bus") = 0 [pid 4842] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4831] <... write resumed>) = 20699119 [pid 4831] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4831] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4842] <... openat resumed>) = 4 [pid 4831] <... openat resumed>) = 5 [pid 4842] ioctl(4, LOOP_CLR_FD [pid 4831] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... umount2 resumed>) = 0 [pid 4842] <... ioctl resumed>) = 0 [pid 4831] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4842] close(4 [pid 4831] ioctl(5, LOOP_CLR_FD [pid 4842] <... close resumed>) = 0 [pid 4831] <... ioctl resumed>) = 0 [pid 4842] memfd_create("syzkaller", 0 [pid 343] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4842] <... memfd_create resumed>) = 4 [pid 4842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4831] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4831] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4831] close(5) = 0 [ 215.830758][ T4841] ext4 filesystem being mounted at /root/syzkaller.53SCZU/225/bus supports timestamps until (%ptR?) (0x7fffffff) [ 215.843837][ T4842] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/221/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4831] close(4 [pid 343] newfstatat(AT_FDCWD, "./225/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./225/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./225/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./225") = 0 [pid 343] mkdir("./226", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4849 ./strace-static-x86_64: Process 4849 attached [pid 4849] set_robust_list(0x555584fcf660, 24) = 0 [pid 4849] chdir("./226") = 0 [pid 4849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4849] setpgid(0, 0) = 0 [pid 4849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4849] write(3, "1000", 4) = 4 [pid 4849] close(3) = 0 [pid 4849] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4849] write(1, "executing program\n", 18executing program ) = 18 [pid 4849] memfd_create("syzkaller", 0) = 3 [pid 4849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4849] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4849] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4849] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4849] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4849] close(3) = 0 [pid 4849] close(4) = 0 [pid 4849] mkdir("./bus", 0777) = 0 [pid 4849] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4835] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4849] <... mount resumed>) = 0 [pid 4849] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4849] chdir("./bus") = 0 [pid 4849] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4849] ioctl(4, LOOP_CLR_FD) = 0 [pid 4849] close(4) = 0 [pid 4831] <... close resumed>) = 0 [pid 4831] exit_group(0) = ? [pid 4849] memfd_create("syzkaller", 0 [pid 4831] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4831, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4849] <... memfd_create resumed>) = 4 [pid 4849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./223", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./223/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./223/binderfs") = 0 [pid 344] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4842] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 215.998825][ T4849] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 216.023247][ T4849] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/226/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4841] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./223/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./223/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./223/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./223") = 0 [pid 344] mkdir("./224", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4853 ./strace-static-x86_64: Process 4853 attached [pid 4853] set_robust_list(0x555584fcf660, 24) = 0 [pid 4853] chdir("./224") = 0 [pid 4853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4853] setpgid(0, 0) = 0 [pid 4853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4853] write(3, "1000", 4) = 4 [pid 4853] close(3) = 0 [pid 4853] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4853] write(1, "executing program\n", 18executing program ) = 18 [pid 4853] memfd_create("syzkaller", 0) = 3 [pid 4853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4853] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4853] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4853] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4853] ioctl(4, LOOP_SET_FD, 3 [pid 4835] <... write resumed>) = 20699119 [pid 4835] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4835] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4853] <... ioctl resumed>) = 0 [pid 4853] close(3) = 0 [pid 4853] close(4 [pid 4835] <... openat resumed>) = 5 [pid 4853] <... close resumed>) = 0 [pid 4853] mkdir("./bus", 0777) = 0 [pid 4853] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4835] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4835] ioctl(5, LOOP_CLR_FD) = 0 [pid 4835] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4835] close(5) = 0 [pid 4835] close(4 [pid 4849] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4841] <... write resumed>) = 20699119 [pid 4841] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4841] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4842] <... write resumed>) = 20699119 [pid 4842] munmap(0x7f7c475b3000, 138412032 [pid 4841] <... openat resumed>) = 5 [pid 4841] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4841] ioctl(5, LOOP_CLR_FD) = 0 [pid 4841] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4841] close(5 [pid 4853] <... mount resumed>) = 0 [pid 4841] <... close resumed>) = 0 [pid 4841] close(4 [pid 4853] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4853] chdir("./bus") = 0 [pid 4842] <... munmap resumed>) = 0 [pid 4853] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4842] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4853] ioctl(4, LOOP_CLR_FD) = 0 [pid 4842] ioctl(5, LOOP_SET_FD, 4 [pid 4853] close(4 [pid 4842] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4853] <... close resumed>) = 0 [pid 4842] ioctl(5, LOOP_CLR_FD) = 0 [pid 4853] memfd_create("syzkaller", 0) = 4 [pid 4853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 216.217986][ T4853] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4842] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4842] close(5) = 0 [pid 4842] close(4 [pid 4835] <... close resumed>) = 0 [pid 4835] exit_group(0) = ? [pid 4835] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4835, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./225", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./225/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./225/binderfs") = 0 [pid 348] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4842] <... close resumed>) = 0 [pid 4842] exit_group(0) = ? [pid 4842] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4842, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./221", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./221/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 216.263409][ T4853] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/224/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] unlink("./221/binderfs") = 0 [pid 342] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./225/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./225/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./225/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./225") = 0 [pid 348] mkdir("./226", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4841] <... close resumed>) = 0 [pid 4841] exit_group(0) = ? [pid 4841] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4841, si_uid=0, si_status=0, si_utime=12, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./225", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./225/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./225/binderfs") = 0 [pid 349] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4853] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4849] <... write resumed>) = 20699119 [pid 4849] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4849] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4853] <... write resumed>) = 20699119 [pid 4853] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4853] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./221/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./221/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./221/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./221/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./221") = 0 [pid 342] mkdir("./222", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4849] <... openat resumed>) = 5 [pid 4853] <... openat resumed>) = 5 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... openat resumed>) = 3 [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4857 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] newfstatat(AT_FDCWD, "./225/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] close(3 [pid 349] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] <... close resumed>) = 0 [pid 349] openat(AT_FDCWD, "./225/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4849] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4849] ioctl(5, LOOP_CLR_FD [pid 349] getdents64(4, [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4858 [pid 4849] <... ioctl resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./225/bus"./strace-static-x86_64: Process 4858 attached [pid 4858] set_robust_list(0x555584fcf660, 24) = 0 [pid 4858] chdir("./222" [pid 349] <... rmdir resumed>) = 0 [pid 4858] <... chdir resumed>) = 0 [pid 4858] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4858] setpgid(0, 0) = 0 [pid 4858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4849] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4849] close(5) = 0 [pid 4849] close(4 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./225") = 0 [pid 349] mkdir("./226", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4858] <... openat resumed>) = 3 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4859 [pid 4858] write(3, "1000", 4) = 4 [pid 4858] close(3) = 0 [pid 4858] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4858] write(1, "executing program\n", 18) = 18 [pid 4858] memfd_create("syzkaller", 0) = 3 [pid 4858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4853] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4858] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 4859 attached [pid 4859] set_robust_list(0x555584fcf660, 24) = 0 [pid 4859] chdir("./226") = 0 [pid 4859] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4859] setpgid(0, 0) = 0 [pid 4859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4859] write(3, "1000", 4) = 4 [pid 4859] close(3) = 0 [pid 4859] symlink("/dev/binderfs", "./binderfs"executing program [pid 4853] ioctl(5, LOOP_CLR_FD [pid 4859] <... symlink resumed>) = 0 [pid 4859] write(1, "executing program\n", 18) = 18 [pid 4859] memfd_create("syzkaller", 0) = 3 [pid 4858] <... write resumed>) = 262144 [pid 4859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4859] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4858] munmap(0x7f7c475b3000, 138412032 [pid 4853] <... ioctl resumed>) = 0 [pid 4858] <... munmap resumed>) = 0 [pid 4858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4858] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 4857 attached [pid 4857] set_robust_list(0x555584fcf660, 24) = 0 [pid 4857] chdir("./226" [pid 4853] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4853] close(5 [pid 4857] <... chdir resumed>) = 0 [pid 4857] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4857] setpgid(0, 0) = 0 [pid 4857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4857] write(3, "1000", 4) = 4 [pid 4857] close(3) = 0 [pid 4857] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4857] write(1, "executing program\n", 18executing program ) = 18 [pid 4857] memfd_create("syzkaller", 0 [pid 4859] <... write resumed>) = 262144 [pid 4857] <... memfd_create resumed>) = 3 [pid 4853] <... close resumed>) = 0 [pid 4853] close(4 [pid 4859] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4859] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4859] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4859] close(3) = 0 [pid 4859] close(4 [pid 4857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4858] <... ioctl resumed>) = 0 [pid 4857] <... mmap resumed>) = 0x7f7c475b3000 [pid 4858] close(3) = 0 [pid 4857] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4858] close(4 [pid 4857] <... write resumed>) = 262144 [pid 4857] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4857] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4859] <... close resumed>) = 0 [pid 4859] mkdir("./bus", 0777) = 0 [pid 4859] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4858] <... close resumed>) = 0 [pid 4857] <... openat resumed>) = 4 [pid 4858] mkdir("./bus", 0777 [pid 4857] ioctl(4, LOOP_SET_FD, 3 [pid 4858] <... mkdir resumed>) = 0 [pid 4858] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4853] <... close resumed>) = 0 [pid 4853] exit_group(0) = ? [pid 4849] <... close resumed>) = 0 [pid 4849] exit_group(0) = ? [pid 4853] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4853, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4849] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4849, si_uid=0, si_status=0, si_utime=8, si_stime=18} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 344] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 344] umount2("./224", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", [pid 343] newfstatat(3, "", [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, [pid 343] getdents64(3, [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./224/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./224/binderfs", [pid 343] newfstatat(AT_FDCWD, "./226/binderfs", [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./224/binderfs" [pid 343] unlink("./226/binderfs" [pid 344] <... unlink resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 344] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4859] <... mount resumed>) = 0 [pid 4859] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4859] chdir("./bus") = 0 [pid 4859] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4857] <... ioctl resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./224/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./224/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./224/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 4857] close(3 [pid 344] <... close resumed>) = 0 [pid 4857] <... close resumed>) = 0 [pid 344] rmdir("./224" [pid 4857] close(4 [pid 344] <... rmdir resumed>) = 0 [pid 344] mkdir("./225", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4857] <... close resumed>) = 0 [pid 4857] mkdir("./bus", 0777) = 0 [pid 4857] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4858] <... mount resumed>) = 0 [pid 4858] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4858] chdir("./bus") = 0 [ 216.628066][ T4859] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 216.649186][ T4859] ext4 filesystem being mounted at /root/syzkaller.53SCZU/226/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4858] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4859] <... openat resumed>) = 4 [pid 4859] ioctl(4, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./226/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./226/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./226/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./226") = 0 [pid 343] mkdir("./227", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4858] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 4859] <... ioctl resumed>) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 343] <... openat resumed>) = 3 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] ioctl(3, LOOP_CLR_FD [pid 344] close(3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... close resumed>) = 0 [pid 343] close(3 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4859] close(4 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4867 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4869 ./strace-static-x86_64: Process 4867 attached [pid 4867] set_robust_list(0x555584fcf660, 24) = 0 [pid 4867] chdir("./225") = 0 [pid 4867] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4859] <... close resumed>) = 0 [pid 4859] memfd_create("syzkaller", 0) = 4 [pid 4859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4867] <... prctl resumed>) = 0 [pid 4867] setpgid(0, 0) = 0 [pid 4867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4867] write(3, "1000", 4) = 4 [pid 4867] close(3) = 0 [pid 4867] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4867] write(1, "executing program\n", 18executing program ) = 18 [pid 4867] memfd_create("syzkaller", 0) = 3 [pid 4867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4867] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4867] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4867] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4867] ioctl(4, LOOP_SET_FD, 3 [pid 4858] ioctl(4, LOOP_CLR_FD [pid 4867] <... ioctl resumed>) = 0 [pid 4858] <... ioctl resumed>) = 0 [pid 4858] close(4) = 0 [pid 4858] memfd_create("syzkaller", 0) = 4 [pid 4867] close(3) = 0 [pid 4858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4867] close(4 [pid 4858] <... mmap resumed>) = 0x7f7c475b3000 [pid 4867] <... close resumed>) = 0 [pid 4867] mkdir("./bus", 0777) = 0 [pid 4867] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"./strace-static-x86_64: Process 4869 attached [ 216.708312][ T4858] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 216.722527][ T4858] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/222/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4869] set_robust_list(0x555584fcf660, 24) = 0 [pid 4869] chdir("./227") = 0 [pid 4869] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4869] setpgid(0, 0) = 0 [pid 4869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4869] write(3, "1000", 4) = 4 [pid 4869] close(3) = 0 [pid 4869] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4869] write(1, "executing program\n", 18) = 18 [pid 4869] memfd_create("syzkaller", 0) = 3 [pid 4869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4869] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4869] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4869] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4869] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4869] close(3) = 0 [pid 4869] close(4 [pid 4857] <... mount resumed>) = 0 [pid 4857] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4857] chdir("./bus") = 0 [pid 4857] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4867] <... mount resumed>) = 0 [pid 4869] <... close resumed>) = 0 [pid 4857] <... openat resumed>) = 4 [pid 4869] mkdir("./bus", 0777 [pid 4857] ioctl(4, LOOP_CLR_FD [pid 4867] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4869] <... mkdir resumed>) = 0 [pid 4869] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4867] chdir("./bus") = 0 [ 216.838555][ T4857] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 216.859882][ T4867] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 216.874542][ T4857] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/226/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4867] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4859] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4858] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4867] <... openat resumed>) = 4 [pid 4857] <... ioctl resumed>) = 0 [pid 4867] ioctl(4, LOOP_CLR_FD) = 0 [pid 4867] close(4) = 0 [pid 4867] memfd_create("syzkaller", 0) = 4 [pid 4867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4857] close(4) = 0 [pid 4857] memfd_create("syzkaller", 0) = 4 [pid 4857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 216.885236][ T4867] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/225/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4859] <... write resumed>) = 20699119 [pid 4869] <... mount resumed>) = 0 [pid 4859] munmap(0x7f7c475b3000, 138412032 [pid 4869] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4869] chdir("./bus") = 0 [pid 4869] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4869] ioctl(4, LOOP_CLR_FD) = 0 [pid 4869] close(4 [pid 4859] <... munmap resumed>) = 0 [pid 4859] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4859] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4859] ioctl(5, LOOP_CLR_FD) = 0 [pid 4859] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4859] close(5) = 0 [pid 4859] close(4 [pid 4869] <... close resumed>) = 0 [pid 4869] memfd_create("syzkaller", 0) = 4 [pid 4869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 217.008835][ T4869] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 217.036879][ T4869] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/227/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4858] <... write resumed>) = 20699119 [pid 4867] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4858] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4858] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4858] ioctl(5, LOOP_CLR_FD) = 0 [pid 4858] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4858] close(5) = 0 [pid 4858] close(4 [pid 4859] <... close resumed>) = 0 [pid 4859] exit_group(0) = ? [pid 4859] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4859, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./226/binderfs") = 0 [pid 349] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 349] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./226/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./226/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./226/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./226") = 0 [pid 349] mkdir("./227", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4877 ./strace-static-x86_64: Process 4877 attached [pid 4877] set_robust_list(0x555584fcf660, 24) = 0 [pid 4877] chdir("./227") = 0 [pid 4877] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4877] setpgid(0, 0) = 0 [pid 4877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4877] write(3, "1000", 4) = 4 [pid 4877] close(3) = 0 [pid 4877] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4877] write(1, "executing program\n", 18executing program ) = 18 [pid 4877] memfd_create("syzkaller", 0) = 3 [pid 4877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4857] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4877] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4877] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4877] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4877] close(3) = 0 [pid 4877] close(4) = 0 [pid 4877] mkdir("./bus", 0777) = 0 [pid 4877] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4867] <... write resumed>) = 20699119 [pid 4858] <... close resumed>) = 0 [pid 4858] exit_group(0) = ? [pid 4858] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4858, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4867] munmap(0x7f7c475b3000, 138412032 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./222", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./222/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./222/binderfs") = 0 [pid 342] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4867] <... munmap resumed>) = 0 [pid 4867] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4869] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4877] <... mount resumed>) = 0 [pid 4867] <... openat resumed>) = 5 [pid 4857] <... write resumed>) = 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 4867] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4867] ioctl(5, LOOP_CLR_FD [pid 4877] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4867] <... ioctl resumed>) = 0 [pid 342] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4877] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./222/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./222/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4877] chdir("./bus" [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./222/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 4877] <... chdir resumed>) = 0 [pid 4877] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4867] ioctl(5, LOOP_SET_FD, 4 [pid 342] getdents64(4, [pid 4867] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4867] close(5 [pid 342] close(4 [pid 4877] <... openat resumed>) = 4 [pid 4867] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 4867] close(4 [pid 342] rmdir("./222/bus" [pid 4877] ioctl(4, LOOP_CLR_FD [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3 [pid 4877] <... ioctl resumed>) = 0 [pid 4877] close(4 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./222" [pid 4877] <... close resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 342] mkdir("./223", 0777 [pid 4877] memfd_create("syzkaller", 0 [pid 342] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4877] <... memfd_create resumed>) = 4 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4881 [pid 4877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4857] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4857] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4857] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4857] ioctl(5, LOOP_CLR_FD) = 0 [pid 4857] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4857] close(5) = 0 [pid 4857] close(4./strace-static-x86_64: Process 4881 attached [pid 4881] set_robust_list(0x555584fcf660, 24) = 0 [pid 4881] chdir("./223") = 0 [pid 4881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4881] setpgid(0, 0) = 0 [pid 4881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 217.286773][ T4877] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 217.320990][ T4877] ext4 filesystem being mounted at /root/syzkaller.53SCZU/227/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4881] write(3, "1000", 4) = 4 [pid 4881] close(3) = 0 [pid 4881] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4881] write(1, "executing program\n", 18executing program ) = 18 [pid 4881] memfd_create("syzkaller", 0) = 3 [pid 4881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4881] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4881] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4881] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4881] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4881] close(3) = 0 [pid 4881] close(4) = 0 [pid 4881] mkdir("./bus", 0777) = 0 [pid 4881] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4867] <... close resumed>) = 0 [pid 4867] exit_group(0) = ? [pid 4867] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4867, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./225", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./225/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./225/binderfs") = 0 [pid 344] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4857] <... close resumed>) = 0 [pid 4857] exit_group(0) = ? [pid 4857] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4857, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 348] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4869] <... write resumed>) = 20699119 [pid 348] newfstatat(AT_FDCWD, "./226/binderfs", [pid 4869] munmap(0x7f7c475b3000, 138412032 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4869] <... munmap resumed>) = 0 [pid 348] unlink("./226/binderfs") = 0 [pid 4881] <... mount resumed>) = 0 [pid 4869] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4881] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4881] chdir("./bus") = 0 [pid 4881] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4869] <... openat resumed>) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 4869] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4869] ioctl(5, LOOP_CLR_FD [pid 344] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./225/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./225/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./225/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./225") = 0 [pid 344] mkdir("./226", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4877] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 4877] munmap(0x7f7c475b3000, 138412032) = 0 [ 217.451958][ T4881] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 217.486670][ T4881] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/223/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4877] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4881] <... openat resumed>) = 4 [pid 4869] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3 [pid 4881] ioctl(4, LOOP_CLR_FD [pid 4877] <... openat resumed>) = 5 [pid 348] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... close resumed>) = 0 [pid 4881] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4881] close(4 [pid 348] newfstatat(AT_FDCWD, "./226/bus", [pid 4881] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4881] memfd_create("syzkaller", 0 [pid 4869] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4881] <... memfd_create resumed>) = 4 [pid 4869] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4869] close(5 [pid 348] openat(AT_FDCWD, "./226/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4881] <... mmap resumed>) = 0x7f7c475b3000 [pid 4869] <... close resumed>) = 0 [pid 348] <... openat resumed>) = 4 [pid 4869] close(4 [pid 348] newfstatat(4, "", [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4877] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 4877] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4877] ioctl(5, LOOP_CLR_FD [pid 348] getdents64(4, [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4885 [pid 4877] <... ioctl resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./226/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 4877] ioctl(5, LOOP_SET_FD, 4 [pid 348] rmdir("./226" [pid 4877] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... rmdir resumed>) = 0 [pid 4877] close(5 [pid 348] mkdir("./227", 0777 [pid 4877] <... close resumed>) = 0 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4886 ./strace-static-x86_64: Process 4885 attached [pid 4885] set_robust_list(0x555584fcf660, 24) = 0 [pid 4885] chdir("./226") = 0 [pid 4885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4885] setpgid(0, 0) = 0 [pid 4885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4885] write(3, "1000", 4) = 4 [pid 4885] close(3) = 0 [pid 4885] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4885] write(1, "executing program\n", 18executing program ) = 18 [pid 4885] memfd_create("syzkaller", 0) = 3 [pid 4877] close(4 [pid 4885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4885] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4885] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4885] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 4885] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4885] close(3) = 0 [pid 4885] close(4./strace-static-x86_64: Process 4886 attached [pid 4886] set_robust_list(0x555584fcf660, 24) = 0 [pid 4886] chdir("./227") = 0 [pid 4886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4886] setpgid(0, 0) = 0 [pid 4886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4886] write(3, "1000", 4) = 4 [pid 4886] close(3) = 0 [pid 4886] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4886] write(1, "executing program\n", 18) = 18 [pid 4886] memfd_create("syzkaller", 0) = 3 [pid 4886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4886] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4886] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4886] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4869] <... close resumed>) = 0 [pid 4869] exit_group(0) = ? [pid 4869] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4869, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4885] <... close resumed>) = 0 [pid 4885] mkdir("./bus", 0777) = 0 [pid 4885] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4886] <... openat resumed>) = 4 [pid 4886] ioctl(4, LOOP_SET_FD, 3 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./227/binderfs") = 0 [pid 343] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4886] <... ioctl resumed>) = 0 [pid 4886] close(3) = 0 [pid 4886] close(4 [pid 4877] <... close resumed>) = 0 [pid 4877] exit_group(0) = ? [pid 4886] <... close resumed>) = 0 [pid 4886] mkdir("./bus", 0777) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 4886] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./227/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4877] +++ exited with 0 +++ [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4877, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 343] openat(AT_FDCWD, "./227/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./227/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./227") = 0 [pid 343] mkdir("./228", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4892 [pid 349] <... openat resumed>) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./227/binderfs") = 0 [pid 349] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 4892 attached [pid 4892] set_robust_list(0x555584fcf660, 24) = 0 [pid 4892] chdir("./228") = 0 [pid 4892] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4892] setpgid(0, 0) = 0 [pid 4892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4892] write(3, "1000", 4) = 4 [pid 4892] close(3) = 0 [pid 4892] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4892] write(1, "executing program\n", 18) = 18 [pid 4892] memfd_create("syzkaller", 0) = 3 [pid 4892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4892] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4892] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4892] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4881] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4892] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 [pid 4892] ioctl(4, LOOP_SET_FD, 3 [pid 349] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4885] <... mount resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4885] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] newfstatat(AT_FDCWD, "./227/bus", [pid 4892] <... ioctl resumed>) = 0 [pid 4892] close(3) = 0 [ 217.701450][ T4885] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4892] close(4 [pid 4885] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4885] chdir("./bus" [pid 349] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4885] <... chdir resumed>) = 0 [pid 4885] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4886] <... mount resumed>) = 0 [pid 349] openat(AT_FDCWD, "./227/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4886] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] <... openat resumed>) = 4 [pid 4886] <... openat resumed>) = 3 [pid 349] newfstatat(4, "", [pid 4886] chdir("./bus" [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4886] <... chdir resumed>) = 0 [pid 349] getdents64(4, [pid 4886] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./227/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./227") = 0 [pid 349] mkdir("./228", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4892] <... close resumed>) = 0 [pid 4892] mkdir("./bus", 0777) = 0 [pid 4892] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4881] <... write resumed>) = 20699119 [pid 4881] munmap(0x7f7c475b3000, 138412032) = 0 [ 217.749006][ T4885] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/226/bus supports timestamps until (%ptR?) (0x7fffffff) [ 217.762892][ T4886] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 217.783032][ T4886] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/227/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4881] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4885] <... openat resumed>) = 4 [pid 349] <... openat resumed>) = 3 [pid 4885] ioctl(4, LOOP_CLR_FD) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4885] close(4) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4885] memfd_create("syzkaller", 0 [pid 349] close(3 [pid 4885] <... memfd_create resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 4885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4896 [pid 4886] <... openat resumed>) = 4 [pid 4886] ioctl(4, LOOP_CLR_FD) = 0 [pid 4886] close(4) = 0 [pid 4886] memfd_create("syzkaller", 0 [pid 4881] <... openat resumed>) = 5 [pid 4886] <... memfd_create resumed>) = 4 [pid 4881] ioctl(5, LOOP_SET_FD, 4 [pid 4886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4881] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4881] ioctl(5, LOOP_CLR_FD) = 0 [pid 4881] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4881] close(5) = 0 [pid 4881] close(4./strace-static-x86_64: Process 4896 attached [pid 4896] set_robust_list(0x555584fcf660, 24) = 0 [pid 4896] chdir("./228") = 0 [pid 4896] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4896] setpgid(0, 0) = 0 [pid 4896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4896] write(3, "1000", 4) = 4 [pid 4896] close(3) = 0 [pid 4896] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4896] write(1, "executing program\n", 18executing program ) = 18 [pid 4896] memfd_create("syzkaller", 0) = 3 [pid 4896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4896] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4896] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4896] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4896] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4896] close(3) = 0 [pid 4896] close(4 [pid 4892] <... mount resumed>) = 0 [pid 4892] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4892] chdir("./bus") = 0 [pid 4892] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4896] <... close resumed>) = 0 [pid 4896] mkdir("./bus", 0777) = 0 [pid 4896] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4892] <... openat resumed>) = 4 [pid 4892] ioctl(4, LOOP_CLR_FD) = 0 [pid 4892] close(4) = 0 [pid 4892] memfd_create("syzkaller", 0) = 4 [pid 4892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4881] <... close resumed>) = 0 [pid 4881] exit_group(0) = ? [pid 4881] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4881, si_uid=0, si_status=0, si_utime=10, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./223", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./223/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./223/binderfs") = 0 [ 217.889572][ T4892] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 217.911673][ T4892] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/228/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4896] <... mount resumed>) = 0 [pid 4896] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4896] chdir("./bus") = 0 [pid 4896] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4886] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4896] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 4896] ioctl(4, LOOP_CLR_FD) = 0 [pid 4896] close(4) = 0 [pid 4896] memfd_create("syzkaller", 0) = 4 [pid 4896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./223/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./223/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./223/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./223/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./223") = 0 [pid 342] mkdir("./224", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4901 ./strace-static-x86_64: Process 4901 attached [pid 4885] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4901] set_robust_list(0x555584fcf660, 24) = 0 [pid 4901] chdir("./224") = 0 [pid 4901] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4901] setpgid(0, 0) = 0 [pid 4901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4901] write(3, "1000", 4) = 4 [pid 4901] close(3) = 0 [pid 4901] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4901] write(1, "executing program\n", 18) = 18 [pid 4901] memfd_create("syzkaller", 0) = 3 [pid 4901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4901] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4901] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4901] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4901] close(3) = 0 [pid 4901] close(4) = 0 [pid 4901] mkdir("./bus", 0777) = 0 [ 217.987338][ T4896] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.011948][ T4896] ext4 filesystem being mounted at /root/syzkaller.53SCZU/228/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4901] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4892] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4886] <... write resumed>) = 20699119 [pid 4886] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4886] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4886] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4886] ioctl(5, LOOP_CLR_FD) = 0 [pid 4886] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4886] close(5) = 0 [pid 4886] close(4 [pid 4885] <... write resumed>) = 20699119 [pid 4885] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4885] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4885] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4885] ioctl(5, LOOP_CLR_FD) = 0 [pid 4901] <... mount resumed>) = 0 [pid 4901] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4901] chdir("./bus") = 0 [pid 4901] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4885] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4901] <... openat resumed>) = 4 [pid 4885] close(5 [pid 4901] ioctl(4, LOOP_CLR_FD [pid 4885] <... close resumed>) = 0 [pid 4901] <... ioctl resumed>) = 0 [pid 4885] close(4 [pid 4901] close(4) = 0 [pid 4901] memfd_create("syzkaller", 0) = 4 [pid 4901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 218.175747][ T4901] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.210244][ T4901] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/224/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4896] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4892] <... write resumed>) = 20699119 [pid 4886] <... close resumed>) = 0 [pid 4886] exit_group(0) = ? [pid 4892] munmap(0x7f7c475b3000, 138412032 [pid 4886] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4886, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4892] <... munmap resumed>) = 0 [pid 4892] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4892] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4892] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./227/binderfs") = 0 [pid 4892] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4892] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4892] close(5) = 0 [pid 4892] close(4 [pid 4885] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./227/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4885] exit_group(0 [pid 348] openat(AT_FDCWD, "./227/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 4885] <... exit_group resumed>) = ? [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./227/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./227" [pid 4885] +++ exited with 0 +++ [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./228", 0777) = 0 [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4885, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... restart_syscall resumed>) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4905 [pid 344] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./226/binderfs") = 0 [pid 344] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4896] <... write resumed>) = 20699119 [pid 4896] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4896] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 4905 attached [pid 4905] set_robust_list(0x555584fcf660, 24) = 0 [pid 4905] chdir("./228") = 0 [pid 4905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4905] setpgid(0, 0) = 0 [pid 4905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4905] write(3, "1000", 4) = 4 [pid 4905] close(3) = 0 [pid 4905] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4905] write(1, "executing program\n", 18executing program ) = 18 [pid 4905] memfd_create("syzkaller", 0) = 3 [pid 4905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4905] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4905] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4905] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4892] <... close resumed>) = 0 [pid 4905] <... openat resumed>) = 4 [pid 4896] <... openat resumed>) = 5 [pid 4892] exit_group(0 [pid 344] <... umount2 resumed>) = 0 [pid 4892] <... exit_group resumed>) = ? [pid 344] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4905] ioctl(4, LOOP_SET_FD, 3 [pid 4896] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4896] ioctl(5, LOOP_CLR_FD [pid 344] newfstatat(AT_FDCWD, "./226/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4892] +++ exited with 0 +++ [pid 344] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4892, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 344] openat(AT_FDCWD, "./226/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 344] <... openat resumed>) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./226/bus" [pid 4905] <... ioctl resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 344] getdents64(3, [pid 4896] <... ioctl resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4905] close(3 [pid 344] close(3 [pid 343] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... close resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] rmdir("./226" [pid 343] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4905] <... close resumed>) = 0 [pid 4905] close(4 [pid 344] <... rmdir resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 344] mkdir("./227", 0777 [pid 343] newfstatat(3, "", [pid 4905] <... close resumed>) = 0 [pid 4905] mkdir("./bus", 0777 [pid 344] <... mkdir resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] getdents64(3, [pid 4905] <... mkdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 4905] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4896] ioctl(5, LOOP_SET_FD, 4 [pid 343] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4896] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4896] close(5 [pid 344] <... openat resumed>) = 3 [pid 343] newfstatat(AT_FDCWD, "./228/binderfs", [pid 344] ioctl(3, LOOP_CLR_FD [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] unlink("./228/binderfs" [pid 344] close(3 [pid 4896] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4896] close(4./strace-static-x86_64: Process 4907 attached [pid 4901] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4907 [pid 4907] set_robust_list(0x555584fcf660, 24) = 0 [pid 4907] chdir("./227") = 0 [pid 4907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4907] setpgid(0, 0) = 0 [pid 4907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4907] write(3, "1000", 4) = 4 [pid 4907] close(3) = 0 [pid 4907] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 4907] write(1, "executing program\n", 18) = 18 [pid 4907] memfd_create("syzkaller", 0) = 3 [pid 4907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4907] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4907] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4907] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 4907] <... openat resumed>) = 4 [pid 343] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4907] ioctl(4, LOOP_SET_FD, 3 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./228/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./228/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./228/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./228") = 0 [pid 343] mkdir("./229", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4907] <... ioctl resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 4907] close(3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4907] <... close resumed>) = 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4907] close(4 [pid 343] close(3 [pid 4896] <... close resumed>) = 0 [pid 4896] exit_group(0) = ? [pid 4896] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4896, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./228/binderfs") = 0 [pid 349] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4905] <... mount resumed>) = 0 [pid 4901] <... write resumed>) = 20699119 [pid 4905] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4905] chdir("./bus") = 0 [pid 4905] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4901] munmap(0x7f7c475b3000, 138412032 [pid 4907] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 4907] mkdir("./bus", 0777 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4907] <... mkdir resumed>) = 0 [pid 4907] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4911 ./strace-static-x86_64: Process 4911 attached [pid 4901] <... munmap resumed>) = 0 [pid 4911] set_robust_list(0x555584fcf660, 24) = 0 [pid 4901] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4911] chdir("./229") = 0 [pid 4911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4911] setpgid(0, 0) = 0 [pid 4911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4911] write(3, "1000", 4) = 4 [pid 4911] close(3) = 0 [pid 4911] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4911] write(1, "executing program\n", 18executing program ) = 18 [pid 4911] memfd_create("syzkaller", 0) = 3 [pid 4911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4911] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4911] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4911] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4905] <... openat resumed>) = 4 [ 218.503724][ T4905] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.517907][ T4905] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/228/bus supports timestamps until (%ptR?) (0x7fffffff) [ 218.530802][ T23] audit: type=1400 audit(1748029971.260:90): avc: denied { unlink } for pid=146 comm="syslogd" name="messages.0" dev="tmpfs" ino=460 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [pid 4905] ioctl(4, LOOP_CLR_FD [pid 4907] <... mount resumed>) = 0 [pid 4907] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4907] chdir("./bus") = 0 [pid 4907] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4905] <... ioctl resumed>) = 0 [pid 4901] <... openat resumed>) = 5 [pid 4905] close(4) = 0 [pid 4901] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... umount2 resumed>) = 0 [pid 4905] memfd_create("syzkaller", 0 [pid 4901] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4905] <... memfd_create resumed>) = 4 [pid 4905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4907] <... openat resumed>) = 4 [pid 4901] ioctl(5, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4901] <... ioctl resumed>) = 0 [pid 349] newfstatat(AT_FDCWD, "./228/bus", [pid 4907] ioctl(4, LOOP_CLR_FD [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4907] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4907] close(4 [pid 349] openat(AT_FDCWD, "./228/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4907] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 4901] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] newfstatat(4, "", [pid 4901] close(5 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4901] <... close resumed>) = 0 [pid 349] getdents64(4, [pid 4901] close(4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./228/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./228") = 0 [pid 349] mkdir("./229", 0777 [pid 4911] <... openat resumed>) = 4 [pid 4911] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4907] memfd_create("syzkaller", 0) = 4 [pid 4907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4911] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4911] close(3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4911] <... close resumed>) = 0 [pid 4911] close(4) = 0 [pid 349] close(3 [pid 4911] mkdir("./bus", 0777 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4911] <... mkdir resumed>) = 0 [pid 4911] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4915 ./strace-static-x86_64: Process 4915 attached [pid 4915] set_robust_list(0x555584fcf660, 24) = 0 [pid 4915] chdir("./229") = 0 [pid 4915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4915] setpgid(0, 0) = 0 [pid 4915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4915] write(3, "1000", 4) = 4 [pid 4915] close(3) = 0 [pid 4915] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4915] write(1, "executing program\n", 18executing program ) = 18 [pid 4915] memfd_create("syzkaller", 0) = 3 [pid 4915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4915] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4915] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4915] ioctl(4, LOOP_SET_FD, 3 [pid 4901] <... close resumed>) = 0 [pid 4915] <... ioctl resumed>) = 0 [pid 4901] exit_group(0 [pid 4915] close(3) = 0 [pid 4915] close(4) = 0 [ 218.598615][ T4907] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.612720][ T4907] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/227/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4915] mkdir("./bus", 0777) = 0 [pid 4915] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4901] <... exit_group resumed>) = ? [pid 4901] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4901, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./224", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4911] <... mount resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4911] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4911] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./224/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./224/binderfs") = 0 [pid 342] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4911] chdir("./bus") = 0 [pid 4911] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4911] ioctl(4, LOOP_CLR_FD) = 0 [pid 4911] close(4 [pid 4915] <... mount resumed>) = 0 [pid 4915] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4915] chdir("./bus") = 0 [ 218.694321][ T4911] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.727176][ T4911] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/229/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4915] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4905] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 4915] <... openat resumed>) = 4 [pid 4911] <... close resumed>) = 0 [pid 4915] ioctl(4, LOOP_CLR_FD [pid 4911] memfd_create("syzkaller", 0 [pid 4915] <... ioctl resumed>) = 0 [pid 4911] <... memfd_create resumed>) = 4 [pid 4915] close(4 [pid 4911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4915] <... close resumed>) = 0 [pid 4911] <... mmap resumed>) = 0x7f7c475b3000 [pid 4915] memfd_create("syzkaller", 0) = 4 [pid 342] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4915] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] newfstatat(AT_FDCWD, "./224/bus", [pid 4907] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./224/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./224/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./224/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./224") = 0 [pid 342] mkdir("./225", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4922 ./strace-static-x86_64: Process 4922 attached [pid 4922] set_robust_list(0x555584fcf660, 24) = 0 [pid 4922] chdir("./225") = 0 [pid 4922] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4922] setpgid(0, 0) = 0 [pid 4922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 4922] write(3, "1000", 4) = 4 [pid 4922] close(3) = 0 [pid 4922] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4922] write(1, "executing program\n", 18) = 18 [pid 4922] memfd_create("syzkaller", 0) = 3 [pid 4922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4922] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4922] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4922] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4922] close(3) = 0 [pid 4922] close(4) = 0 [pid 4922] mkdir("./bus", 0777) = 0 [ 218.741530][ T4915] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.769889][ T4915] ext4 filesystem being mounted at /root/syzkaller.53SCZU/229/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4922] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 4922] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4922] chdir("./bus") = 0 [pid 4922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4922] ioctl(4, LOOP_CLR_FD) = 0 [pid 4922] close(4) = 0 [pid 4922] memfd_create("syzkaller", 0) = 4 [pid 4922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4905] <... write resumed>) = 20699119 [pid 4905] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4905] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4905] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4905] ioctl(5, LOOP_CLR_FD) = 0 [pid 4905] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [ 218.877882][ T4922] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 218.902775][ T4922] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/225/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4905] close(5) = 0 [pid 4905] close(4 [pid 4907] <... write resumed>) = 20699119 [pid 4907] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4907] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4907] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4907] ioctl(5, LOOP_CLR_FD) = 0 [pid 4915] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4907] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4907] close(5) = 0 [pid 4907] close(4 [pid 4911] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4905] <... close resumed>) = 0 [pid 4905] exit_group(0) = ? [pid 4905] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4905, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./228/binderfs") = 0 [pid 348] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4907] <... close resumed>) = 0 [pid 4907] exit_group(0) = ? [pid 4907] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4907, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./227/binderfs") = 0 [pid 344] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4915] <... write resumed>) = 20699119 [pid 4915] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4915] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4922] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./228/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./228/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./228/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./228") = 0 [pid 348] mkdir("./229", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4911] <... write resumed>) = 20699119 [pid 4911] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4911] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4922] <... write resumed>) = 20699119 [pid 4922] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4922] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4915] <... openat resumed>) = 5 [pid 4915] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... openat resumed>) = 3 [pid 4915] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] ioctl(3, LOOP_CLR_FD [pid 4915] ioctl(5, LOOP_CLR_FD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4915] <... ioctl resumed>) = 0 [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4926 [pid 4911] <... openat resumed>) = 5 [pid 4911] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4911] ioctl(5, LOOP_CLR_FD) = 0 [pid 4915] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4915] close(5./strace-static-x86_64: Process 4926 attached [pid 4922] <... openat resumed>) = 5 [pid 4915] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 4915] close(4 [pid 4926] set_robust_list(0x555584fcf660, 24 [pid 4922] ioctl(5, LOOP_SET_FD, 4 [pid 344] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4922] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4922] ioctl(5, LOOP_CLR_FD [pid 344] newfstatat(AT_FDCWD, "./227/bus", [pid 4922] <... ioctl resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./227/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./227/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4922] ioctl(5, LOOP_SET_FD, 4 [pid 344] close(3 [pid 4922] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... close resumed>) = 0 [pid 4922] close(5 [pid 344] rmdir("./227" [pid 4922] <... close resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 4922] close(4 [pid 344] mkdir("./228", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4927 ./strace-static-x86_64: Process 4927 attached [pid 4926] <... set_robust_list resumed>) = 0 [pid 4911] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4926] chdir("./229" [pid 4911] close(5) = 0 [pid 4911] close(4 [pid 4927] set_robust_list(0x555584fcf660, 24 [pid 4926] <... chdir resumed>) = 0 [pid 4927] <... set_robust_list resumed>) = 0 [pid 4926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4926] setpgid(0, 0) = 0 [pid 4926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4927] chdir("./228" [pid 4926] <... openat resumed>) = 3 [pid 4926] write(3, "1000", 4) = 4 [pid 4926] close(3) = 0 [pid 4926] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4927] <... chdir resumed>) = 0 [pid 4927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 executing program [pid 4926] write(1, "executing program\n", 18) = 18 [pid 4926] memfd_create("syzkaller", 0 [pid 4927] setpgid(0, 0 [pid 4926] <... memfd_create resumed>) = 3 [pid 4927] <... setpgid resumed>) = 0 [pid 4926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4926] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4927] <... openat resumed>) = 3 [pid 4927] write(3, "1000", 4) = 4 [pid 4927] close(3) = 0 [pid 4927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4927] write(1, "executing program\n", 18executing program ) = 18 [pid 4927] memfd_create("syzkaller", 0) = 3 [pid 4926] <... write resumed>) = 262144 [pid 4926] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4926] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4926] ioctl(4, LOOP_SET_FD, 3 [pid 4927] <... mmap resumed>) = 0x7f7c475b3000 [pid 4927] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4927] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4927] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4926] <... ioctl resumed>) = 0 [pid 4927] <... openat resumed>) = 4 [pid 4927] ioctl(4, LOOP_SET_FD, 3 [pid 4926] close(3) = 0 [pid 4926] close(4 [pid 4927] <... ioctl resumed>) = 0 [pid 4927] close(3) = 0 [pid 4927] close(4 [pid 4915] <... close resumed>) = 0 [pid 4915] exit_group(0) = ? [pid 4915] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4915, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 349] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./229/binderfs") = 0 [pid 349] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4911] <... close resumed>) = 0 [pid 4911] exit_group(0) = ? [pid 4911] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4911, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4926] <... close resumed>) = 0 [pid 4926] mkdir("./bus", 0777) = 0 [pid 4926] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4922] <... close resumed>) = 0 [pid 4922] exit_group(0) = ? [pid 4922] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4922, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./225", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./225/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./225/binderfs") = 0 [pid 342] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./229/binderfs") = 0 [pid 343] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4927] <... close resumed>) = 0 [pid 4927] mkdir("./bus", 0777) = 0 [pid 4927] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 349] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./229/bus", [pid 342] newfstatat(AT_FDCWD, "./225/bus", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./225/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./229/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./225/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... openat resumed>) = 4 [pid 342] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", [pid 342] newfstatat(4, "", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 342] getdents64(4, [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, [pid 342] getdents64(4, [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4 [pid 342] close(4 [pid 343] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 343] rmdir("./229/bus" [pid 342] rmdir("./225/bus" [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... rmdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] newfstatat(AT_FDCWD, "./229/bus", [pid 343] getdents64(3, [pid 342] getdents64(3, [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] close(3 [pid 342] close(3 [pid 349] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 343] rmdir("./229" [pid 342] rmdir("./225" [pid 343] <... rmdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 343] mkdir("./230", 0777 [pid 342] mkdir("./226", 0777 [pid 343] <... mkdir resumed>) = 0 [pid 342] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3 [pid 342] close(3 [pid 343] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4930 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4931 ./strace-static-x86_64: Process 4930 attached [pid 4930] set_robust_list(0x555584fcf660, 24) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4930] chdir("./230") = 0 [pid 4930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4930] setpgid(0, 0) = 0 [pid 4930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4930] write(3, "1000", 4) = 4 [pid 349] openat(AT_FDCWD, "./229/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4930] close(3 [pid 349] newfstatat(4, "", executing program {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4930] <... close resumed>) = 0 [pid 349] getdents64(4, [pid 4930] symlink("/dev/binderfs", "./binderfs" [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 4930] <... symlink resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4930] write(1, "executing program\n", 18) = 18 [pid 4930] memfd_create("syzkaller", 0) = 3 [pid 4930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4930] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 349] close(4 [pid 4930] munmap(0x7f7c475b3000, 138412032 [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./229/bus" [pid 4930] <... munmap resumed>) = 0 [pid 4930] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... rmdir resumed>) = 0 [pid 4930] <... openat resumed>) = 4 [pid 4930] ioctl(4, LOOP_SET_FD, 3 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3./strace-static-x86_64: Process 4931 attached ) = 0 [pid 349] rmdir("./229") = 0 [pid 349] mkdir("./230", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4931] set_robust_list(0x555584fcf660, 24) = 0 [pid 4931] chdir("./226") = 0 [pid 4931] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4931] setpgid(0, 0) = 0 [pid 4931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4931] write(3, "1000", 4) = 4 [pid 4931] close(3) = 0 [pid 4931] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4931] write(1, "executing program\n", 18executing program ) = 18 [pid 4931] memfd_create("syzkaller", 0) = 3 [pid 4931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4931] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4931] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4931] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4930] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4937 [pid 4931] <... openat resumed>) = 4 [pid 4931] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4931] close(3) = 0 executing program [pid 4931] close(4./strace-static-x86_64: Process 4937 attached [pid 4930] close(3 [pid 4926] <... mount resumed>) = 0 [pid 4937] set_robust_list(0x555584fcf660, 24 [pid 4930] <... close resumed>) = 0 [pid 4937] <... set_robust_list resumed>) = 0 [pid 4930] close(4 [pid 4937] chdir("./230") = 0 [pid 4937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4937] setpgid(0, 0) = 0 [pid 4937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4937] write(3, "1000", 4) = 4 [pid 4937] close(3) = 0 [pid 4937] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4937] write(1, "executing program\n", 18) = 18 [pid 4937] memfd_create("syzkaller", 0) = 3 [pid 4937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4937] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4937] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4926] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4926] chdir("./bus") = 0 [pid 4926] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4927] <... mount resumed>) = 0 [pid 4927] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4927] chdir("./bus") = 0 [pid 4927] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4931] <... close resumed>) = 0 [pid 4931] mkdir("./bus", 0777) = 0 [ 219.532248][ T4926] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 219.546670][ T4927] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 219.549087][ T4926] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/229/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4931] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4930] <... close resumed>) = 0 [pid 4937] <... openat resumed>) = 4 [pid 4930] mkdir("./bus", 0777 [pid 4926] <... openat resumed>) = 4 [pid 4937] ioctl(4, LOOP_SET_FD, 3 [pid 4930] <... mkdir resumed>) = 0 [pid 4930] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4926] ioctl(4, LOOP_CLR_FD [pid 4937] <... ioctl resumed>) = 0 [pid 4927] <... openat resumed>) = 4 [pid 4927] ioctl(4, LOOP_CLR_FD [pid 4937] close(3) = 0 [ 219.563459][ T4927] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/228/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4937] close(4 [pid 4927] <... ioctl resumed>) = 0 [pid 4927] close(4) = 0 [pid 4927] memfd_create("syzkaller", 0) = 4 [pid 4927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4926] <... ioctl resumed>) = 0 [pid 4926] close(4 [pid 4930] <... mount resumed>) = 0 [pid 4930] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4930] chdir("./bus") = 0 [pid 4930] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4931] <... mount resumed>) = 0 [pid 4931] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4931] chdir("./bus") = 0 [pid 4931] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4937] <... close resumed>) = 0 [pid 4926] <... close resumed>) = 0 [pid 4930] <... openat resumed>) = 4 [pid 4930] ioctl(4, LOOP_CLR_FD) = 0 [pid 4926] memfd_create("syzkaller", 0 [pid 4937] mkdir("./bus", 0777 [pid 4930] close(4) = 0 [pid 4930] memfd_create("syzkaller", 0) = 4 [pid 4930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4937] <... mkdir resumed>) = 0 [pid 4926] <... memfd_create resumed>) = 4 [pid 4937] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 219.678730][ T4930] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 219.678860][ T4931] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 219.706888][ T4930] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/230/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4931] <... openat resumed>) = 4 [pid 4931] ioctl(4, LOOP_CLR_FD) = 0 [pid 4931] close(4) = 0 [pid 4931] memfd_create("syzkaller", 0) = 4 [pid 4931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 219.707346][ T4931] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/226/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4927] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 219.816871][ T4937] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4930] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4937] <... mount resumed>) = 0 [pid 4937] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4937] chdir("./bus") = 0 [pid 4937] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4937] ioctl(4, LOOP_CLR_FD) = 0 [pid 4937] close(4) = 0 [pid 4937] memfd_create("syzkaller", 0) = 4 [pid 4937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 219.892887][ T4937] ext4 filesystem being mounted at /root/syzkaller.53SCZU/230/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4926] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4930] <... write resumed>) = 20699119 [pid 4930] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4930] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4930] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4930] ioctl(5, LOOP_CLR_FD) = 0 [pid 4930] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4930] close(5) = 0 [pid 4927] <... write resumed>) = 20699119 [pid 4930] close(4 [pid 4927] munmap(0x7f7c475b3000, 138412032 [pid 4931] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4927] <... munmap resumed>) = 0 [pid 4927] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4927] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4927] ioctl(5, LOOP_CLR_FD) = 0 [pid 4927] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4927] close(5) = 0 [pid 4926] <... write resumed>) = 20699119 [pid 4927] close(4 [pid 4926] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4926] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4926] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4926] ioctl(5, LOOP_CLR_FD) = 0 [pid 4926] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4926] close(5) = 0 [pid 4926] close(4 [pid 4937] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4930] <... close resumed>) = 0 [pid 4930] exit_group(0) = ? [pid 4930] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4930, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./230/binderfs") = 0 [pid 343] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4927] <... close resumed>) = 0 [pid 4927] exit_group(0 [pid 4926] <... close resumed>) = 0 [pid 4927] <... exit_group resumed>) = ? [pid 4926] exit_group(0 [pid 4927] +++ exited with 0 +++ [pid 4926] <... exit_group resumed>) = ? [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4927, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 4926] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4926, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 348] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./229/binderfs") = 0 [pid 348] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./228/binderfs") = 0 [pid 344] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4931] <... write resumed>) = 20699119 [pid 4931] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4931] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./230/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./230/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./230/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./230") = 0 [pid 343] mkdir("./231", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4937] <... write resumed>) = 20699119 [pid 4937] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4937] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4931] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./229/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./229/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./229/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./229") = 0 [pid 348] mkdir("./230", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4946 [pid 4937] <... openat resumed>) = 5 [pid 4937] ioctl(5, LOOP_SET_FD, 4 [pid 4931] ioctl(5, LOOP_SET_FD, 4 [pid 4937] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4931] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4931] ioctl(5, LOOP_CLR_FD) = 0 [pid 4937] ioctl(5, LOOP_CLR_FD) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4947 ./strace-static-x86_64: Process 4947 attached [pid 4947] set_robust_list(0x555584fcf660, 24) = 0 [pid 4947] chdir("./231" [pid 4931] ioctl(5, LOOP_SET_FD, 4 [pid 4937] ioctl(5, LOOP_SET_FD, 4 [pid 4931] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4937] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4931] close(5 [pid 4937] close(5 [pid 4931] <... close resumed>) = 0 [pid 4937] <... close resumed>) = 0 [pid 4931] close(4 [pid 4937] close(4 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./228/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./228/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./228/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 4947] <... chdir resumed>) = 0 [pid 4947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4947] setpgid(0, 0 [pid 344] <... close resumed>) = 0 [pid 344] rmdir("./228") = 0 [pid 344] mkdir("./229", 0777 [pid 4947] <... setpgid resumed>) = 0 [pid 4947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 344] <... mkdir resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4947] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 4947] write(3, "1000", 4) = 4 [pid 4947] close(3) = 0 [pid 4947] symlink("/dev/binderfs", "./binderfs" [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 executing program [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4947] <... symlink resumed>) = 0 [pid 4947] write(1, "executing program\n", 18) = 18 [pid 4947] memfd_create("syzkaller", 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4948 [pid 4947] <... memfd_create resumed>) = 3 [pid 4947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4947] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 4946 attached [pid 4946] set_robust_list(0x555584fcf660, 24) = 0 [pid 4946] chdir("./230") = 0 [pid 4946] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 4948 attached ) = 0 [pid 4946] setpgid(0, 0 [pid 4948] set_robust_list(0x555584fcf660, 24 [pid 4946] <... setpgid resumed>) = 0 [pid 4948] <... set_robust_list resumed>) = 0 [pid 4946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4948] chdir("./229" [pid 4946] <... openat resumed>) = 3 [pid 4948] <... chdir resumed>) = 0 [pid 4948] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4946] write(3, "1000", 4) = 4 [pid 4948] <... prctl resumed>) = 0 [pid 4946] close(3) = 0 [pid 4948] setpgid(0, 0 [pid 4946] symlink("/dev/binderfs", "./binderfs" [pid 4948] <... setpgid resumed>) = 0 [pid 4946] <... symlink resumed>) = 0 [pid 4948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4947] <... write resumed>) = 262144 [pid 4946] write(1, "executing program\n", 18 [pid 4948] <... openat resumed>) = 3 executing program [pid 4947] munmap(0x7f7c475b3000, 138412032 [pid 4946] <... write resumed>) = 18 [pid 4947] <... munmap resumed>) = 0 [pid 4947] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4946] memfd_create("syzkaller", 0 [pid 4947] <... openat resumed>) = 4 [pid 4948] write(3, "1000", 4 [pid 4946] <... memfd_create resumed>) = 3 [pid 4947] ioctl(4, LOOP_SET_FD, 3 [pid 4946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4948] <... write resumed>) = 4 [pid 4948] close(3 [pid 4946] <... mmap resumed>) = 0x7f7c475b3000 [pid 4946] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4948] <... close resumed>) = 0 [pid 4948] symlink("/dev/binderfs", "./binderfs" [pid 4946] <... write resumed>) = 262144 [pid 4948] <... symlink resumed>) = 0 [pid 4948] write(1, "executing program\n", 18 executing program [pid 4946] munmap(0x7f7c475b3000, 138412032 [pid 4948] <... write resumed>) = 18 [pid 4948] memfd_create("syzkaller", 0 [pid 4946] <... munmap resumed>) = 0 [pid 4948] <... memfd_create resumed>) = 3 [pid 4948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4946] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4948] <... mmap resumed>) = 0x7f7c475b3000 [pid 4947] <... ioctl resumed>) = 0 [pid 4947] close(3) = 0 [pid 4947] close(4 [pid 4948] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4948] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4948] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4947] <... close resumed>) = 0 [pid 4946] <... openat resumed>) = 4 [pid 4947] mkdir("./bus", 0777) = 0 [pid 4946] ioctl(4, LOOP_SET_FD, 3 [pid 4947] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4937] <... close resumed>) = 0 [pid 4937] exit_group(0) = ? [pid 4937] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4937, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 4931] <... close resumed>) = 0 [pid 4931] exit_group(0) = ? [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./230/binderfs" [pid 4931] +++ exited with 0 +++ [pid 349] <... unlink resumed>) = 0 [pid 349] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4931, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./226/binderfs") = 0 [pid 342] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4948] <... openat resumed>) = 4 [pid 4948] ioctl(4, LOOP_SET_FD, 3 [pid 4946] <... ioctl resumed>) = 0 [pid 4946] close(3) = 0 [pid 4946] close(4) = 0 [pid 4946] mkdir("./bus", 0777) = 0 [pid 4946] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4948] <... ioctl resumed>) = 0 [pid 4948] close(3) = 0 [pid 4948] close(4 [pid 4947] <... mount resumed>) = 0 [pid 4947] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4947] chdir("./bus") = 0 [pid 4947] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4948] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 349] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./230/bus", [pid 342] newfstatat(AT_FDCWD, "./226/bus", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./226/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./230/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./226/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 4 [pid 342] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", [pid 342] newfstatat(4, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4948] mkdir("./bus", 0777 [pid 349] getdents64(4, [pid 342] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 4948] <... mkdir resumed>) = 0 [pid 349] getdents64(4, [pid 342] getdents64(4, [pid 4948] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 342] close(4 [pid 349] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] rmdir("./230/bus" [pid 342] rmdir("./226/bus" [pid 349] <... rmdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 342] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 342] close(3 [pid 349] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] rmdir("./230" [pid 342] rmdir("./226" [pid 349] <... rmdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] mkdir("./231", 0777 [pid 342] mkdir("./227", 0777 [pid 349] <... mkdir resumed>) = 0 [pid 342] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 342] close(3 [pid 349] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4955 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 4956 [pid 4947] <... openat resumed>) = 4 [pid 4947] ioctl(4, LOOP_CLR_FD) = 0 [pid 4947] close(4) = 0 [pid 4947] memfd_create("syzkaller", 0) = 4 [pid 4947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4956 attached [pid 4956] set_robust_list(0x555584fcf660, 24) = 0 [pid 4956] chdir("./227") = 0 [pid 4956] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4956] setpgid(0, 0./strace-static-x86_64: Process 4955 attached ) = 0 [pid 4956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4955] set_robust_list(0x555584fcf660, 24) = 0 [pid 4955] chdir("./231" [pid 4956] <... openat resumed>) = 3 [pid 4955] <... chdir resumed>) = 0 [pid 4956] write(3, "1000", 4 [pid 4955] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4956] <... write resumed>) = 4 [pid 4955] <... prctl resumed>) = 0 [pid 4956] close(3 [pid 4955] setpgid(0, 0 [pid 4956] <... close resumed>) = 0 [pid 4956] symlink("/dev/binderfs", "./binderfs" [pid 4955] <... setpgid resumed>) = 0 [pid 4956] <... symlink resumed>) = 0 [pid 4955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 4955] write(3, "1000", 4) = 4 [pid 4955] close(3) = 0 [pid 4956] write(1, "executing program\n", 18 [pid 4955] symlink("/dev/binderfs", "./binderfs" [pid 4956] <... write resumed>) = 18 [pid 4955] <... symlink resumed>) = 0 [pid 4956] memfd_create("syzkaller", 0) = 3 [pid 4956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 executing program [pid 4956] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4955] write(1, "executing program\n", 18) = 18 [pid 4955] memfd_create("syzkaller", 0) = 3 [pid 4955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4955] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4956] <... write resumed>) = 262144 [pid 4955] <... write resumed>) = 262144 [pid 4956] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4956] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4956] ioctl(4, LOOP_SET_FD, 3 [pid 4955] munmap(0x7f7c475b3000, 138412032) = 0 [ 220.588278][ T4947] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 220.602369][ T4947] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/231/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4955] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4956] <... ioctl resumed>) = 0 [pid 4955] <... openat resumed>) = 4 [pid 4956] close(3 [pid 4955] ioctl(4, LOOP_SET_FD, 3 [pid 4956] <... close resumed>) = 0 [pid 4956] close(4 [pid 4955] <... ioctl resumed>) = 0 [pid 4955] close(3) = 0 [pid 4955] close(4 [pid 4948] <... mount resumed>) = 0 [pid 4948] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4946] <... mount resumed>) = 0 [pid 4948] <... openat resumed>) = 3 [pid 4946] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 4948] chdir("./bus") = 0 [pid 4946] <... openat resumed>) = 3 [pid 4948] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4946] chdir("./bus") = 0 [ 220.670026][ T4946] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 220.692319][ T4948] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 220.693769][ T4946] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/230/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4946] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4947] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4956] <... close resumed>) = 0 [pid 4956] mkdir("./bus", 0777) = 0 [pid 4956] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4947] <... write resumed>) = 20699119 [pid 4947] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4947] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4955] <... close resumed>) = 0 [pid 4948] <... openat resumed>) = 4 [pid 4947] <... openat resumed>) = 5 [pid 4946] <... openat resumed>) = 4 [pid 4955] mkdir("./bus", 0777 [pid 4948] ioctl(4, LOOP_CLR_FD [pid 4947] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4947] ioctl(5, LOOP_CLR_FD [pid 4955] <... mkdir resumed>) = 0 [pid 4946] ioctl(4, LOOP_CLR_FD [ 220.706537][ T4948] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/229/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4955] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4956] <... mount resumed>) = 0 [pid 4956] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4956] chdir("./bus") = 0 [pid 4956] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4948] <... ioctl resumed>) = 0 [pid 4948] close(4) = 0 [pid 4948] memfd_create("syzkaller", 0) = 4 [pid 4948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4947] <... ioctl resumed>) = 0 [pid 4946] <... ioctl resumed>) = 0 [pid 4946] close(4) = 0 [pid 4946] memfd_create("syzkaller", 0) = 4 [pid 4947] ioctl(5, LOOP_SET_FD, 4 [pid 4946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4947] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4946] <... mmap resumed>) = 0x7f7c475b3000 [pid 4947] close(5 [pid 4956] <... openat resumed>) = 4 [pid 4947] <... close resumed>) = 0 [pid 4947] close(4 [pid 4956] ioctl(4, LOOP_CLR_FD) = 0 [pid 4956] close(4) = 0 [pid 4956] memfd_create("syzkaller", 0) = 4 [pid 4956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 220.848696][ T4956] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 220.862889][ T4956] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/227/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4955] <... mount resumed>) = 0 [pid 4955] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4955] chdir("./bus") = 0 [pid 4955] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4955] ioctl(4, LOOP_CLR_FD) = 0 [pid 4955] close(4) = 0 [pid 4955] memfd_create("syzkaller", 0) = 4 [pid 4955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 220.920113][ T4955] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 220.945180][ T4955] ext4 filesystem being mounted at /root/syzkaller.53SCZU/231/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4947] <... close resumed>) = 0 [pid 4947] exit_group(0) = ? [pid 4947] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4947, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./231/binderfs") = 0 [pid 343] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 4948] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./231/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./231/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./231/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./231") = 0 [pid 343] mkdir("./232", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4966 ./strace-static-x86_64: Process 4966 attached [pid 4966] set_robust_list(0x555584fcf660, 24) = 0 [pid 4966] chdir("./232") = 0 [pid 4966] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4966] setpgid(0, 0) = 0 [pid 4966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4966] write(3, "1000", 4) = 4 [pid 4966] close(3) = 0 [pid 4966] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 4966] write(1, "executing program\n", 18) = 18 [pid 4966] memfd_create("syzkaller", 0) = 3 [pid 4966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4956] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4966] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4966] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4966] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4966] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4966] close(3) = 0 [pid 4966] close(4 [pid 4955] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4946] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4966] <... close resumed>) = 0 [pid 4966] mkdir("./bus", 0777) = 0 [pid 4966] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4948] <... write resumed>) = 20699119 [pid 4948] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4948] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4955] <... write resumed>) = 20699119 [pid 4955] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4955] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4956] <... write resumed>) = 20699119 [pid 4956] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4956] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4955] <... openat resumed>) = 5 [pid 4948] <... openat resumed>) = 5 [pid 4955] ioctl(5, LOOP_SET_FD, 4 [pid 4948] ioctl(5, LOOP_SET_FD, 4 [pid 4955] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4955] ioctl(5, LOOP_CLR_FD [pid 4948] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4955] <... ioctl resumed>) = 0 [pid 4948] ioctl(5, LOOP_CLR_FD) = 0 [pid 4955] ioctl(5, LOOP_SET_FD, 4 [pid 4948] ioctl(5, LOOP_SET_FD, 4 [pid 4955] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4948] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4955] close(5 [pid 4948] close(5 [pid 4955] <... close resumed>) = 0 [pid 4948] <... close resumed>) = 0 [pid 4955] close(4 [pid 4948] close(4 [pid 4956] <... openat resumed>) = 5 [pid 4956] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4956] ioctl(5, LOOP_CLR_FD) = 0 [pid 4956] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4956] close(5) = 0 [pid 4956] close(4 [pid 4946] <... write resumed>) = 20699119 [pid 4946] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4946] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4946] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4946] ioctl(5, LOOP_CLR_FD) = 0 [pid 4946] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4946] close(5) = 0 [pid 4946] close(4 [pid 4956] <... close resumed>) = 0 [pid 4956] exit_group(0) = ? [pid 4956] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4956, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4966] <... mount resumed>) = 0 [pid 4966] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4966] chdir("./bus") = 0 [pid 4966] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4966] ioctl(4, LOOP_CLR_FD) = 0 [pid 4966] close(4 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./227/binderfs") = 0 [pid 342] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4966] <... close resumed>) = 0 [pid 4966] memfd_create("syzkaller", 0) = 4 [pid 4966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4948] <... close resumed>) = 0 [pid 4955] <... close resumed>) = 0 [pid 4955] exit_group(0 [pid 4948] exit_group(0 [pid 4955] <... exit_group resumed>) = ? [pid 4948] <... exit_group resumed>) = ? [pid 4955] +++ exited with 0 +++ [pid 4948] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4955, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4948, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] <... restart_syscall resumed>) = 0 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./231/binderfs", [pid 344] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./231/binderfs" [pid 344] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", [pid 349] <... unlink resumed>) = 0 [pid 349] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./229/binderfs") = 0 [ 221.338602][ T4966] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 221.369618][ T4966] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/232/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4946] <... close resumed>) = 0 [pid 4946] exit_group(0 [pid 342] <... umount2 resumed>) = 0 [pid 4946] <... exit_group resumed>) = ? [pid 342] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./227/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./227/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./227/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4946] +++ exited with 0 +++ [pid 342] <... openat resumed>) = 4 [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4946, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 342] newfstatat(4, "", [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./227/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./227") = 0 [pid 342] mkdir("./228", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./230/binderfs") = 0 [pid 348] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4966] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 4966] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4966] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4970 ./strace-static-x86_64: Process 4970 attached [pid 4970] set_robust_list(0x555584fcf660, 24) = 0 [pid 4970] chdir("./228") = 0 [pid 4970] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4970] setpgid(0, 0) = 0 [pid 4970] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4970] write(3, "1000", 4) = 4 [pid 4970] close(3) = 0 [pid 4970] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4970] write(1, "executing program\n", 18executing program ) = 18 [pid 4970] memfd_create("syzkaller", 0) = 3 [pid 4970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4970] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4970] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4970] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4966] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 4966] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4966] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./231/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./231/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", [pid 4966] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4966] close(5 [pid 349] getdents64(4, [pid 4966] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./229/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./229/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./229/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./229") = 0 [pid 344] mkdir("./230", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 4966] close(4 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] close(3 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... close resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./230/bus", [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4971 [pid 348] openat(AT_FDCWD, "./230/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./230/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./230") = 0 [pid 348] mkdir("./231", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] <... openat resumed>) = 3 [pid 349] getdents64(4, [pid 348] ioctl(3, LOOP_CLR_FD [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(4 [pid 348] close(3 [pid 349] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 349] rmdir("./231/bus" [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4972 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 4970] <... openat resumed>) = 4 [pid 349] close(3 [pid 4970] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./231") = 0 [pid 349] mkdir("./232", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 4972 attached [pid 4972] set_robust_list(0x555584fcf660, 24) = 0 [pid 4972] chdir("./231") = 0 [pid 4972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4972] setpgid(0, 0) = 0 [pid 4972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4972] write(3, "1000", 4) = 4 [pid 4972] close(3) = 0 [pid 4972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4972] write(1, "executing program\n", 18executing program ) = 18 [pid 4972] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 4971 attached [pid 4970] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 4970] close(3) = 0 [pid 4970] close(4 [pid 4972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 4971] set_robust_list(0x555584fcf660, 24 [pid 4972] <... mmap resumed>) = 0x7f7c475b3000 [pid 4971] <... set_robust_list resumed>) = 0 [pid 4971] chdir("./230") = 0 [pid 4971] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4971] setpgid(0, 0) = 0 [pid 4972] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4971] write(3, "1000", 4) = 4 [pid 4971] close(3) = 0 [pid 4971] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4971] write(1, "executing program\n", 18) = 18 executing program [pid 4971] memfd_create("syzkaller", 0) = 3 [pid 4971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4972] <... write resumed>) = 262144 [pid 4971] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4972] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4972] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4971] <... write resumed>) = 262144 [pid 4971] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4971] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4966] <... close resumed>) = 0 [pid 4966] exit_group(0) = ? [pid 4966] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4966, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4971] <... openat resumed>) = 4 [pid 4970] <... close resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4971] ioctl(4, LOOP_SET_FD, 3 [pid 4970] mkdir("./bus", 0777 [pid 349] close(3 [pid 4970] <... mkdir resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 4970] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./232/binderfs") = 0 [pid 343] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4971] <... ioctl resumed>) = 0 [pid 4971] close(3 [pid 349] <... close resumed>) = 0 [pid 4971] <... close resumed>) = 0 [pid 4971] close(4 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4975 attached [pid 4975] set_robust_list(0x555584fcf660, 24 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4975 [pid 4975] <... set_robust_list resumed>) = 0 [pid 4975] chdir("./232") = 0 [pid 4975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4975] setpgid(0, 0) = 0 [pid 4975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4975] write(3, "1000", 4) = 4 [pid 4975] close(3executing program ) = 0 [pid 4975] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4975] write(1, "executing program\n", 18) = 18 [pid 4975] memfd_create("syzkaller", 0) = 3 [pid 4975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4975] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4975] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4975] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4972] <... openat resumed>) = 4 [pid 4971] <... close resumed>) = 0 [pid 4972] ioctl(4, LOOP_SET_FD, 3 [pid 4971] mkdir("./bus", 0777) = 0 [pid 4971] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4975] <... openat resumed>) = 4 [pid 4975] ioctl(4, LOOP_SET_FD, 3 [pid 4972] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 4972] close(3) = 0 [pid 4972] close(4 [pid 343] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./232/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./232/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./232/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./232") = 0 [pid 343] mkdir("./233", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4975] <... ioctl resumed>) = 0 [pid 4975] close(3) = 0 [pid 4975] close(4 [pid 4972] <... close resumed>) = 0 [pid 4970] <... mount resumed>) = 0 [pid 4972] mkdir("./bus", 0777) = 0 [pid 4972] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4970] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4970] chdir("./bus") = 0 [pid 4970] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4970] ioctl(4, LOOP_CLR_FD) = 0 [pid 4970] close(4) = 0 [pid 4970] memfd_create("syzkaller", 0) = 4 [pid 4970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4975] <... close resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 4975] mkdir("./bus", 0777 [pid 343] ioctl(3, LOOP_CLR_FD [pid 4975] <... mkdir resumed>) = 0 [pid 4975] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4971] <... mount resumed>) = 0 [pid 4971] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4971] chdir("./bus") = 0 [pid 4971] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4984 [pid 4971] <... openat resumed>) = 4 [pid 4971] ioctl(4, LOOP_CLR_FD) = 0 [pid 4971] close(4) = 0 [pid 4971] memfd_create("syzkaller", 0) = 4 [pid 4971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program ) = 0x7f7c475b3000 ./strace-static-x86_64: Process 4984 attached [pid 4984] set_robust_list(0x555584fcf660, 24) = 0 [pid 4984] chdir("./233") = 0 [pid 4984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4984] setpgid(0, 0) = 0 [pid 4984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4984] write(3, "1000", 4) = 4 [pid 4984] close(3) = 0 [pid 4984] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4984] write(1, "executing program\n", 18) = 18 [pid 4984] memfd_create("syzkaller", 0) = 3 [pid 4984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4984] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4984] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4984] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 221.738534][ T4970] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 221.738580][ T4971] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 221.753419][ T4970] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/228/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4984] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4984] close(3) = 0 [pid 4984] close(4) = 0 [pid 4984] mkdir("./bus", 0777) = 0 [ 221.767237][ T4971] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/230/bus supports timestamps until (%ptR?) (0x7fffffff) [ 221.798376][ T4972] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4984] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4970] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4972] <... mount resumed>) = 0 [pid 4972] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4972] chdir("./bus") = 0 [pid 4972] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 4972] ioctl(4, LOOP_CLR_FD) = 0 [pid 4972] close(4) = 0 [pid 4972] memfd_create("syzkaller", 0) = 4 [ 221.839191][ T4975] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 221.877076][ T4972] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/231/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4984] <... mount resumed>) = 0 [pid 4984] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4984] chdir("./bus") = 0 [pid 4984] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 4984] ioctl(4, LOOP_CLR_FD) = 0 [pid 4984] close(4) = 0 [pid 4984] memfd_create("syzkaller", 0) = 4 [pid 4984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4975] <... mount resumed>) = 0 [ 221.892262][ T4984] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 221.899211][ T4975] ext4 filesystem being mounted at /root/syzkaller.53SCZU/232/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4975] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4975] chdir("./bus") = 0 [pid 4975] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 4975] ioctl(4, LOOP_CLR_FD) = 0 [pid 4975] close(4) = 0 [pid 4975] memfd_create("syzkaller", 0) = 4 [pid 4975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 221.947625][ T4984] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/233/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4970] <... write resumed>) = 20699119 [pid 4970] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4970] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 4970] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4970] ioctl(5, LOOP_CLR_FD) = 0 [pid 4970] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4970] close(5) = 0 [pid 4970] close(4 [pid 4971] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4970] <... close resumed>) = 0 [pid 4972] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4970] exit_group(0) = ? [pid 4970] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4970, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./228/binderfs") = 0 [pid 342] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4975] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4984] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./228/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./228/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./228/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./228/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./228") = 0 [pid 342] mkdir("./229", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 4990 ./strace-static-x86_64: Process 4990 attached [pid 4990] set_robust_list(0x555584fcf660, 24) = 0 [pid 4990] chdir("./229") = 0 [pid 4990] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4990] setpgid(0, 0) = 0 [pid 4990] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4990] write(3, "1000", 4) = 4 [pid 4990] close(3) = 0 [pid 4990] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4990] write(1, "executing program\n", 18executing program ) = 18 [pid 4990] memfd_create("syzkaller", 0) = 3 [pid 4990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4990] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4971] <... write resumed>) = 20699119 [pid 4990] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4990] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4990] ioctl(4, LOOP_SET_FD, 3 [pid 4971] munmap(0x7f7c475b3000, 138412032 [pid 4990] <... ioctl resumed>) = 0 [pid 4990] close(3) = 0 [pid 4990] close(4) = 0 [pid 4990] mkdir("./bus", 0777) = 0 [pid 4990] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4971] <... munmap resumed>) = 0 [pid 4971] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4972] <... write resumed>) = 20699119 [pid 4972] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4972] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4975] <... write resumed>) = 20699119 [pid 4972] <... openat resumed>) = 5 [pid 4971] <... openat resumed>) = 5 [pid 4972] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4972] ioctl(5, LOOP_CLR_FD) = 0 [pid 4971] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4971] ioctl(5, LOOP_CLR_FD) = 0 [pid 4975] munmap(0x7f7c475b3000, 138412032 [pid 4972] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4972] close(5) = 0 [pid 4972] close(4 [pid 4971] ioctl(5, LOOP_SET_FD, 4 [pid 4984] <... write resumed>) = 20699119 [pid 4971] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4971] close(5) = 0 [pid 4971] close(4 [pid 4984] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4984] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4984] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4984] ioctl(5, LOOP_CLR_FD) = 0 [pid 4975] <... munmap resumed>) = 0 [pid 4975] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4984] ioctl(5, LOOP_SET_FD, 4 [pid 4975] <... openat resumed>) = 5 [pid 4984] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4984] close(5 [pid 4975] ioctl(5, LOOP_SET_FD, 4 [pid 4984] <... close resumed>) = 0 [pid 4975] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4984] close(4 [pid 4975] ioctl(5, LOOP_CLR_FD) = 0 [pid 4975] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4975] close(5) = 0 [pid 4975] close(4 [pid 4990] <... mount resumed>) = 0 [pid 4990] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4990] chdir("./bus") = 0 [pid 4990] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4990] ioctl(4, LOOP_CLR_FD) = 0 [pid 4990] close(4) = 0 [pid 4990] memfd_create("syzkaller", 0) = 4 [pid 4990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4972] <... close resumed>) = 0 [ 222.332698][ T4990] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 222.348868][ T4990] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/229/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4971] <... close resumed>) = 0 [pid 4972] exit_group(0) = ? [pid 4972] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4972, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 4971] exit_group(0) = ? [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4971] +++ exited with 0 +++ [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4971, si_uid=0, si_status=0, si_utime=4, si_stime=20} --- [pid 348] <... openat resumed>) = 3 [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./231/binderfs") = 0 [pid 348] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4984] <... close resumed>) = 0 [pid 4984] exit_group(0) = ? [pid 4984] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4984, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 4975] <... close resumed>) = 0 [pid 4975] exit_group(0) = ? [pid 4975] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4975, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 349] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 349] newfstatat(3, "", [pid 344] newfstatat(3, "", [pid 343] newfstatat(3, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, [pid 344] getdents64(3, [pid 343] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./232/binderfs", [pid 344] newfstatat(AT_FDCWD, "./230/binderfs", [pid 343] newfstatat(AT_FDCWD, "./233/binderfs", [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./232/binderfs" [pid 344] unlink("./230/binderfs" [pid 343] unlink("./233/binderfs" [pid 349] <... unlink resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 349] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4990] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./231/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./231/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./231/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./231") = 0 [pid 348] mkdir("./232", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4990] <... write resumed>) = 20699119 [pid 4990] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4990] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 4990] <... openat resumed>) = 5 [pid 343] <... umount2 resumed>) = 0 [pid 4990] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 344] <... umount2 resumed>) = 0 [pid 4990] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4990] ioctl(5, LOOP_SET_FD, 4 [pid 349] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 4994 ./strace-static-x86_64: Process 4994 attached [pid 4994] set_robust_list(0x555584fcf660, 24) = 0 [pid 4994] chdir("./232") = 0 [pid 4994] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4994] setpgid(0, 0) = 0 [pid 4994] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4994] write(3, "1000", 4) = 4 [pid 4994] close(3) = 0 [pid 4994] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4994] write(1, "executing program\n", 18) = 18 [pid 4994] memfd_create("syzkaller", 0) = 3 [pid 4994] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] newfstatat(AT_FDCWD, "./230/bus", [pid 349] newfstatat(AT_FDCWD, "./232/bus", [pid 343] newfstatat(AT_FDCWD, "./233/bus", [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4990] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 4994] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./230/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] openat(AT_FDCWD, "./232/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... openat resumed>) = 4 [pid 349] <... openat resumed>) = 4 [pid 344] newfstatat(4, "", [pid 349] newfstatat(4, "", [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4990] close(5 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] openat(AT_FDCWD, "./233/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] getdents64(4, [pid 344] getdents64(4, [pid 343] <... openat resumed>) = 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 343] newfstatat(4, "", [pid 344] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 4994] <... write resumed>) = 262144 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 4994] munmap(0x7f7c475b3000, 138412032 [pid 344] close(4 [pid 343] getdents64(4, [pid 349] close(4 [pid 4994] <... munmap resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 4994] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 344] rmdir("./230/bus" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... close resumed>) = 0 [pid 4994] ioctl(4, LOOP_SET_FD, 3 [pid 4990] <... close resumed>) = 0 [pid 4990] close(4 [pid 344] <... rmdir resumed>) = 0 [pid 349] rmdir("./232/bus" [pid 343] getdents64(4, [pid 349] <... rmdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] getdents64(3, [pid 344] getdents64(3, [pid 343] close(4 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... close resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 343] rmdir("./233/bus" [pid 349] close(3 [pid 344] <... close resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 344] rmdir("./230" [pid 349] rmdir("./232" [pid 343] getdents64(3, [pid 349] <... rmdir resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] mkdir("./233", 0777 [pid 344] mkdir("./231", 0777 [pid 343] close(3) = 0 [pid 4994] <... ioctl resumed>) = 0 [pid 4994] close(3) = 0 [pid 4994] close(4 [pid 344] <... mkdir resumed>) = 0 [pid 343] rmdir("./233" [pid 349] <... mkdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] mkdir("./234", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4990] <... close resumed>) = 0 [pid 4994] <... close resumed>) = 0 [pid 4994] mkdir("./bus", 0777 [pid 4990] exit_group(0 [pid 4994] <... mkdir resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 4994] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] ioctl(3, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 344] close(3) = 0 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program executing program [pid 4990] <... exit_group resumed>) = ? [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 4998 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 4996 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 4997 ./strace-static-x86_64: Process 4998 attached [pid 4998] set_robust_list(0x555584fcf660, 24) = 0 [pid 4998] chdir("./231") = 0 [pid 4998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4998] setpgid(0, 0) = 0 [pid 4998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 4996 attached [pid 4996] set_robust_list(0x555584fcf660, 24 [pid 4998] write(3, "1000", 4) = 4 [pid 4996] <... set_robust_list resumed>) = 0 [pid 4996] chdir("./233" [pid 4998] close(3) = 0 [pid 4998] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4996] <... chdir resumed>) = 0 [pid 4996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4996] setpgid(0, 0) = 0 [pid 4996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4998] write(1, "executing program\n", 18) = 18 [pid 4998] memfd_create("syzkaller", 0 [pid 4996] write(3, "1000", 4) = 4 [pid 4996] close(3) = 0 [pid 4996] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4998] <... memfd_create resumed>) = 3 [pid 4998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4998] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 4996] write(1, "executing program\n", 18) = 18 [pid 4996] memfd_create("syzkaller", 0) = 3 [pid 4996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4990] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4990, si_uid=0, si_status=0, si_utime=3, si_stime=10} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 4996] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 4997 attached [pid 4997] set_robust_list(0x555584fcf660, 24) = 0 [pid 4997] chdir("./234") = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 4997] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 342] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./229/binderfs", [pid 4997] <... prctl resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./229/binderfs") = 0 [pid 342] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4997] setpgid(0, 0) = 0 [pid 4997] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4997] write(3, "1000", 4) = 4 [pid 4997] close(3) = 0 [pid 4997] symlink("/dev/binderfs", "./binderfs" [pid 4996] <... write resumed>) = 262144 [pid 4998] <... write resumed>) = 262144 [pid 4996] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4996] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4998] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 4997] <... symlink resumed>) = 0 [pid 4997] write(1, "executing program\n", 18) = 18 [pid 4997] memfd_create("syzkaller", 0) = 3 [pid 4997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4997] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 4997] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4997] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4994] <... mount resumed>) = 0 [pid 4994] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4994] chdir("./bus") = 0 [pid 4994] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./229/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./229/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./229/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] <... openat resumed>) = 4 [pid 4997] <... openat resumed>) = 4 [pid 4996] <... openat resumed>) = 4 [pid 342] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./229/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./229") = 0 [pid 342] mkdir("./230", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4997] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5001 ./strace-static-x86_64: Process 5001 attached [pid 5001] set_robust_list(0x555584fcf660, 24) = 0 [pid 5001] chdir("./230") = 0 [pid 5001] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5001] setpgid(0, 0) = 0 [pid 5001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5001] write(3, "1000", 4) = 4 [pid 5001] close(3) = 0 [pid 4996] ioctl(4, LOOP_SET_FD, 3 [pid 4998] ioctl(4, LOOP_SET_FD, 3 [pid 5001] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4997] <... ioctl resumed>) = 0 [pid 4994] <... openat resumed>) = 4 [pid 4997] close(3 [pid 4994] ioctl(4, LOOP_CLR_FD [pid 4997] <... close resumed>) = 0 [pid 4996] <... ioctl resumed>) = 0 [pid 4994] <... ioctl resumed>) = 0 [pid 4997] close(4 [pid 4996] close(3 [pid 4994] close(4executing program [pid 5001] write(1, "executing program\n", 18 [pid 4996] <... close resumed>) = 0 [pid 4998] <... ioctl resumed>) = 0 [pid 4996] close(4 [pid 5001] <... write resumed>) = 18 [pid 5001] memfd_create("syzkaller", 0) = 3 [pid 5001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4997] <... close resumed>) = 0 [pid 5001] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5001] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 4994] <... close resumed>) = 0 [pid 4998] close(3 [pid 4997] mkdir("./bus", 0777 [pid 4996] <... close resumed>) = 0 [pid 4994] memfd_create("syzkaller", 0 [pid 4996] mkdir("./bus", 0777 [pid 5001] ioctl(4, LOOP_SET_FD, 3 [pid 4997] <... mkdir resumed>) = 0 [pid 4996] <... mkdir resumed>) = 0 [pid 4994] <... memfd_create resumed>) = 4 [pid 4998] <... close resumed>) = 0 [pid 4997] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4998] close(4 [pid 4996] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4994] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5001] <... ioctl resumed>) = 0 [ 222.754674][ T4994] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 222.768839][ T4994] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/232/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4994] <... mmap resumed>) = 0x7f7c475b3000 [pid 5001] close(3) = 0 [pid 5001] close(4 [pid 4998] <... close resumed>) = 0 [pid 4998] mkdir("./bus", 0777) = 0 [pid 4998] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4996] <... mount resumed>) = 0 [pid 4996] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4996] chdir("./bus") = 0 [ 222.848736][ T4996] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 222.867457][ T4996] ext4 filesystem being mounted at /root/syzkaller.53SCZU/233/bus supports timestamps until (%ptR?) (0x7fffffff) [ 222.883201][ T4997] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4996] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5001] <... close resumed>) = 0 [pid 5001] mkdir("./bus", 0777) = 0 [pid 4997] <... mount resumed>) = 0 [pid 4997] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4997] chdir("./bus" [pid 5001] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 4997] <... chdir resumed>) = 0 [pid 4997] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4994] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4996] <... openat resumed>) = 4 [pid 4996] ioctl(4, LOOP_CLR_FD) = 0 [pid 4996] close(4) = 0 [ 222.897734][ T4997] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/234/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4996] memfd_create("syzkaller", 0 [pid 4997] <... openat resumed>) = 4 [pid 4996] <... memfd_create resumed>) = 4 [pid 4994] <... write resumed>) = 20699119 [pid 4996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4997] ioctl(4, LOOP_CLR_FD [pid 4994] munmap(0x7f7c475b3000, 138412032 [pid 4997] <... ioctl resumed>) = 0 [pid 4997] close(4) = 0 [pid 4997] memfd_create("syzkaller", 0) = 4 [pid 4997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4994] <... munmap resumed>) = 0 [pid 4994] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 4994] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4994] ioctl(5, LOOP_CLR_FD) = 0 [ 222.981125][ T4998] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 223.002029][ T5001] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 4998] <... mount resumed>) = 0 [pid 4998] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 4998] chdir("./bus") = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4994] ioctl(5, LOOP_SET_FD, 4 [pid 4998] <... openat resumed>) = 4 [pid 4998] ioctl(4, LOOP_CLR_FD) = 0 [pid 4998] close(4) = 0 [pid 4998] memfd_create("syzkaller", 0) = 4 [pid 4998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4994] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 4994] close(5) = 0 [pid 4994] close(4 [pid 5001] <... mount resumed>) = 0 [pid 5001] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5001] chdir("./bus") = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5001] ioctl(4, LOOP_CLR_FD) = 0 [ 223.020918][ T4998] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/231/bus supports timestamps until (%ptR?) (0x7fffffff) [ 223.027367][ T5001] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/230/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5001] close(4) = 0 [pid 5001] memfd_create("syzkaller", 0) = 4 [pid 5001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4996] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4994] <... close resumed>) = 0 [pid 4994] exit_group(0) = ? [pid 4994] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4994, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./232/binderfs") = 0 [pid 348] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4997] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4998] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./232/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./232/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./232/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./232") = 0 [pid 348] mkdir("./233", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5014 ./strace-static-x86_64: Process 5014 attached [pid 5014] set_robust_list(0x555584fcf660, 24) = 0 [pid 5014] chdir("./233") = 0 [pid 5014] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5014] setpgid(0, 0) = 0 [pid 5014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5014] write(3, "1000", 4) = 4 [pid 5014] close(3) = 0 [pid 5014] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5014] write(1, "executing program\n", 18executing program ) = 18 [pid 5014] memfd_create("syzkaller", 0) = 3 [pid 5014] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5014] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5014] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5014] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5014] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5014] close(3) = 0 [pid 5014] close(4) = 0 [pid 5014] mkdir("./bus", 0777) = 0 [pid 5014] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5001] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 4996] <... write resumed>) = 20699119 [pid 4996] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4996] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 4996] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4996] ioctl(5, LOOP_CLR_FD) = 0 [pid 4996] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4996] close(5) = 0 [pid 4996] close(4 [pid 4997] <... write resumed>) = 20699119 [pid 4997] munmap(0x7f7c475b3000, 138412032) = 0 [pid 4997] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 4997] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4997] ioctl(5, LOOP_CLR_FD) = 0 [pid 4997] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4997] close(5) = 0 [pid 4997] close(4 [pid 4998] <... write resumed>) = 20699119 [pid 4998] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5014] <... mount resumed>) = 0 [pid 5014] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5014] chdir("./bus") = 0 [pid 5014] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5014] ioctl(4, LOOP_CLR_FD) = 0 [pid 5014] close(4) = 0 [pid 5014] memfd_create("syzkaller", 0) = 4 [pid 5014] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 4998] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 4998] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4998] ioctl(5, LOOP_CLR_FD) = 0 [ 223.377149][ T5014] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 223.402732][ T5014] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/233/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 4998] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 4998] close(5) = 0 [pid 4998] close(4 [pid 4996] <... close resumed>) = 0 [pid 4997] <... close resumed>) = 0 [pid 4996] exit_group(0) = ? [pid 4996] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4996, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./233/binderfs") = 0 [pid 349] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5001] <... write resumed>) = 20699119 [pid 4997] exit_group(0 [pid 5001] munmap(0x7f7c475b3000, 138412032 [pid 4997] <... exit_group resumed>) = ? [pid 5001] <... munmap resumed>) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4997] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4997, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./234/binderfs") = 0 [pid 343] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 4998] <... close resumed>) = 0 [pid 4998] exit_group(0) = ? [pid 4998] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4998, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5001] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 5001] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5001] ioctl(5, LOOP_CLR_FD [pid 349] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./233/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./233/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./233/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] rmdir("./233" [pid 344] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... rmdir resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./231/binderfs" [pid 349] mkdir("./234", 0777 [pid 344] <... unlink resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 344] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5014] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5001] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./234/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./234/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./234/bus" [pid 5001] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... rmdir resumed>) = 0 [pid 5001] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] getdents64(3, [pid 5001] close(5 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./234") = 0 [pid 343] mkdir("./235", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5014] <... write resumed>) = 20699119 [pid 5014] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5014] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5001] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 5014] <... openat resumed>) = 5 [pid 5001] close(4 [pid 344] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... openat resumed>) = 3 [pid 5014] ioctl(5, LOOP_SET_FD, 4 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5014] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5018 [pid 5014] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./231/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./231/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5014] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... openat resumed>) = 4 [pid 5014] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] newfstatat(4, "", [pid 5014] close(5 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5014] <... close resumed>) = 0 [pid 344] getdents64(4, [pid 5014] close(4 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, [pid 343] ioctl(3, LOOP_CLR_FD [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(4 [pid 343] close(3 [pid 344] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 344] rmdir("./231/bus" [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5019 [pid 344] <... close resumed>) = 0 [pid 344] rmdir("./231") = 0 [pid 344] mkdir("./232", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5020 ./strace-static-x86_64: Process 5019 attached [pid 5019] set_robust_list(0x555584fcf660, 24) = 0 ./strace-static-x86_64: Process 5018 attached [pid 5019] chdir("./235") = 0 [pid 5019] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5019] setpgid(0, 0) = 0 [pid 5019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5018] set_robust_list(0x555584fcf660, 24./strace-static-x86_64: Process 5020 attached ) = 0 [pid 5020] set_robust_list(0x555584fcf660, 24 [pid 5018] chdir("./234" [pid 5020] <... set_robust_list resumed>) = 0 [pid 5018] <... chdir resumed>) = 0 [pid 5018] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5020] chdir("./232" [pid 5018] <... prctl resumed>) = 0 [pid 5020] <... chdir resumed>) = 0 [pid 5018] setpgid(0, 0 [pid 5020] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5018] <... setpgid resumed>) = 0 [pid 5020] <... prctl resumed>) = 0 [pid 5019] <... openat resumed>) = 3 [pid 5018] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5020] setpgid(0, 0 [pid 5018] write(3, "1000", 4 [pid 5020] <... setpgid resumed>) = 0 [pid 5018] <... write resumed>) = 4 [pid 5018] close(3 [pid 5020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5018] <... close resumed>) = 0 [pid 5018] symlink("/dev/binderfs", "./binderfs" [pid 5020] <... openat resumed>) = 3 [pid 5019] write(3, "1000", 4executing program ) = 4 [pid 5020] write(3, "1000", 4 [pid 5018] <... symlink resumed>) = 0 [pid 5020] <... write resumed>) = 4 [pid 5018] write(1, "executing program\n", 18 [pid 5020] close(3 [pid 5018] <... write resumed>) = 18 [pid 5019] close(3 [pid 5018] memfd_create("syzkaller", 0 [pid 5020] <... close resumed>) = 0 [pid 5020] symlink("/dev/binderfs", "./binderfs" [pid 5018] <... memfd_create resumed>) = 3 [pid 5018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5020] <... symlink resumed>) = 0 [pid 5019] <... close resumed>) = 0 [pid 5019] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] write(1, "executing program\n", 18executing program [pid 5020] write(1, "executing program\n", 18 [pid 5018] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5019] <... write resumed>) = 18 [pid 5019] memfd_create("syzkaller", 0) = 3 executing program [pid 5019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5020] <... write resumed>) = 18 [pid 5019] <... mmap resumed>) = 0x7f7c475b3000 [pid 5018] <... write resumed>) = 262144 [pid 5020] memfd_create("syzkaller", 0 [pid 5019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5018] munmap(0x7f7c475b3000, 138412032 [pid 5020] <... memfd_create resumed>) = 3 [pid 5020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5018] <... munmap resumed>) = 0 [pid 5020] <... mmap resumed>) = 0x7f7c475b3000 [pid 5018] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5019] <... write resumed>) = 262144 [pid 5020] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5018] <... openat resumed>) = 4 [pid 5019] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5018] ioctl(4, LOOP_SET_FD, 3 [pid 5019] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5019] ioctl(4, LOOP_SET_FD, 3 [pid 5020] <... write resumed>) = 262144 [pid 5020] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5020] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5018] <... ioctl resumed>) = 0 [pid 5018] close(3 [pid 5020] <... openat resumed>) = 4 [pid 5020] ioctl(4, LOOP_SET_FD, 3 [pid 5018] <... close resumed>) = 0 [pid 5018] close(4 [pid 5019] <... ioctl resumed>) = 0 [pid 5019] close(3) = 0 [pid 5019] close(4 [pid 5020] <... ioctl resumed>) = 0 [pid 5018] <... close resumed>) = 0 [pid 5019] <... close resumed>) = 0 [pid 5019] mkdir("./bus", 0777) = 0 [pid 5019] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5020] close(3 [pid 5018] mkdir("./bus", 0777 [pid 5020] <... close resumed>) = 0 [pid 5018] <... mkdir resumed>) = 0 [pid 5020] close(4 [pid 5018] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5001] <... close resumed>) = 0 [pid 5001] exit_group(0) = ? [pid 5001] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5001, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5014] <... close resumed>) = 0 [pid 5014] exit_group(0) = ? [pid 5014] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5014, si_uid=0, si_status=0, si_utime=3, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 348] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./233/binderfs") = 0 [pid 348] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./230/binderfs") = 0 [pid 342] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5019] <... mount resumed>) = 0 [pid 5019] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5019] chdir("./bus") = 0 [pid 5019] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5020] <... close resumed>) = 0 [pid 5020] mkdir("./bus", 0777) = 0 [pid 5020] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5019] <... openat resumed>) = 4 [pid 5019] ioctl(4, LOOP_CLR_FD) = 0 [pid 5019] close(4) = 0 [pid 5019] memfd_create("syzkaller", 0) = 4 [pid 5019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 223.706707][ T5019] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 223.721222][ T5019] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/235/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5018] <... mount resumed>) = 0 [pid 5018] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5018] chdir("./bus") = 0 [pid 5018] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5020] <... mount resumed>) = 0 [pid 5020] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5020] chdir("./bus") = 0 [pid 5020] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 223.746313][ T5018] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 223.760773][ T5018] ext4 filesystem being mounted at /root/syzkaller.53SCZU/234/bus supports timestamps until (%ptR?) (0x7fffffff) [ 223.777910][ T5020] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 223.792477][ T5020] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/232/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5019] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5018] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5018] ioctl(4, LOOP_CLR_FD [pid 348] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5018] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5018] close(4 [pid 348] newfstatat(AT_FDCWD, "./233/bus", [pid 342] newfstatat(AT_FDCWD, "./230/bus", [pid 5018] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5018] memfd_create("syzkaller", 0 [pid 348] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./230/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5018] <... memfd_create resumed>) = 4 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] openat(AT_FDCWD, "./233/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./230/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5018] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] <... openat resumed>) = 4 [pid 342] <... openat resumed>) = 4 [pid 348] newfstatat(4, "", [pid 342] newfstatat(4, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 342] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] getdents64(4, [pid 348] close(4 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... close resumed>) = 0 [pid 342] close(4 [pid 348] rmdir("./233/bus" [pid 342] <... close resumed>) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 342] rmdir("./230/bus" [pid 348] getdents64(3, [pid 342] <... rmdir resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] getdents64(3, [pid 348] close(3 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] <... close resumed>) = 0 [pid 342] close(3 [pid 348] rmdir("./233" [pid 342] <... close resumed>) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 342] rmdir("./230" [pid 348] mkdir("./234", 0777 [pid 342] <... rmdir resumed>) = 0 [pid 348] <... mkdir resumed>) = 0 [pid 342] mkdir("./231", 0777 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] <... mkdir resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] <... openat resumed>) = 3 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] ioctl(3, LOOP_CLR_FD [pid 348] close(3 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... close resumed>) = 0 [pid 342] close(3 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5031 attached ./strace-static-x86_64: Process 5030 attached [pid 5019] <... write resumed>) = 20699119 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5030 [pid 5031] set_robust_list(0x555584fcf660, 24 [pid 5030] set_robust_list(0x555584fcf660, 24 [pid 5020] <... openat resumed>) = 4 [pid 5019] munmap(0x7f7c475b3000, 138412032 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5031 [pid 5031] <... set_robust_list resumed>) = 0 [pid 5030] <... set_robust_list resumed>) = 0 [pid 5020] ioctl(4, LOOP_CLR_FD [pid 5019] <... munmap resumed>) = 0 [pid 5030] chdir("./234" [pid 5020] <... ioctl resumed>) = 0 [pid 5031] chdir("./231" [pid 5019] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5030] <... chdir resumed>) = 0 [pid 5020] close(4 [pid 5019] <... openat resumed>) = 5 [pid 5031] <... chdir resumed>) = 0 [pid 5031] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5030] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5020] <... close resumed>) = 0 [pid 5019] ioctl(5, LOOP_SET_FD, 4 [pid 5031] <... prctl resumed>) = 0 [pid 5030] <... prctl resumed>) = 0 [pid 5020] memfd_create("syzkaller", 0 [pid 5019] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5031] setpgid(0, 0 [pid 5030] setpgid(0, 0 [pid 5020] <... memfd_create resumed>) = 4 [pid 5019] ioctl(5, LOOP_CLR_FD [pid 5031] <... setpgid resumed>) = 0 [pid 5030] <... setpgid resumed>) = 0 [pid 5020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5019] <... ioctl resumed>) = 0 [pid 5031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5030] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5020] <... mmap resumed>) = 0x7f7c475b3000 [pid 5031] <... openat resumed>) = 3 [pid 5030] <... openat resumed>) = 3 [pid 5030] write(3, "1000", 4 [pid 5031] write(3, "1000", 4 [pid 5030] <... write resumed>) = 4 [pid 5031] <... write resumed>) = 4 [pid 5030] close(3 [pid 5031] close(3) = 0 [pid 5030] <... close resumed>) = 0 [pid 5030] symlink("/dev/binderfs", "./binderfs" [pid 5031] symlink("/dev/binderfs", "./binderfs" [pid 5030] <... symlink resumed>) = 0 [pid 5031] <... symlink resumed>) = 0 [pid 5030] write(1, "executing program\n", 18executing program [pid 5019] ioctl(5, LOOP_SET_FD, 4 [pid 5031] write(1, "executing program\n", 18 [pid 5030] <... write resumed>) = 18 executing program [pid 5019] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5031] <... write resumed>) = 18 [pid 5030] memfd_create("syzkaller", 0 [pid 5019] close(5 [pid 5031] memfd_create("syzkaller", 0 [pid 5019] <... close resumed>) = 0 [pid 5030] <... memfd_create resumed>) = 3 [pid 5019] close(4 [pid 5031] <... memfd_create resumed>) = 3 [pid 5031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5031] <... mmap resumed>) = 0x7f7c475b3000 [pid 5030] <... mmap resumed>) = 0x7f7c475b3000 [pid 5031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5030] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5031] <... write resumed>) = 262144 [pid 5030] <... write resumed>) = 262144 [pid 5030] munmap(0x7f7c475b3000, 138412032 [pid 5031] munmap(0x7f7c475b3000, 138412032 [pid 5030] <... munmap resumed>) = 0 [pid 5031] <... munmap resumed>) = 0 [pid 5030] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5031] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5030] <... openat resumed>) = 4 [pid 5031] <... openat resumed>) = 4 [pid 5031] ioctl(4, LOOP_SET_FD, 3 [pid 5030] ioctl(4, LOOP_SET_FD, 3 [pid 5031] <... ioctl resumed>) = 0 [pid 5031] close(3) = 0 [pid 5031] close(4) = 0 [pid 5030] <... ioctl resumed>) = 0 [pid 5031] mkdir("./bus", 0777 [pid 5030] close(3 [pid 5031] <... mkdir resumed>) = 0 [pid 5030] <... close resumed>) = 0 [pid 5031] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5030] close(4) = 0 [pid 5030] mkdir("./bus", 0777) = 0 [pid 5030] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5019] <... close resumed>) = 0 [pid 5019] exit_group(0) = ? [pid 5019] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5019, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./235/binderfs") = 0 [pid 343] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5031] <... mount resumed>) = 0 [pid 5031] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5031] chdir("./bus") = 0 [ 223.953519][ T5031] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 223.976879][ T5031] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/231/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5031] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5018] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5031] <... openat resumed>) = 4 [pid 343] <... umount2 resumed>) = 0 [pid 5031] ioctl(4, LOOP_CLR_FD) = 0 [pid 5031] close(4) = 0 [pid 5031] memfd_create("syzkaller", 0) = 4 [pid 5031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5020] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./235/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./235/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./235/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./235") = 0 [pid 343] mkdir("./236", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5038 [pid 5030] <... mount resumed>) = 0 [pid 5030] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5030] chdir("./bus") = 0 [pid 5030] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5030] ioctl(4, LOOP_CLR_FD) = 0 [pid 5030] close(4./strace-static-x86_64: Process 5038 attached [pid 5038] set_robust_list(0x555584fcf660, 24) = 0 [pid 5038] chdir("./236") = 0 [pid 5038] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5038] setpgid(0, 0) = 0 [pid 5030] <... close resumed>) = 0 [pid 5030] memfd_create("syzkaller", 0) = 4 [pid 5030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5038] write(3, "1000", 4) = 4 [pid 5038] close(3) = 0 [pid 5038] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5038] write(1, "executing program\n", 18executing program ) = 18 [pid 5038] memfd_create("syzkaller", 0) = 3 [ 224.014194][ T5030] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 224.037234][ T5030] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/234/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5038] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5038] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5038] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5038] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5038] close(3) = 0 [pid 5038] close(4) = 0 [pid 5038] mkdir("./bus", 0777) = 0 [pid 5038] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5020] <... write resumed>) = 20699119 [pid 5020] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5038] <... mount resumed>) = 0 [pid 5020] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5038] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5020] <... openat resumed>) = 5 [pid 5020] ioctl(5, LOOP_SET_FD, 4 [pid 5038] <... openat resumed>) = 3 [pid 5020] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5038] chdir("./bus" [pid 5020] ioctl(5, LOOP_CLR_FD [pid 5038] <... chdir resumed>) = 0 [pid 5020] <... ioctl resumed>) = 0 [pid 5038] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5038] ioctl(4, LOOP_CLR_FD) = 0 [pid 5038] close(4) = 0 [pid 5020] ioctl(5, LOOP_SET_FD, 4 [pid 5038] memfd_create("syzkaller", 0) = 4 [pid 5020] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5020] close(5 [pid 5038] <... mmap resumed>) = 0x7f7c475b3000 [pid 5020] <... close resumed>) = 0 [ 224.137795][ T5038] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 224.152293][ T5038] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/236/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5020] close(4 [pid 5018] <... write resumed>) = 20699119 [pid 5018] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5018] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5018] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5018] ioctl(5, LOOP_CLR_FD) = 0 [pid 5018] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5018] close(5) = 0 [pid 5018] close(4 [pid 5031] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5020] <... close resumed>) = 0 [pid 5020] exit_group(0) = ? [pid 5020] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5020, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./232/binderfs") = 0 [pid 344] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5030] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5018] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./232/bus", [pid 5018] exit_group(0) = ? [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5018] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5018, si_uid=0, si_status=0, si_utime=9, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./232/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./232/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./232") = 0 [pid 344] mkdir("./233", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./234/binderfs") = 0 [pid 349] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5042 ./strace-static-x86_64: Process 5042 attached [pid 5042] set_robust_list(0x555584fcf660, 24) = 0 [pid 5042] chdir("./233") = 0 [pid 5042] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5042] setpgid(0, 0) = 0 [pid 5042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5042] write(3, "1000", 4) = 4 [pid 5042] close(3) = 0 [pid 5042] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5042] write(1, "executing program\n", 18executing program ) = 18 [pid 5042] memfd_create("syzkaller", 0) = 3 [pid 5042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5042] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5042] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5042] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5038] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 349] <... umount2 resumed>) = 0 [pid 5042] <... openat resumed>) = 4 [pid 5042] ioctl(4, LOOP_SET_FD, 3 [pid 349] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./234/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./234/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./234/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./234") = 0 [pid 349] mkdir("./235", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5042] <... ioctl resumed>) = 0 [pid 5042] close(3 [pid 349] <... openat resumed>) = 3 [pid 5042] <... close resumed>) = 0 [pid 5042] close(4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 5042] <... close resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5042] mkdir("./bus", 0777 [pid 349] close(3 [pid 5042] <... mkdir resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5042] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5044 ./strace-static-x86_64: Process 5044 attached [pid 5044] set_robust_list(0x555584fcf660, 24) = 0 [pid 5044] chdir("./235") = 0 [pid 5044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5044] setpgid(0, 0) = 0 [pid 5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5044] write(3, "1000", 4) = 4 [pid 5044] close(3) = 0 [pid 5044] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5044] write(1, "executing program\n", 18) = 18 [pid 5044] memfd_create("syzkaller", 0) = 3 [pid 5044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5044] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5044] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5044] ioctl(4, LOOP_SET_FD, 3 [pid 5031] <... write resumed>) = 20699119 [pid 5044] <... ioctl resumed>) = 0 [pid 5044] close(3) = 0 [pid 5044] close(4 [pid 5031] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5031] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5030] <... write resumed>) = 20699119 [pid 5030] munmap(0x7f7c475b3000, 138412032 [pid 5042] <... mount resumed>) = 0 [pid 5030] <... munmap resumed>) = 0 [pid 5042] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5030] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5042] <... openat resumed>) = 3 [pid 5042] chdir("./bus") = 0 [pid 5042] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5044] <... close resumed>) = 0 [pid 5031] <... openat resumed>) = 5 [pid 5031] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5031] ioctl(5, LOOP_CLR_FD) = 0 [pid 5044] mkdir("./bus", 0777 [pid 5031] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5031] close(5 [pid 5044] <... mkdir resumed>) = 0 [pid 5042] <... openat resumed>) = 4 [pid 5031] <... close resumed>) = 0 [pid 5030] <... openat resumed>) = 5 [pid 5031] close(4 [pid 5044] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5030] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5030] ioctl(5, LOOP_CLR_FD [pid 5042] ioctl(4, LOOP_CLR_FD [pid 5030] <... ioctl resumed>) = 0 [pid 5042] <... ioctl resumed>) = 0 [pid 5042] close(4 [pid 5030] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5042] <... close resumed>) = 0 [pid 5042] memfd_create("syzkaller", 0 [pid 5038] <... write resumed>) = 20699119 [pid 5030] close(5) = 0 [pid 5030] close(4 [pid 5042] <... memfd_create resumed>) = 4 [pid 5038] munmap(0x7f7c475b3000, 138412032 [pid 5042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5038] <... munmap resumed>) = 0 [pid 5042] <... mmap resumed>) = 0x7f7c475b3000 [ 224.457352][ T5042] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 224.482253][ T5042] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/233/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5038] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5038] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5038] ioctl(5, LOOP_CLR_FD) = 0 [pid 5038] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5038] close(5) = 0 [ 224.548264][ T5044] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5038] close(4 [pid 5044] <... mount resumed>) = 0 [pid 5044] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5044] chdir("./bus") = 0 [pid 5044] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5044] ioctl(4, LOOP_CLR_FD) = 0 [pid 5044] close(4) = 0 [pid 5044] memfd_create("syzkaller", 0) = 4 [pid 5044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5031] <... close resumed>) = 0 [pid 5031] exit_group(0) = ? [pid 5031] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5031, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [ 224.586988][ T5044] ext4 filesystem being mounted at /root/syzkaller.53SCZU/235/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5030] <... close resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5030] exit_group(0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5030] <... exit_group resumed>) = ? [pid 342] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5030] +++ exited with 0 +++ [pid 342] <... openat resumed>) = 3 [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5030, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./231/binderfs") = 0 [pid 342] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./234/binderfs") = 0 [pid 348] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5038] <... close resumed>) = 0 [pid 5038] exit_group(0) = ? [pid 5038] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5038, si_uid=0, si_status=0, si_utime=10, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./236/binderfs") = 0 [pid 343] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./231/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./231/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./231/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./231/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./231") = 0 [pid 342] mkdir("./232", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5042] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5044] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5042] <... write resumed>) = 20699119 [pid 5042] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5042] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 348] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = 0 [pid 342] ioctl(3, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./236/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./236/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./236/bus" [pid 348] newfstatat(AT_FDCWD, "./234/bus", [pid 343] <... rmdir resumed>) = 0 [pid 342] close(3 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./236") = 0 [pid 343] mkdir("./237", 0777 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 348] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] openat(AT_FDCWD, "./234/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5050 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5051 [pid 348] <... openat resumed>) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5042] <... openat resumed>) = 5 [pid 5042] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5042] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5051 attached [pid 5051] set_robust_list(0x555584fcf660, 24) = 0 [pid 5051] chdir("./237") = 0 [pid 5051] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5051] setpgid(0, 0) = 0 [pid 5051] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5051] write(3, "1000", 4) = 4 [pid 5051] close(3) = 0 ./strace-static-x86_64: Process 5050 attached [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./234/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./234") = 0 [pid 348] mkdir("./235", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 5044] <... write resumed>) = 20699119 [pid 348] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5042] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5042] close(5) = 0 [pid 5042] close(4executing program [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5052 [pid 5051] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] write(1, "executing program\n", 18) = 18 [pid 5051] memfd_create("syzkaller", 0) = 3 [pid 5051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5051] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5044] munmap(0x7f7c475b3000, 138412032./strace-static-x86_64: Process 5052 attached [pid 5051] <... write resumed>) = 262144 [pid 5050] set_robust_list(0x555584fcf660, 24 [pid 5044] <... munmap resumed>) = 0 [pid 5044] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5044] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5044] ioctl(5, LOOP_CLR_FD) = 0 [pid 5052] set_robust_list(0x555584fcf660, 24) = 0 [pid 5052] chdir("./235" [pid 5050] <... set_robust_list resumed>) = 0 [pid 5044] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5044] close(5) = 0 [pid 5044] close(4 [pid 5050] chdir("./232" [pid 5052] <... chdir resumed>) = 0 [pid 5050] <... chdir resumed>) = 0 [pid 5052] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5050] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] setpgid(0, 0 [pid 5050] <... prctl resumed>) = 0 [pid 5050] setpgid(0, 0 [pid 5052] <... setpgid resumed>) = 0 [pid 5050] <... setpgid resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5050] write(3, "1000", 4 [pid 5051] munmap(0x7f7c475b3000, 138412032 [pid 5042] <... close resumed>) = 0 [pid 5052] write(3, "1000", 4 [pid 5051] <... munmap resumed>) = 0 [pid 5042] exit_group(0 [pid 5051] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5042] <... exit_group resumed>) = ? [pid 5051] <... openat resumed>) = 4 [pid 5050] <... write resumed>) = 4 [pid 5051] ioctl(4, LOOP_SET_FD, 3 [pid 5042] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5042, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5052] <... write resumed>) = 4 [pid 5050] close(3 [pid 5052] close(3 [pid 5050] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] symlink("/dev/binderfs", "./binderfs" [pid 5052] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... symlink resumed>) = 0 [pid 5051] <... ioctl resumed>) = 0 [pid 5051] close(3) = 0 [pid 5051] close(4) = 0 [pid 5051] mkdir("./bus", 0777 [pid 5052] <... symlink resumed>) = 0 executing program executing program [pid 5052] write(1, "executing program\n", 18) = 18 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5050] write(1, "executing program\n", 18) = 18 [pid 5052] memfd_create("syzkaller", 0 [pid 5050] memfd_create("syzkaller", 0) = 3 [pid 5052] <... memfd_create resumed>) = 3 [pid 5052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5050] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 344] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, [pid 5052] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./233/binderfs") = 0 [pid 344] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5052] <... write resumed>) = 262144 [pid 5050] <... write resumed>) = 262144 [pid 5050] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5052] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5050] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5044] <... close resumed>) = 0 [pid 5044] exit_group(0) = ? [pid 5044] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5044, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./235/binderfs") = 0 [pid 349] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5051] <... mount resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5051] chdir("./bus") = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... openat resumed>) = 4 [pid 5050] <... openat resumed>) = 4 [pid 344] <... umount2 resumed>) = 0 [pid 5052] ioctl(4, LOOP_SET_FD, 3 [pid 5050] ioctl(4, LOOP_SET_FD, 3 [pid 344] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./233/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./233/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./233/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./233") = 0 [pid 344] mkdir("./234", 0777) = 0 [ 224.885759][ T5051] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 224.900241][ T5051] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/237/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... ioctl resumed>) = 0 [pid 5052] close(3) = 0 [pid 5052] close(4 [pid 5050] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5050] close(3 [pid 349] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5050] close(4) = 0 [pid 5050] mkdir("./bus", 0777) = 0 [pid 5050] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5058 [pid 349] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./235/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./235/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] ioctl(4, LOOP_CLR_FD [pid 5052] mkdir("./bus", 0777 [pid 349] getdents64(4, [pid 5052] <... mkdir resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5052] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./235/bus") = 0 ./strace-static-x86_64: Process 5058 attached [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./235") = 0 [pid 349] mkdir("./236", 0777 [pid 5058] set_robust_list(0x555584fcf660, 24 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5058] <... set_robust_list resumed>) = 0 [pid 5058] chdir("./234") = 0 [pid 5058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5058] setpgid(0, 0) = 0 [pid 5058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5058] write(3, "1000", 4) = 4 [pid 5058] close(3) = 0 [pid 5058] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5058] write(1, "executing program\n", 18executing program ) = 18 [pid 5058] memfd_create("syzkaller", 0) = 3 [pid 5058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5058] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5058] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5058] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... mount resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5050] chdir("./bus") = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop0", O_RDWRexecuting program [pid 5051] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5061 [pid 5058] <... openat resumed>) = 4 [pid 5051] close(4./strace-static-x86_64: Process 5061 attached [pid 5061] set_robust_list(0x555584fcf660, 24) = 0 [pid 5061] chdir("./236") = 0 [pid 5061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5061] setpgid(0, 0) = 0 [pid 5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5061] write(3, "1000", 4) = 4 [pid 5061] close(3) = 0 [pid 5061] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5061] write(1, "executing program\n", 18) = 18 [pid 5061] memfd_create("syzkaller", 0) = 3 [pid 5061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5058] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... close resumed>) = 0 [pid 5051] memfd_create("syzkaller", 0) = 4 [pid 5051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5061] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5061] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5058] <... ioctl resumed>) = 0 [pid 5058] close(3) = 0 [ 224.988714][ T5050] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 225.002857][ T5050] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/232/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5058] close(4 [pid 5052] <... mount resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5052] chdir("./bus") = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5058] <... close resumed>) = 0 [pid 5061] <... openat resumed>) = 4 [pid 5050] <... openat resumed>) = 4 [pid 5058] mkdir("./bus", 0777) = 0 [pid 5058] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5052] <... openat resumed>) = 4 [pid 5050] ioctl(4, LOOP_CLR_FD [pid 5061] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... ioctl resumed>) = 0 [pid 5050] close(4 [pid 5052] ioctl(4, LOOP_CLR_FD [pid 5061] <... ioctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] memfd_create("syzkaller", 0 [pid 5061] close(3 [pid 5050] <... memfd_create resumed>) = 4 [pid 5061] <... close resumed>) = 0 [pid 5061] close(4 [pid 5050] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5052] <... ioctl resumed>) = 0 [ 225.058217][ T5052] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 225.072232][ T5052] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/235/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5052] close(4 [pid 5051] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5061] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5061] mkdir("./bus", 0777 [pid 5052] memfd_create("syzkaller", 0 [pid 5061] <... mkdir resumed>) = 0 [pid 5061] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5052] <... memfd_create resumed>) = 4 [pid 5052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5058] <... mount resumed>) = 0 [pid 5058] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5058] chdir("./bus") = 0 [ 225.122846][ T5058] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 225.146868][ T5058] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/234/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5058] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... write resumed>) = 20699119 [pid 5051] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5058] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 5 [pid 5058] ioctl(4, LOOP_CLR_FD [pid 5051] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5051] ioctl(5, LOOP_CLR_FD) = 0 [pid 5051] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5051] close(5) = 0 [pid 5051] close(4 [pid 5058] <... ioctl resumed>) = 0 [pid 5058] close(4) = 0 [pid 5058] memfd_create("syzkaller", 0) = 4 [pid 5058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5052] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5051] <... close resumed>) = 0 [pid 5061] <... mount resumed>) = 0 [pid 5061] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5061] chdir("./bus") = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5061] ioctl(4, LOOP_CLR_FD) = 0 [pid 5061] close(4 [ 225.276497][ T5061] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 225.307201][ T5061] ext4 filesystem being mounted at /root/syzkaller.53SCZU/236/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5050] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5061] <... close resumed>) = 0 [pid 5061] memfd_create("syzkaller", 0) = 4 [pid 5061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5051] exit_group(0) = ? [pid 5051] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5051, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./237/binderfs") = 0 [pid 343] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5058] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./237/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./237/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./237/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./237") = 0 [pid 343] mkdir("./238", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5070 ./strace-static-x86_64: Process 5070 attached [pid 5070] set_robust_list(0x555584fcf660, 24) = 0 [pid 5070] chdir("./238") = 0 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5070] setpgid(0, 0) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] write(3, "1000", 4) = 4 [pid 5070] close(3) = 0 [pid 5070] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5070] write(1, "executing program\n", 18executing program ) = 18 [pid 5070] memfd_create("syzkaller", 0) = 3 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5070] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5070] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5070] close(3) = 0 [pid 5070] close(4) = 0 [pid 5070] mkdir("./bus", 0777) = 0 [pid 5070] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5052] <... write resumed>) = 20699119 [pid 5050] <... write resumed>) = 20699119 [pid 5050] munmap(0x7f7c475b3000, 138412032 [pid 5052] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5050] <... munmap resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5058] <... write resumed>) = 20699119 [pid 5052] <... openat resumed>) = 5 [pid 5052] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5052] ioctl(5, LOOP_CLR_FD) = 0 [pid 5050] <... openat resumed>) = 5 [pid 5050] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5050] ioctl(5, LOOP_CLR_FD) = 0 [pid 5058] munmap(0x7f7c475b3000, 138412032 [pid 5052] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5052] close(5) = 0 [pid 5052] close(4 [pid 5050] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5050] close(5) = 0 [pid 5050] close(4 [pid 5058] <... munmap resumed>) = 0 [pid 5058] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5058] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5058] ioctl(5, LOOP_CLR_FD) = 0 [pid 5058] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5058] close(5) = 0 [pid 5058] close(4 [ 225.568526][ T5070] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5061] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5052] <... close resumed>) = 0 [pid 5052] exit_group(0) = ? [pid 5052] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5052, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./235/binderfs") = 0 [pid 348] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5070] <... mount resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] chdir("./bus") = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... close resumed>) = 0 [pid 5050] exit_group(0) = ? [pid 5050] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5050, si_uid=0, si_status=0, si_utime=9, si_stime=16} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5061] <... write resumed>) = 20699119 [pid 5061] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5058] <... close resumed>) = 0 [ 225.613828][ T5070] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/238/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5058] exit_group(0) = ? [pid 5058] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5058, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, [pid 342] getdents64(3, [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./234/binderfs", [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./232/binderfs", [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./234/binderfs" [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./232/binderfs" [pid 344] <... unlink resumed>) = 0 [pid 344] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... unlink resumed>) = 0 [pid 342] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5070] <... openat resumed>) = 4 [pid 5061] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 5070] ioctl(4, LOOP_CLR_FD [pid 348] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./235/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./235/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5061] ioctl(5, LOOP_SET_FD, 4 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./235/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./235" [pid 5061] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./236", 0777 [pid 5061] ioctl(5, LOOP_CLR_FD [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... ioctl resumed>) = 0 [pid 5061] <... ioctl resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 5070] close(4) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = 0 [pid 5070] memfd_create("syzkaller", 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5070] <... memfd_create resumed>) = 4 [pid 5061] ioctl(5, LOOP_SET_FD, 4 [pid 348] close(3 [pid 344] newfstatat(AT_FDCWD, "./234/bus", [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5061] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... mmap resumed>) = 0x7f7c475b3000 [pid 5061] close(5 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] newfstatat(AT_FDCWD, "./232/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./232/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./232/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5074 [pid 344] openat(AT_FDCWD, "./234/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", [pid 344] newfstatat(4, "", [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 344] getdents64(4, [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] getdents64(4, [pid 342] close(4 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... close resumed>) = 0 [pid 344] close(4 [pid 342] rmdir("./232/bus" [pid 344] <... close resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 344] rmdir("./234/bus" [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./232" [pid 5061] <... close resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 5061] close(4 [pid 344] getdents64(3, [pid 342] mkdir("./233", 0777 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... mkdir resumed>) = 0 [pid 344] close(3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... close resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 344] rmdir("./234" [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... rmdir resumed>) = 0 [pid 344] mkdir("./235", 0777 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5075 ./strace-static-x86_64: Process 5074 attached [pid 5074] set_robust_list(0x555584fcf660, 24) = 0 [pid 5074] chdir("./236" [pid 344] <... mkdir resumed>) = 0 [pid 5074] <... chdir resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 344] <... openat resumed>) = 3 [pid 5074] <... prctl resumed>) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5074] setpgid(0, 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... setpgid resumed>) = 0 [pid 344] close(3executing program [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 344] <... close resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] write(3, "1000", 4) = 4 [pid 5074] close(3) = 0 [pid 5074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5074] write(1, "executing program\n", 18 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5076 [pid 5074] <... write resumed>) = 18 [pid 5074] memfd_create("syzkaller", 0) = 3 [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 ./strace-static-x86_64: Process 5076 attached [pid 5076] set_robust_list(0x555584fcf660, 24) = 0 [pid 5076] chdir("./235") = 0 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] setpgid(0, 0) = 0 executing program [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5076] write(3, "1000", 4) = 4 [pid 5076] close(3) = 0 [pid 5076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5074] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5076] write(1, "executing program\n", 18) = 18 [pid 5076] memfd_create("syzkaller", 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5076] <... memfd_create resumed>) = 3 [pid 5074] ioctl(4, LOOP_SET_FD, 3 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5075 attached [pid 5074] <... ioctl resumed>) = 0 [pid 5076] <... write resumed>) = 262144 [pid 5075] set_robust_list(0x555584fcf660, 24 [pid 5074] close(3) = 0 [pid 5074] close(4) = 0 [pid 5074] mkdir("./bus", 0777 [pid 5075] <... set_robust_list resumed>) = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5074] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5075] chdir("./233" [pid 5076] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5075] <... chdir resumed>) = 0 [pid 5076] ioctl(4, LOOP_SET_FD, 3 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] setpgid(0, 0) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5075] write(3, "1000", 4) = 4 [pid 5075] close(3) = 0 [pid 5075] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5075] write(1, "executing program\n", 18executing program ) = 18 [pid 5075] memfd_create("syzkaller", 0) = 3 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5075] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] <... ioctl resumed>) = 0 [pid 5075] <... openat resumed>) = 4 [pid 5076] close(3) = 0 [pid 5076] close(4) = 0 [pid 5076] mkdir("./bus", 0777) = 0 [pid 5075] ioctl(4, LOOP_SET_FD, 3 [pid 5076] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5075] <... ioctl resumed>) = 0 [pid 5075] close(3) = 0 [pid 5075] close(4) = 0 [pid 5075] mkdir("./bus", 0777) = 0 [pid 5075] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5061] <... close resumed>) = 0 [pid 5061] exit_group(0) = ? [pid 5061] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5061, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./236/binderfs") = 0 [ 225.866074][ T5074] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 225.903880][ T5074] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/236/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5074] <... mount resumed>) = 0 [pid 5076] <... mount resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5074] <... openat resumed>) = 3 [pid 5074] chdir("./bus" [pid 5076] <... openat resumed>) = 3 [pid 5074] <... chdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] chdir("./bus") = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5070] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5074] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 [pid 5074] ioctl(4, LOOP_CLR_FD [pid 349] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5074] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] close(4 [pid 349] newfstatat(AT_FDCWD, "./236/bus", [pid 5074] <... close resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5074] memfd_create("syzkaller", 0 [pid 349] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5074] <... memfd_create resumed>) = 4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] openat(AT_FDCWD, "./236/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./236/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./236") = 0 [pid 349] mkdir("./237", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5085 [pid 5076] <... openat resumed>) = 4 [pid 5076] ioctl(4, LOOP_CLR_FD) = 0 [pid 5076] close(4) = 0 [pid 5076] memfd_create("syzkaller", 0) = 4 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5085 attached [ 225.917933][ T5076] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 225.932467][ T5076] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/235/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5085] set_robust_list(0x555584fcf660, 24) = 0 [pid 5085] chdir("./237") = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5085] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] write(1, "executing program\n", 18executing program ) = 18 [pid 5085] memfd_create("syzkaller", 0) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5085] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5085] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5085] close(3) = 0 [pid 5085] close(4) = 0 [pid 5085] mkdir("./bus", 0777) = 0 [ 225.998068][ T5075] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5085] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5070] <... write resumed>) = 20699119 [pid 5070] munmap(0x7f7c475b3000, 138412032 [pid 5085] <... mount resumed>) = 0 [pid 5070] <... munmap resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] chdir("./bus") = 0 [pid 5070] <... openat resumed>) = 5 [pid 5085] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5070] ioctl(5, LOOP_SET_FD, 4 [pid 5075] <... mount resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5075] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5070] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] ioctl(4, LOOP_CLR_FD [pid 5070] ioctl(5, LOOP_CLR_FD [pid 5085] <... ioctl resumed>) = 0 [pid 5070] <... ioctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5085] close(4 [pid 5075] chdir("./bus" [pid 5085] <... close resumed>) = 0 [pid 5075] <... chdir resumed>) = 0 [pid 5085] memfd_create("syzkaller", 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5085] <... memfd_create resumed>) = 4 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] <... openat resumed>) = 4 [pid 5085] <... mmap resumed>) = 0x7f7c475b3000 [pid 5075] ioctl(4, LOOP_CLR_FD [pid 5070] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5075] <... ioctl resumed>) = 0 [pid 5070] close(5 [pid 5075] close(4 [pid 5070] <... close resumed>) = 0 [pid 5070] close(4 [pid 5075] <... close resumed>) = 0 [pid 5075] memfd_create("syzkaller", 0) = 4 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 226.039203][ T5075] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/233/bus supports timestamps until (%ptR?) (0x7fffffff) [ 226.060782][ T5085] ext4 filesystem being mounted at /root/syzkaller.53SCZU/237/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5076] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5074] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5070] <... close resumed>) = 0 [pid 5070] exit_group(0) = ? [pid 5070] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./238/binderfs") = 0 [pid 343] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 343] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./238/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./238/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./238/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./238") = 0 [pid 343] mkdir("./239", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5090 ./strace-static-x86_64: Process 5090 attached [pid 5090] set_robust_list(0x555584fcf660, 24) = 0 [pid 5090] chdir("./239") = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] write(3, "1000", 4) = 4 [pid 5090] close(3) = 0 [pid 5090] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] write(1, "executing program\n", 18executing program ) = 18 [pid 5090] memfd_create("syzkaller", 0) = 3 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5090] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5090] close(3) = 0 [pid 5090] close(4 [pid 5075] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5085] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5076] <... write resumed>) = 20699119 [pid 5076] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] <... close resumed>) = 0 [pid 5090] mkdir("./bus", 0777) = 0 [pid 5090] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5076] <... openat resumed>) = 5 [pid 5076] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5076] ioctl(5, LOOP_CLR_FD) = 0 [pid 5076] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5076] close(5) = 0 [pid 5076] close(4 [pid 5074] <... write resumed>) = 20699119 [pid 5074] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5074] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5074] ioctl(5, LOOP_CLR_FD) = 0 [pid 5074] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5074] close(5) = 0 [pid 5074] close(4 [pid 5090] <... mount resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] chdir("./bus") = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5090] ioctl(4, LOOP_CLR_FD) = 0 [pid 5090] close(4) = 0 [pid 5090] memfd_create("syzkaller", 0) = 4 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5076] <... close resumed>) = 0 [pid 5076] exit_group(0) = ? [pid 5076] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./235/binderfs") = 0 [pid 344] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5075] <... write resumed>) = 20699119 [ 226.384881][ T5090] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/239/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5085] <... write resumed>) = 20699119 [pid 5075] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5074] <... close resumed>) = 0 [pid 5085] munmap(0x7f7c475b3000, 138412032 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5074] exit_group(0) = ? [pid 5074] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=3, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5085] <... munmap resumed>) = 0 [pid 348] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] unlink("./236/binderfs") = 0 [pid 348] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./235/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./235/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./235/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./235") = 0 [pid 344] mkdir("./236", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] <... openat resumed>) = 5 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... openat resumed>) = 5 [pid 5075] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5094 ./strace-static-x86_64: Process 5094 attached [pid 5094] set_robust_list(0x555584fcf660, 24 [pid 5085] ioctl(5, LOOP_SET_FD, 4 [pid 5075] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... set_robust_list resumed>) = 0 [pid 5085] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5075] ioctl(5, LOOP_CLR_FD [pid 5094] chdir("./236" [pid 5085] ioctl(5, LOOP_CLR_FD [pid 5094] <... chdir resumed>) = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1000", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5094] write(1, "executing program\n", 18) = 18 [pid 5094] memfd_create("syzkaller", 0) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5094] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5085] <... ioctl resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] munmap(0x7f7c475b3000, 138412032 [pid 5085] ioctl(5, LOOP_SET_FD, 4 [pid 5075] ioctl(5, LOOP_SET_FD, 4 [pid 5085] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5075] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] close(5 [pid 5075] close(5 [pid 348] newfstatat(AT_FDCWD, "./236/bus", [pid 5085] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] close(4 [pid 5075] close(4 [pid 348] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 4 [pid 5090] <... munmap resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] ioctl(4, LOOP_SET_FD, 3 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] openat(AT_FDCWD, "./236/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./236/bus") = 0 [pid 348] getdents64(3, [pid 5094] <... ioctl resumed>) = 0 [pid 5090] <... openat resumed>) = 5 [pid 5094] close(3 [pid 5090] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5090] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... close resumed>) = 0 [pid 348] close(3 [pid 5090] ioctl(5, LOOP_CLR_FD [pid 5094] close(4 [pid 348] <... close resumed>) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 348] rmdir("./236" [pid 5094] mkdir("./bus", 0777 [pid 348] <... rmdir resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 348] mkdir("./237", 0777 [pid 5094] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... mkdir resumed>) = 0 [pid 5090] ioctl(5, LOOP_SET_FD, 4 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... openat resumed>) = 3 [pid 5090] close(5) = 0 [pid 5090] close(4 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5098 [pid 5094] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5098 attached [pid 5098] set_robust_list(0x555584fcf660, 24) = 0 [pid 5098] chdir("./237") = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5098] setpgid(0, 0) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5098] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5098] write(3, "1000", 4) = 4 [pid 5098] close(3) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5094] chdir("./bus" [pid 5098] <... symlink resumed>) = 0 executing program [pid 5098] write(1, "executing program\n", 18) = 18 [pid 5098] memfd_create("syzkaller", 0) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5094] <... chdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5094] ioctl(4, LOOP_CLR_FD) = 0 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5094] close(4 [pid 5098] <... write resumed>) = 262144 [pid 5098] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] close(3) = 0 [pid 5098] close(4 [pid 5085] <... close resumed>) = 0 [pid 5085] exit_group(0) = ? [pid 5085] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./237/binderfs") = 0 [pid 349] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5075] exit_group(0) = ? [pid 5075] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5090] <... close resumed>) = 0 [pid 5090] exit_group(0) = ? [pid 5090] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=3, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] unlink("./233/binderfs" [pid 343] <... openat resumed>) = 3 [pid 342] <... unlink resumed>) = 0 [pid 343] newfstatat(3, "", [pid 342] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./239/binderfs") = 0 [pid 343] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5098] <... close resumed>) = 0 [pid 5098] mkdir("./bus", 0777) = 0 [ 226.621594][ T5094] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/236/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5098] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5094] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 349] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] memfd_create("syzkaller", 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./237/bus", [pid 342] newfstatat(AT_FDCWD, "./233/bus", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./233/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./237/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./233/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 4 [pid 342] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", [pid 342] newfstatat(4, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 342] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 342] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 342] close(4 [pid 349] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] rmdir("./237/bus" [pid 342] rmdir("./233/bus" [pid 349] <... rmdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 342] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5094] <... memfd_create resumed>) = 4 [pid 349] close(3 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] close(3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] newfstatat(AT_FDCWD, "./239/bus", [pid 5094] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... close resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... close resumed>) = 0 [pid 343] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./239/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./239/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./239") = 0 [pid 343] mkdir("./240", 0777 [pid 349] rmdir("./237" [pid 343] <... mkdir resumed>) = 0 [pid 342] rmdir("./233" [pid 5098] <... mount resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... rmdir resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 5098] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] mkdir("./238", 0777 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] <... rmdir resumed>) = 0 [pid 5098] <... openat resumed>) = 3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5098] chdir("./bus" [pid 349] <... mkdir resumed>) = 0 [pid 343] close(3 [pid 342] mkdir("./234", 0777 [pid 5098] <... chdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5102 ./strace-static-x86_64: Process 5102 attached [pid 5102] set_robust_list(0x555584fcf660, 24) = 0 [pid 5102] chdir("./240") = 0 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5102] setpgid(0, 0) = 0 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3) = 0 [pid 5102] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5102] write(1, "executing program\n", 18executing program ) = 18 [pid 5102] memfd_create("syzkaller", 0) = 3 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] <... mkdir resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] <... openat resumed>) = 3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] close(3 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... close resumed>) = 0 [pid 342] close(3 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... close resumed>) = 0 [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5103 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5104 [pid 5102] <... write resumed>) = 262144 [pid 5102] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5102] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5103 attached [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5103] set_robust_list(0x555584fcf660, 24) = 0 [pid 5103] chdir("./238") = 0 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5103] write(1, "executing program\n", 18executing program ) = 18 [pid 5103] memfd_create("syzkaller", 0) = 3 [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5102] <... ioctl resumed>) = 0 [pid 5098] <... openat resumed>) = 4 [pid 5102] close(3) = 0 [pid 5102] close(4 [pid 5098] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 5104 attached [pid 5103] <... write resumed>) = 262144 [pid 5103] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5103] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5104] set_robust_list(0x555584fcf660, 24) = 0 [pid 5104] chdir("./234") = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5104] write(1, "executing program\n", 18executing program ) = 18 [pid 5104] memfd_create("syzkaller", 0) = 3 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5104] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5102] <... close resumed>) = 0 [pid 5102] mkdir("./bus", 0777) = 0 [pid 5102] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5104] <... openat resumed>) = 4 [pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] <... ioctl resumed>) = 0 [pid 5104] close(3 [pid 5098] close(4) = 0 [pid 5098] memfd_create("syzkaller", 0 [pid 5103] <... openat resumed>) = 4 [pid 5103] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... memfd_create resumed>) = 4 [pid 5104] <... close resumed>) = 0 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5104] close(4 [pid 5098] <... mmap resumed>) = 0x7f7c475b3000 [pid 5103] <... ioctl resumed>) = 0 [pid 5103] close(3) = 0 [pid 5103] close(4) = 0 [pid 5103] mkdir("./bus", 0777) = 0 [ 226.861493][ T5098] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/237/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5103] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5094] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5102] <... mount resumed>) = 0 [pid 5102] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5102] chdir("./bus") = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5104] <... close resumed>) = 0 [pid 5102] <... openat resumed>) = 4 [pid 5102] ioctl(4, LOOP_CLR_FD) = 0 [pid 5102] close(4 [pid 5104] mkdir("./bus", 0777 [pid 5102] <... close resumed>) = 0 [pid 5104] <... mkdir resumed>) = 0 [pid 5102] memfd_create("syzkaller", 0 [pid 5104] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5102] <... memfd_create resumed>) = 4 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 226.953707][ T5102] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/240/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5098] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5103] <... mount resumed>) = 0 [pid 5103] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5103] chdir("./bus") = 0 [pid 5103] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5103] ioctl(4, LOOP_CLR_FD) = 0 [pid 5103] close(4) = 0 [pid 5103] memfd_create("syzkaller", 0) = 4 [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5094] <... write resumed>) = 20699119 [pid 5094] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5104] <... mount resumed>) = 0 [pid 5104] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5104] chdir("./bus") = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5104] ioctl(4, LOOP_CLR_FD) = 0 [pid 5104] close(4 [pid 5094] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5094] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5094] ioctl(5, LOOP_CLR_FD) = 0 [ 227.032708][ T5103] ext4 filesystem being mounted at /root/syzkaller.53SCZU/238/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5094] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5094] close(5) = 0 [pid 5094] close(4 [pid 5104] <... close resumed>) = 0 [pid 5104] memfd_create("syzkaller", 0) = 4 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5098] <... write resumed>) = 20699119 [pid 5102] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 227.108295][ T5104] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/234/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5098] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5098] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5098] ioctl(5, LOOP_CLR_FD) = 0 [pid 5098] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5098] close(5) = 0 [pid 5098] close(4 [pid 5094] <... close resumed>) = 0 [pid 5094] exit_group(0) = ? [pid 5094] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=3, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./236/binderfs") = 0 [pid 344] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5103] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./236/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./236/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./236/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./236") = 0 [pid 344] mkdir("./237", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5114 ./strace-static-x86_64: Process 5114 attached [pid 5114] set_robust_list(0x555584fcf660, 24) = 0 [pid 5114] chdir("./237") = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5114] write(1, "executing program\n", 18executing program ) = 18 [pid 5114] memfd_create("syzkaller", 0) = 3 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5114] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5114] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5114] close(3) = 0 [pid 5114] close(4) = 0 [pid 5114] mkdir("./bus", 0777) = 0 [pid 5114] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5098] <... close resumed>) = 0 [pid 5098] exit_group(0) = ? [pid 5098] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5104] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./237/binderfs") = 0 [pid 348] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] <... mount resumed>) = 0 [pid 5114] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5114] chdir("./bus") = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5102] <... write resumed>) = 20699119 [pid 5102] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5103] <... write resumed>) = 20699119 [pid 5103] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5103] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5104] <... write resumed>) = 20699119 [pid 5104] munmap(0x7f7c475b3000, 138412032) = 0 [ 227.358842][ T5114] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/237/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5114] <... openat resumed>) = 4 [pid 5103] <... openat resumed>) = 5 [pid 5102] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 5114] ioctl(4, LOOP_CLR_FD [pid 5102] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] <... ioctl resumed>) = 0 [pid 5102] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5114] close(4 [pid 5102] ioctl(5, LOOP_CLR_FD [pid 348] newfstatat(AT_FDCWD, "./237/bus", [pid 5114] <... close resumed>) = 0 [pid 5104] <... openat resumed>) = 5 [pid 5102] <... ioctl resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5114] memfd_create("syzkaller", 0) = 4 [pid 348] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5104] ioctl(5, LOOP_SET_FD, 4 [pid 5103] ioctl(5, LOOP_SET_FD, 4 [pid 348] openat(AT_FDCWD, "./237/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5102] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... openat resumed>) = 4 [pid 5102] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] newfstatat(4, "", [pid 5102] close(5 [pid 5104] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5102] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5102] close(4 [pid 5103] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5104] ioctl(5, LOOP_CLR_FD) = 0 [pid 5103] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./237/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./237") = 0 [pid 348] mkdir("./238", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5118 [pid 5104] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5104] close(5 [pid 5103] ioctl(5, LOOP_SET_FD, 4 [pid 5104] <... close resumed>) = 0 [pid 5103] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5103] close(5 [pid 5104] close(4 [pid 5103] <... close resumed>) = 0 ./strace-static-x86_64: Process 5118 attached [pid 5103] close(4 [pid 5118] set_robust_list(0x555584fcf660, 24) = 0 [pid 5118] chdir("./238") = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [pid 5118] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5118] write(1, "executing program\n", 18) = 18 [pid 5118] memfd_create("syzkaller", 0) = 3 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5118] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5118] close(3) = 0 [pid 5118] close(4 [pid 5102] <... close resumed>) = 0 [pid 5102] exit_group(0) = ? [pid 5102] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=4, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./240/binderfs") = 0 [pid 343] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5118] <... close resumed>) = 0 [pid 5118] mkdir("./bus", 0777) = 0 [pid 5118] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5103] <... close resumed>) = 0 [pid 5104] <... close resumed>) = 0 [pid 5103] exit_group(0) = ? [pid 5103] +++ exited with 0 +++ [pid 5104] exit_group(0 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 5104] <... exit_group resumed>) = ? [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5104] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 349] <... restart_syscall resumed>) = 0 [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(3, "", [pid 342] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] newfstatat(3, "", [pid 349] getdents64(3, [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] getdents64(3, [pid 349] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] newfstatat(AT_FDCWD, "./238/binderfs", [pid 342] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] unlink("./238/binderfs" [pid 342] newfstatat(AT_FDCWD, "./234/binderfs", [pid 349] <... unlink resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] unlink("./234/binderfs") = 0 [pid 342] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5118] <... mount resumed>) = 0 [pid 5118] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5118] chdir("./bus") = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5114] <... write resumed>) = 20699119 [pid 5114] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... umount2 resumed>) = 0 [ 227.637979][ T5118] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/238/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5114] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 5114] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5114] ioctl(5, LOOP_CLR_FD) = 0 [pid 5118] <... openat resumed>) = 4 [pid 5118] ioctl(4, LOOP_CLR_FD) = 0 [pid 5118] close(4) = 0 [pid 5118] memfd_create("syzkaller", 0) = 4 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] <... umount2 resumed>) = 0 [pid 343] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5114] close(5) = 0 [pid 5114] close(4 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./240/bus", [pid 349] newfstatat(AT_FDCWD, "./238/bus", [pid 342] newfstatat(AT_FDCWD, "./234/bus", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./240/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] umount2("./234/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "./238/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", [pid 342] openat(AT_FDCWD, "./234/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] newfstatat(4, "", [pid 342] <... openat resumed>) = 4 [pid 343] getdents64(4, [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 342] newfstatat(4, "", [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 349] getdents64(4, [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4 [pid 349] close(4 [pid 343] <... close resumed>) = 0 [pid 342] getdents64(4, [pid 349] <... close resumed>) = 0 [pid 343] rmdir("./240/bus" [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] rmdir("./238/bus" [pid 342] close(4 [pid 349] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] getdents64(3, [pid 343] getdents64(3, [pid 342] rmdir("./234/bus" [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 342] getdents64(3, [pid 343] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] rmdir("./238" [pid 343] rmdir("./240" [pid 349] <... rmdir resumed>) = 0 [pid 342] close(3 [pid 343] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 349] mkdir("./239", 0777 [pid 342] rmdir("./234" [pid 343] mkdir("./241", 0777 [pid 342] <... rmdir resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] mkdir("./235", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] <... openat resumed>) = 3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3 [pid 349] close(3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 343] <... close resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5122 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5123 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5124 ./strace-static-x86_64: Process 5123 attached [pid 5123] set_robust_list(0x555584fcf660, 24) = 0 [pid 5123] chdir("./239") = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5124 attached ./strace-static-x86_64: Process 5122 attached [pid 5124] set_robust_list(0x555584fcf660, 24 [pid 5122] set_robust_list(0x555584fcf660, 24) = 0 [pid 5122] chdir("./241" [pid 5123] setpgid(0, 0 [pid 5124] <... set_robust_list resumed>) = 0 [pid 5124] chdir("./235" [pid 5123] <... setpgid resumed>) = 0 [pid 5122] <... chdir resumed>) = 0 [pid 5124] <... chdir resumed>) = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5122] <... prctl resumed>) = 0 [pid 5124] <... prctl resumed>) = 0 [pid 5122] setpgid(0, 0 [pid 5124] setpgid(0, 0 [pid 5122] <... setpgid resumed>) = 0 [pid 5124] <... setpgid resumed>) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5124] <... openat resumed>) = 3 [pid 5122] <... openat resumed>) = 3 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5122] write(3, "1000", 4 [pid 5124] write(3, "1000", 4 [pid 5122] <... write resumed>) = 4 [pid 5124] <... write resumed>) = 4 [pid 5124] close(3 [pid 5122] close(3 [pid 5124] <... close resumed>) = 0 [pid 5122] <... close resumed>) = 0 [pid 5122] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5123] <... openat resumed>) = 3 executing program [pid 5124] write(1, "executing program\n", 18) = 18 executing program [pid 5123] write(3, "1000", 4 [pid 5124] memfd_create("syzkaller", 0 [pid 5122] write(1, "executing program\n", 18) = 18 [pid 5122] memfd_create("syzkaller", 0 [pid 5124] <... memfd_create resumed>) = 3 [pid 5122] <... memfd_create resumed>) = 3 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5123] <... write resumed>) = 4 [pid 5122] <... mmap resumed>) = 0x7f7c475b3000 [pid 5123] close(3) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5123] write(1, "executing program\n", 18) = 18 [pid 5123] memfd_create("syzkaller", 0) = 3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5123] <... write resumed>) = 262144 [pid 5123] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5122] <... write resumed>) = 262144 [pid 5124] <... write resumed>) = 262144 [pid 5124] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5122] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5122] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5124] ioctl(4, LOOP_SET_FD, 3 [pid 5122] ioctl(4, LOOP_SET_FD, 3 [pid 5123] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5124] <... ioctl resumed>) = 0 [pid 5124] close(3) = 0 [pid 5124] close(4 [pid 5122] <... ioctl resumed>) = 0 [pid 5123] <... openat resumed>) = 4 [pid 5122] close(3) = 0 [pid 5122] close(4 [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5114] <... close resumed>) = 0 [pid 5114] exit_group(0) = ? [pid 5114] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./237/binderfs") = 0 [pid 344] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5118] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5124] <... close resumed>) = 0 [pid 5122] <... close resumed>) = 0 [pid 5122] mkdir("./bus", 0777 [pid 5124] mkdir("./bus", 0777 [pid 5122] <... mkdir resumed>) = 0 [pid 5122] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5123] <... ioctl resumed>) = 0 [pid 5124] <... mkdir resumed>) = 0 [pid 5124] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5123] close(3) = 0 [pid 5123] close(4 [pid 5118] <... write resumed>) = 20699119 [pid 5118] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5122] <... mount resumed>) = 0 [pid 5122] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5122] chdir("./bus") = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5123] <... close resumed>) = 0 [pid 5118] <... openat resumed>) = 5 [pid 5123] mkdir("./bus", 0777 [pid 5118] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5123] <... mkdir resumed>) = 0 [pid 5118] ioctl(5, LOOP_CLR_FD [ 227.918497][ T5122] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/241/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5123] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./237/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./237/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./237/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./237") = 0 [pid 344] mkdir("./238", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5130 ./strace-static-x86_64: Process 5130 attached [pid 5130] set_robust_list(0x555584fcf660, 24) = 0 [pid 5130] chdir("./238") = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5130] write(1, "executing program\n", 18) = 18 [pid 5130] memfd_create("syzkaller", 0) = 3 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5130] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5123] <... mount resumed>) = 0 [pid 5123] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5123] chdir("./bus") = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5122] <... openat resumed>) = 4 [pid 5118] <... ioctl resumed>) = 0 [pid 5122] ioctl(4, LOOP_CLR_FD) = 0 [pid 5122] close(4) = 0 [pid 5122] memfd_create("syzkaller", 0) = 4 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5118] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5118] close(5) = 0 [pid 5118] close(4 [pid 5123] <... openat resumed>) = 4 [pid 5123] ioctl(4, LOOP_CLR_FD) = 0 [pid 5130] <... openat resumed>) = 4 [pid 5130] ioctl(4, LOOP_SET_FD, 3 [ 228.029053][ T5123] ext4 filesystem being mounted at /root/syzkaller.53SCZU/239/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5123] close(4 [pid 5130] <... ioctl resumed>) = 0 [pid 5130] close(3) = 0 [pid 5130] close(4 [pid 5124] <... mount resumed>) = 0 [pid 5124] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5124] chdir("./bus") = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5118] <... close resumed>) = 0 [pid 5118] exit_group(0) = ? [pid 5118] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=6, si_stime=9} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./238/binderfs") = 0 [pid 348] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5130] <... close resumed>) = 0 [pid 5124] <... openat resumed>) = 4 [pid 5123] <... close resumed>) = 0 [pid 5130] mkdir("./bus", 0777 [pid 5124] ioctl(4, LOOP_CLR_FD [pid 5123] memfd_create("syzkaller", 0 [pid 5130] <... mkdir resumed>) = 0 [pid 5124] <... ioctl resumed>) = 0 [pid 5130] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5124] close(4 [pid 5123] <... memfd_create resumed>) = 4 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5124] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 5124] memfd_create("syzkaller", 0) = 4 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 228.109410][ T5124] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/235/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 348] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./238/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./238/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./238/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./238") = 0 [pid 348] mkdir("./239", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5136 [pid 5122] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 5136 attached [pid 5136] set_robust_list(0x555584fcf660, 24) = 0 [pid 5136] chdir("./239") = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5136] write(1, "executing program\n", 18) = 18 [pid 5136] memfd_create("syzkaller", 0) = 3 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5136] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5136] close(3) = 0 [pid 5136] close(4) = 0 [pid 5136] mkdir("./bus", 0777) = 0 [pid 5136] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5130] <... mount resumed>) = 0 [pid 5130] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5130] chdir("./bus") = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5130] ioctl(4, LOOP_CLR_FD) = 0 [pid 5130] close(4) = 0 [pid 5130] memfd_create("syzkaller", 0) = 4 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 228.235093][ T5130] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/238/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5123] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5122] <... write resumed>) = 20699119 [pid 5136] <... mount resumed>) = 0 [pid 5136] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5136] chdir("./bus") = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_CLR_FD) = 0 [pid 5136] close(4 [pid 5122] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5136] <... close resumed>) = 0 [pid 5136] memfd_create("syzkaller", 0 [pid 5122] ioctl(5, LOOP_SET_FD, 4 [pid 5136] <... memfd_create resumed>) = 4 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5122] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5122] ioctl(5, LOOP_CLR_FD) = 0 [pid 5122] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5122] close(5) = 0 [ 228.321107][ T5136] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/239/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5122] close(4 [pid 5124] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5123] <... write resumed>) = 20699119 [pid 5123] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5123] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5123] ioctl(5, LOOP_CLR_FD) = 0 [pid 5123] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5123] close(5 [pid 5122] <... close resumed>) = 0 [pid 5122] exit_group(0) = ? [pid 5123] <... close resumed>) = 0 [pid 5123] close(4 [pid 5122] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=9, si_stime=17} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./241/binderfs") = 0 [pid 343] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 343] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./241/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./241/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./241/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./241") = 0 [pid 343] mkdir("./242", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5142 [pid 5124] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 5142 attached [pid 5142] set_robust_list(0x555584fcf660, 24) = 0 [pid 5142] chdir("./242") = 0 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5142] write(3, "1000", 4) = 4 [pid 5142] close(3) = 0 [pid 5142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] write(1, "executing program\n", 18executing program ) = 18 [pid 5142] memfd_create("syzkaller", 0) = 3 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5130] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5142] <... write resumed>) = 262144 [pid 5142] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5124] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5142] <... ioctl resumed>) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5142] close(3 [pid 5124] <... openat resumed>) = 5 [pid 5142] <... close resumed>) = 0 [pid 5124] ioctl(5, LOOP_SET_FD, 4 [pid 5142] close(4 [pid 5124] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5142] <... close resumed>) = 0 [pid 5124] ioctl(5, LOOP_CLR_FD [pid 5142] mkdir("./bus", 0777 [pid 5124] <... ioctl resumed>) = 0 [pid 5142] <... mkdir resumed>) = 0 [pid 5142] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5124] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5124] close(5 [pid 5136] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5123] <... close resumed>) = 0 [pid 5123] exit_group(0) = ? [pid 5123] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5124] <... close resumed>) = 0 [pid 349] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5124] close(4 [pid 349] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./239/binderfs") = 0 [pid 349] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5130] <... write resumed>) = 20699119 [pid 5130] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5136] <... write resumed>) = 20699119 [pid 5136] munmap(0x7f7c475b3000, 138412032 [pid 5142] <... mount resumed>) = 0 [pid 5142] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] chdir("./bus" [pid 5136] <... munmap resumed>) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5142] <... chdir resumed>) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5130] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 5130] ioctl(5, LOOP_SET_FD, 4 [pid 5142] <... openat resumed>) = 4 [pid 5130] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5130] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./239/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./239/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5142] ioctl(4, LOOP_CLR_FD [pid 349] getdents64(4, [pid 5130] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5130] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] close(4 [pid 5130] close(5 [pid 349] <... close resumed>) = 0 [pid 5142] <... ioctl resumed>) = 0 [pid 5130] <... close resumed>) = 0 [pid 349] rmdir("./239/bus" [pid 5142] close(4 [pid 5130] close(4 [pid 349] <... rmdir resumed>) = 0 [pid 5142] <... close resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 5142] memfd_create("syzkaller", 0 [pid 349] <... close resumed>) = 0 [pid 5142] <... memfd_create resumed>) = 4 [pid 349] rmdir("./239" [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./240", 0777 [pid 5142] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5146 [pid 5136] <... openat resumed>) = 5 [pid 5136] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5136] ioctl(5, LOOP_CLR_FD) = 0 [pid 5136] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5136] close(5./strace-static-x86_64: Process 5146 attached ) = 0 [pid 5124] <... close resumed>) = 0 [pid 5136] close(4 [pid 5146] set_robust_list(0x555584fcf660, 24 [pid 5124] exit_group(0 [pid 5146] <... set_robust_list resumed>) = 0 [pid 5124] <... exit_group resumed>) = ? [pid 5146] chdir("./240" [pid 5124] +++ exited with 0 +++ [pid 5146] <... chdir resumed>) = 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=4, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] setpgid(0, 0) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] write(3, "1000", 4) = 4 [pid 5146] close(3) = 0 [pid 5146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5146] write(1, "executing program\n", 18executing program ) = 18 [pid 5146] memfd_create("syzkaller", 0) = 3 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5146] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5146] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5146] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./235/binderfs") = 0 [pid 342] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5146] <... ioctl resumed>) = 0 [pid 5146] close(3) = 0 [ 228.659626][ T5142] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/242/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5146] close(4) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5146] mkdir("./bus", 0777 [pid 342] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5146] <... mkdir resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./235/bus", [pid 5146] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./235/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./235/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./235/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5130] <... close resumed>) = 0 [pid 342] close(3 [pid 5130] exit_group(0 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./235") = 0 [pid 5130] <... exit_group resumed>) = ? [pid 5130] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 342] mkdir("./236", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./238/binderfs") = 0 [pid 344] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5148 [pid 5136] <... close resumed>) = 0 [pid 5136] exit_group(0) = ? [pid 5142] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5136] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5148 attached [pid 5148] set_robust_list(0x555584fcf660, 24) = 0 [pid 5148] chdir("./236") = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5148] write(1, "executing program\n", 18) = 18 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5148] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./239/binderfs") = 0 [pid 348] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5146] <... mount resumed>) = 0 [pid 5146] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5146] chdir("./bus") = 0 [pid 5146] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5142] <... write resumed>) = 20699119 [pid 5142] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 5148] <... openat resumed>) = 4 [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5142] ioctl(5, LOOP_SET_FD, 4 [pid 344] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5148] <... ioctl resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] close(3 [pid 5142] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] newfstatat(AT_FDCWD, "./238/bus", [pid 5148] <... close resumed>) = 0 [pid 5148] close(4 [pid 5142] ioctl(5, LOOP_CLR_FD [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./238/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./238/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./238") = 0 [pid 344] mkdir("./239", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5148] <... close resumed>) = 0 [pid 5146] <... openat resumed>) = 4 [pid 5148] mkdir("./bus", 0777) = 0 [pid 5146] ioctl(4, LOOP_CLR_FD [ 228.833100][ T5146] ext4 filesystem being mounted at /root/syzkaller.53SCZU/240/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5148] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5142] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./239/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./239/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./239/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./239") = 0 [pid 348] mkdir("./240", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5152 ./strace-static-x86_64: Process 5152 attached [pid 5152] set_robust_list(0x555584fcf660, 24) = 0 [pid 5152] chdir("./240") = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3 [pid 5146] <... ioctl resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 5146] close(4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5146] <... close resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5146] memfd_create("syzkaller", 0 [pid 344] close(3 [pid 5146] <... memfd_create resumed>) = 4 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] <... close resumed>) = 0 [pid 5146] <... mmap resumed>) = 0x7f7c475b3000 [pid 5152] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5153 ./strace-static-x86_64: Process 5153 attached [pid 5153] set_robust_list(0x555584fcf660, 24) = 0 [pid 5153] chdir("./239") = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5153] setpgid(0, 0) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5153] write(3, "1000", 4) = 4 [pid 5153] close(3) = 0 [pid 5153] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5153] write(1, "executing program\n", 18) = 18 [pid 5153] memfd_create("syzkaller", 0) = 3 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] ioctl(5, LOOP_SET_FD, 4 [pid 5152] write(1, "executing program\n", 18executing program [pid 5142] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5152] <... write resumed>) = 18 [pid 5142] close(5) = 0 [pid 5152] memfd_create("syzkaller", 0 [pid 5142] close(4 [pid 5152] <... memfd_create resumed>) = 3 [pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5153] <... write resumed>) = 262144 [pid 5153] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5153] ioctl(4, LOOP_SET_FD, 3 [pid 5152] <... write resumed>) = 262144 [pid 5153] <... ioctl resumed>) = 0 [pid 5153] close(3) = 0 [pid 5153] close(4 [pid 5152] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5148] <... mount resumed>) = 0 [pid 5148] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5153] <... close resumed>) = 0 [pid 5152] <... openat resumed>) = 4 [pid 5148] chdir("./bus" [pid 5153] mkdir("./bus", 0777 [pid 5152] ioctl(4, LOOP_SET_FD, 3 [pid 5148] <... chdir resumed>) = 0 [pid 5153] <... mkdir resumed>) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5153] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5152] <... ioctl resumed>) = 0 [pid 5148] <... openat resumed>) = 4 [pid 5152] close(3 [pid 5148] ioctl(4, LOOP_CLR_FD [pid 5152] <... close resumed>) = 0 [pid 5148] <... ioctl resumed>) = 0 [pid 5152] close(4 [pid 5148] close(4 [pid 5152] <... close resumed>) = 0 [pid 5148] <... close resumed>) = 0 [pid 5152] mkdir("./bus", 0777 [pid 5148] memfd_create("syzkaller", 0 [pid 5152] <... mkdir resumed>) = 0 [pid 5148] <... memfd_create resumed>) = 4 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5152] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5148] <... mmap resumed>) = 0x7f7c475b3000 [pid 5153] <... mount resumed>) = 0 [pid 5153] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5153] chdir("./bus") = 0 [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5153] ioctl(4, LOOP_CLR_FD) = 0 [pid 5153] close(4) = 0 [pid 5153] memfd_create("syzkaller", 0) = 4 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 228.993241][ T5148] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/236/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5142] <... close resumed>) = 0 [pid 5142] exit_group(0) = ? [pid 5142] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=6, si_stime=9} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./242/binderfs") = 0 [pid 343] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5146] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5152] <... mount resumed>) = 0 [pid 5152] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5152] chdir("./bus") = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 343] <... umount2 resumed>) = 0 [ 229.051730][ T5153] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/239/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5152] ioctl(4, LOOP_CLR_FD [pid 343] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5152] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./242/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./242/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5152] close(4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./242/bus") = 0 [pid 5152] <... close resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./242") = 0 [pid 343] mkdir("./243", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5162 [pid 5152] memfd_create("syzkaller", 0) = 4 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5162 attached [pid 5162] set_robust_list(0x555584fcf660, 24) = 0 [pid 5162] chdir("./243") = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5162] setpgid(0, 0) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5162] write(3, "1000", 4) = 4 [pid 5162] close(3) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5162] write(1, "executing program\n", 18executing program ) = 18 [pid 5162] memfd_create("syzkaller", 0) = 3 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5162] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5162] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5162] close(3) = 0 [pid 5162] close(4) = 0 [pid 5162] mkdir("./bus", 0777) = 0 [ 229.116648][ T5152] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/240/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5162] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5148] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5162] <... mount resumed>) = 0 [pid 5162] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5162] chdir("./bus") = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5162] ioctl(4, LOOP_CLR_FD) = 0 [pid 5162] close(4) = 0 [pid 5162] memfd_create("syzkaller", 0) = 4 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 229.216973][ T5162] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/243/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5146] <... write resumed>) = 20699119 [pid 5146] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5146] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5146] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5146] ioctl(5, LOOP_CLR_FD) = 0 [pid 5146] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5146] close(5) = 0 [pid 5146] close(4 [pid 5152] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5153] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5162] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5148] <... write resumed>) = 20699119 [pid 5148] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5148] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5148] ioctl(5, LOOP_CLR_FD) = 0 [pid 5148] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5148] close(5) = 0 [pid 5148] close(4 [pid 5146] <... close resumed>) = 0 [pid 5152] <... write resumed>) = 20699119 [pid 5152] munmap(0x7f7c475b3000, 138412032 [pid 5146] exit_group(0) = ? [pid 5146] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=9, si_stime=9} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5152] <... munmap resumed>) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5152] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5152] ioctl(5, LOOP_CLR_FD) = 0 [pid 5152] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5152] close(5) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 5152] close(4 [pid 349] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./240/binderfs") = 0 [pid 349] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5162] <... write resumed>) = 20699119 [pid 5153] <... write resumed>) = 20699119 [pid 5153] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5148] <... close resumed>) = 0 [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ [pid 5162] munmap(0x7f7c475b3000, 138412032 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5162] <... munmap resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5153] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 5153] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5153] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./240/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./240/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./240/bus" [pid 5153] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] <... rmdir resumed>) = 0 [pid 342] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] close(5) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5153] close(4 [pid 349] getdents64(3, [pid 5162] <... openat resumed>) = 5 [pid 5152] <... close resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] close(3) = 0 [pid 349] rmdir("./240") = 0 [pid 342] <... openat resumed>) = 3 [pid 349] mkdir("./241", 0777) = 0 [pid 342] newfstatat(3, "", [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5166 [pid 5162] ioctl(5, LOOP_SET_FD, 4 [pid 5152] exit_group(0 [pid 342] getdents64(3, ./strace-static-x86_64: Process 5166 attached 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5166] set_robust_list(0x555584fcf660, 24) = 0 [pid 5166] chdir("./241" [pid 342] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5166] <... chdir resumed>) = 0 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5166] setpgid(0, 0) = 0 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] write(3, "1000", 4 [pid 342] newfstatat(AT_FDCWD, "./236/binderfs", [pid 5166] <... write resumed>) = 4 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5166] close(3 [pid 342] unlink("./236/binderfs" [pid 5166] <... close resumed>) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs" [pid 342] <... unlink resumed>) = 0 executing program [pid 342] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5166] <... symlink resumed>) = 0 [pid 5166] write(1, "executing program\n", 18) = 18 [pid 5166] memfd_create("syzkaller", 0) = 3 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5162] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5152] <... exit_group resumed>) = ? [pid 5162] ioctl(5, LOOP_CLR_FD [pid 5166] <... write resumed>) = 262144 [pid 5166] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5152] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./240/binderfs") = 0 [pid 348] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] <... close resumed>) = 0 [pid 5153] exit_group(0) = ? [pid 5153] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./239/binderfs") = 0 [pid 344] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5162] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./236/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./236/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./236/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 5162] ioctl(5, LOOP_SET_FD, 4 [pid 342] rmdir("./236/bus" [pid 5162] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... rmdir resumed>) = 0 [pid 5162] close(5 [pid 342] getdents64(3, [pid 5162] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5162] close(4 [pid 342] close(3 [pid 5166] <... openat resumed>) = 4 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./236" [pid 5166] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... rmdir resumed>) = 0 [pid 342] mkdir("./237", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5162] <... close resumed>) = 0 [pid 5162] exit_group(0) = ? [pid 5166] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 5166] close(3 [pid 348] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] ioctl(3, LOOP_CLR_FD [pid 5166] <... close resumed>) = 0 [pid 5162] +++ exited with 0 +++ [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./240/bus", [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 348] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./240/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5166] close(4 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./240/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./240") = 0 [pid 348] mkdir("./241", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./243/binderfs") = 0 [pid 343] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] close(3 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./239/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./239/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./239/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./239") = 0 [pid 344] mkdir("./240", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5166] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... openat resumed>) = 3 [pid 342] <... close resumed>) = 0 [pid 5166] mkdir("./bus", 0777 [pid 348] close(3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5166] <... mkdir resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5166] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5168 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./243/bus", ./strace-static-x86_64: Process 5168 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5168] set_robust_list(0x555584fcf660, 24 [pid 343] openat(AT_FDCWD, "./243/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5168] <... set_robust_list resumed>) = 0 [pid 343] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 5168] chdir("./237" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5168] <... chdir resumed>) = 0 [pid 343] close(4 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] <... close resumed>) = 0 [pid 5168] <... prctl resumed>) = 0 [pid 343] rmdir("./243/bus" [pid 5168] setpgid(0, 0) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./243" [pid 5168] <... openat resumed>) = 3 [pid 5168] write(3, "1000", 4) = 4 [pid 5168] close(3 [pid 343] <... rmdir resumed>) = 0 [pid 5168] <... close resumed>) = 0 [pid 343] mkdir("./244", 0777executing program [pid 5168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5168] write(1, "executing program\n", 18) = 18 [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5168] memfd_create("syzkaller", 0) = 3 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5168] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... close resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] close(3) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5169 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5170 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5168] <... openat resumed>) = 4 [pid 343] close(3 [pid 5168] ioctl(4, LOOP_SET_FD, 3 [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5170 attached [pid 5170] set_robust_list(0x555584fcf660, 24) = 0 [pid 5170] chdir("./240" [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5172 [pid 5170] <... chdir resumed>) = 0 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5170] setpgid(0, 0) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5170] write(3, "1000", 4) = 4 [pid 5170] close(3) = 0 [pid 5170] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5170] write(1, "executing program\n", 18) = 18 [pid 5170] memfd_create("syzkaller", 0) = 3 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5169 attached ./strace-static-x86_64: Process 5172 attached [pid 5169] set_robust_list(0x555584fcf660, 24 [pid 5168] <... ioctl resumed>) = 0 [pid 5168] close(3) = 0 [pid 5168] close(4 [pid 5169] <... set_robust_list resumed>) = 0 [pid 5169] chdir("./241" [pid 5172] set_robust_list(0x555584fcf660, 24 [pid 5169] <... chdir resumed>) = 0 [pid 5172] <... set_robust_list resumed>) = 0 [pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5172] chdir("./244" [pid 5169] <... prctl resumed>) = 0 [pid 5169] setpgid(0, 0 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5169] <... setpgid resumed>) = 0 [pid 5172] <... chdir resumed>) = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] <... prctl resumed>) = 0 [pid 5169] write(3, "1000", 4 [pid 5172] setpgid(0, 0 [pid 5170] <... write resumed>) = 262144 [pid 5170] munmap(0x7f7c475b3000, 138412032 [pid 5169] <... write resumed>) = 4 [pid 5172] <... setpgid resumed>) = 0 [pid 5169] close(3 [pid 5170] <... munmap resumed>) = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5169] <... close resumed>) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5169] symlink("/dev/binderfs", "./binderfs" [pid 5172] <... openat resumed>) = 3 [pid 5169] <... symlink resumed>) = 0 [pid 5169] write(1, "executing program\n", 18executing program ) = 18 [pid 5169] memfd_create("syzkaller", 0) = 3 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5172] write(3, "1000", 4 [pid 5169] <... write resumed>) = 262144 [pid 5172] <... write resumed>) = 4 [pid 5172] close(3executing program ) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5172] write(1, "executing program\n", 18) = 18 [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5166] <... mount resumed>) = 0 [pid 5169] munmap(0x7f7c475b3000, 138412032 [pid 5168] <... close resumed>) = 0 [pid 5169] <... munmap resumed>) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5169] ioctl(4, LOOP_SET_FD, 3 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5168] mkdir("./bus", 0777 [pid 5166] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5172] <... write resumed>) = 262144 [pid 5172] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5168] <... mkdir resumed>) = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5168] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5169] <... ioctl resumed>) = 0 [pid 5169] close(3) = 0 [pid 5169] close(4 [pid 5166] <... openat resumed>) = 3 [pid 5166] chdir("./bus") = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5169] <... close resumed>) = 0 [pid 5170] <... openat resumed>) = 4 [pid 5169] mkdir("./bus", 0777 [pid 5170] ioctl(4, LOOP_SET_FD, 3 [pid 5169] <... mkdir resumed>) = 0 [pid 5169] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5170] <... ioctl resumed>) = 0 [pid 5170] close(3) = 0 [pid 5170] close(4 [pid 5172] <... openat resumed>) = 4 [pid 5172] ioctl(4, LOOP_SET_FD, 3 [pid 5166] <... openat resumed>) = 4 [pid 5166] ioctl(4, LOOP_CLR_FD [pid 5168] <... mount resumed>) = 0 [pid 5168] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5168] chdir("./bus") = 0 [ 229.810578][ T5166] ext4 filesystem being mounted at /root/syzkaller.53SCZU/241/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5169] <... mount resumed>) = 0 [pid 5169] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5169] chdir("./bus") = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5170] <... close resumed>) = 0 [pid 5172] <... ioctl resumed>) = 0 [pid 5172] close(3) = 0 [pid 5172] close(4 [pid 5166] <... ioctl resumed>) = 0 [pid 5166] close(4 [pid 5170] mkdir("./bus", 0777) = 0 [ 229.888432][ T5168] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/237/bus supports timestamps until (%ptR?) (0x7fffffff) [ 229.888569][ T5169] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/241/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5170] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5172] <... close resumed>) = 0 [pid 5168] <... openat resumed>) = 4 [pid 5166] <... close resumed>) = 0 [pid 5172] mkdir("./bus", 0777 [pid 5168] ioctl(4, LOOP_CLR_FD [pid 5166] memfd_create("syzkaller", 0 [pid 5168] <... ioctl resumed>) = 0 [pid 5166] <... memfd_create resumed>) = 4 [pid 5168] close(4) = 0 [pid 5172] <... mkdir resumed>) = 0 [pid 5168] memfd_create("syzkaller", 0 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5172] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5168] <... memfd_create resumed>) = 4 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5166] <... mmap resumed>) = 0x7f7c475b3000 [pid 5168] <... mmap resumed>) = 0x7f7c475b3000 [pid 5169] <... openat resumed>) = 4 [pid 5169] ioctl(4, LOOP_CLR_FD) = 0 [pid 5169] close(4) = 0 [pid 5169] memfd_create("syzkaller", 0) = 4 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5170] <... mount resumed>) = 0 [pid 5170] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5170] chdir("./bus") = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5170] ioctl(4, LOOP_CLR_FD) = 0 [pid 5170] close(4) = 0 [pid 5170] memfd_create("syzkaller", 0) = 4 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5172] <... mount resumed>) = 0 [pid 5172] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5172] chdir("./bus") = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5172] ioctl(4, LOOP_CLR_FD) = 0 [pid 5172] close(4) = 0 [pid 5172] memfd_create("syzkaller", 0) = 4 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 230.017560][ T5170] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/240/bus supports timestamps until (%ptR?) (0x7fffffff) [ 230.049142][ T5172] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/244/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5168] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5166] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5169] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5170] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5168] <... write resumed>) = 20699119 [pid 5168] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5168] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5168] ioctl(5, LOOP_CLR_FD) = 0 [pid 5168] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5168] close(5) = 0 [pid 5168] close(4 [pid 5172] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5166] <... write resumed>) = 20699119 [pid 5166] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5166] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5166] ioctl(5, LOOP_CLR_FD) = 0 [pid 5166] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5166] close(5) = 0 [pid 5166] close(4 [pid 5168] <... close resumed>) = 0 [pid 5168] exit_group(0) = ? [pid 5168] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./237/binderfs") = 0 [pid 342] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5170] <... write resumed>) = 20699119 [pid 5169] <... write resumed>) = 20699119 [pid 5169] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5170] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5172] <... write resumed>) = 20699119 [pid 5172] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5166] <... close resumed>) = 0 [pid 5166] exit_group(0) = ? [pid 5166] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./241/binderfs") = 0 [pid 349] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] <... openat resumed>) = 5 [pid 5170] <... openat resumed>) = 5 [pid 5169] <... openat resumed>) = 5 [pid 342] <... umount2 resumed>) = 0 [pid 5170] ioctl(5, LOOP_SET_FD, 4 [pid 5169] ioctl(5, LOOP_SET_FD, 4 [pid 342] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5170] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5169] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5170] ioctl(5, LOOP_CLR_FD [pid 5169] ioctl(5, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./237/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./237/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./237/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", [pid 5172] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./237/bus" [pid 5172] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./237" [pid 5172] ioctl(5, LOOP_CLR_FD [pid 342] <... rmdir resumed>) = 0 [pid 342] mkdir("./238", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5170] <... ioctl resumed>) = 0 [pid 5169] <... ioctl resumed>) = 0 [pid 5172] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 349] <... umount2 resumed>) = 0 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5186 [pid 5170] ioctl(5, LOOP_SET_FD, 4 [pid 5169] ioctl(5, LOOP_SET_FD, 4 [pid 5170] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5169] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5170] close(5 [pid 5169] close(5 [pid 5170] <... close resumed>) = 0 [pid 5169] <... close resumed>) = 0 [pid 5170] close(4 [pid 5169] close(4 [pid 349] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5186 attached ) = -1 EINVAL (Invalid argument) [pid 5186] set_robust_list(0x555584fcf660, 24 [pid 5172] ioctl(5, LOOP_SET_FD, 4 [pid 349] newfstatat(AT_FDCWD, "./241/bus", [pid 5186] <... set_robust_list resumed>) = 0 [pid 5172] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5186] chdir("./238" [pid 5172] close(5 [pid 349] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] <... chdir resumed>) = 0 [pid 5172] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5172] close(4 [pid 349] openat(AT_FDCWD, "./241/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] <... prctl resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 5186] setpgid(0, 0 [pid 349] newfstatat(4, "", [pid 5186] <... setpgid resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] getdents64(4, [pid 5186] <... openat resumed>) = 3 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5186] write(3, "1000", 4 [pid 349] getdents64(4, [pid 5186] <... write resumed>) = 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5186] close(3 [pid 349] close(4 [pid 5186] <... close resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5186] symlink("/dev/binderfs", "./binderfs" [pid 349] rmdir("./241/bus"executing program [pid 5186] <... symlink resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 5186] write(1, "executing program\n", 18 [pid 349] getdents64(3, [pid 5186] <... write resumed>) = 18 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5186] memfd_create("syzkaller", 0 [pid 349] close(3 [pid 5186] <... memfd_create resumed>) = 3 [pid 349] <... close resumed>) = 0 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] rmdir("./241" [pid 5186] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... rmdir resumed>) = 0 [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] mkdir("./242", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5186] <... write resumed>) = 262144 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5187 [pid 5186] munmap(0x7f7c475b3000, 138412032) = 0 ./strace-static-x86_64: Process 5187 attached [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5186] ioctl(4, LOOP_SET_FD, 3 [pid 5187] set_robust_list(0x555584fcf660, 24) = 0 [pid 5187] chdir("./242" [pid 5186] <... ioctl resumed>) = 0 [pid 5187] <... chdir resumed>) = 0 [pid 5186] close(3) = 0 [pid 5186] close(4 [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5187] setpgid(0, 0) = 0 [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5187] write(3, "1000", 4) = 4 [pid 5187] close(3) = 0 [pid 5187] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5187] write(1, "executing program\n", 18executing program ) = 18 [pid 5187] memfd_create("syzkaller", 0) = 3 [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5187] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5186] <... close resumed>) = 0 [pid 5170] <... close resumed>) = 0 [pid 5186] mkdir("./bus", 0777 [pid 5187] ioctl(4, LOOP_SET_FD, 3 [pid 5186] <... mkdir resumed>) = 0 [pid 5170] exit_group(0 [pid 5186] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5170] <... exit_group resumed>) = ? [pid 5170] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./240/binderfs") = 0 [pid 344] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] <... close resumed>) = 0 [pid 5172] exit_group(0) = ? [pid 5172] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5169] <... close resumed>) = 0 [pid 5169] exit_group(0) = ? [pid 5169] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./244/binderfs") = 0 [pid 343] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5187] <... ioctl resumed>) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 5187] close(3) = 0 [pid 5187] close(4 [pid 348] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./241/binderfs") = 0 [pid 348] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] <... mount resumed>) = 0 [pid 5186] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5186] chdir("./bus") = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5187] <... close resumed>) = 0 [pid 5187] mkdir("./bus", 0777) = 0 [ 230.708726][ T5186] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/238/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5187] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./244/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./244/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./244/bus" [pid 344] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./244") = 0 [pid 343] mkdir("./245", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5192 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5192 attached [pid 5186] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 344] newfstatat(AT_FDCWD, "./240/bus", [pid 348] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] ioctl(4, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5186] <... ioctl resumed>) = 0 [pid 5192] set_robust_list(0x555584fcf660, 24) = 0 [pid 5192] chdir("./245") = 0 [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5192] setpgid(0, 0) = 0 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5192] write(3, "1000", 4) = 4 [pid 5192] close(3) = 0 [pid 5192] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5186] close(4 [pid 348] newfstatat(AT_FDCWD, "./241/bus", [pid 344] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5192] write(1, "executing program\n", 18) = 18 [pid 5192] memfd_create("syzkaller", 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5186] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5192] <... memfd_create resumed>) = 3 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5186] memfd_create("syzkaller", 0 [pid 348] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] openat(AT_FDCWD, "./240/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] <... memfd_create resumed>) = 4 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... openat resumed>) = 4 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] openat(AT_FDCWD, "./241/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] newfstatat(4, "", [pid 5192] <... write resumed>) = 262144 [pid 5192] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5192] ioctl(4, LOOP_SET_FD, 3 [pid 348] <... openat resumed>) = 4 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, [pid 5192] <... ioctl resumed>) = 0 [pid 5192] close(3) = 0 [pid 5192] close(4 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, [pid 348] getdents64(4, [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5187] <... mount resumed>) = 0 [pid 348] close(4 [pid 344] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 344] rmdir("./240/bus" [pid 5187] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 344] <... rmdir resumed>) = 0 [pid 348] rmdir("./241/bus") = 0 [pid 344] getdents64(3, [pid 348] getdents64(3, [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3 [pid 5187] <... openat resumed>) = 3 [pid 348] close(3 [pid 5187] chdir("./bus" [pid 344] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./241") = 0 [pid 348] mkdir("./242", 0777) = 0 [pid 344] rmdir("./240") = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] mkdir("./241", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5187] <... chdir resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5192] <... close resumed>) = 0 [pid 5192] mkdir("./bus", 0777) = 0 [pid 5192] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 230.838027][ T5187] ext4 filesystem being mounted at /root/syzkaller.53SCZU/242/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5186] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 348] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 344] close(3 [pid 348] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5196 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5197 [pid 5187] <... openat resumed>) = 4 [pid 5187] ioctl(4, LOOP_CLR_FD) = 0 [pid 5187] close(4) = 0 [pid 5187] memfd_create("syzkaller", 0) = 4 [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5197 attached [pid 5186] munmap(0x7f7c475b3000, 138412032./strace-static-x86_64: Process 5196 attached [pid 5196] set_robust_list(0x555584fcf660, 24) = 0 [pid 5196] chdir("./242") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0) = 0 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5196] write(3, "1000", 4) = 4 [pid 5196] close(3) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs" [pid 5186] <... munmap resumed>) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5197] set_robust_list(0x555584fcf660, 24 [pid 5196] <... symlink resumed>) = 0 [pid 5197] <... set_robust_list resumed>) = 0 executing program [pid 5196] write(1, "executing program\n", 18) = 18 [pid 5196] memfd_create("syzkaller", 0) = 3 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5197] chdir("./241") = 0 [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5197] setpgid(0, 0) = 0 [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5196] <... write resumed>) = 262144 [pid 5196] munmap(0x7f7c475b3000, 138412032 [pid 5197] write(3, "1000", 4 [pid 5196] <... munmap resumed>) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5197] <... write resumed>) = 4 [pid 5197] close(3) = 0 [pid 5197] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5197] write(1, "executing program\n", 18executing program ) = 18 [pid 5197] memfd_create("syzkaller", 0) = 3 [pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5197] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5197] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5186] <... openat resumed>) = 5 [pid 5186] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5186] ioctl(5, LOOP_CLR_FD) = 0 [pid 5197] <... openat resumed>) = 4 [pid 5196] <... openat resumed>) = 4 [pid 5197] ioctl(4, LOOP_SET_FD, 3 [pid 5196] ioctl(4, LOOP_SET_FD, 3 [pid 5197] <... ioctl resumed>) = 0 [pid 5197] close(3 [pid 5186] ioctl(5, LOOP_SET_FD, 4 [pid 5197] <... close resumed>) = 0 [pid 5186] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5197] close(4 [pid 5186] close(5 [pid 5196] <... ioctl resumed>) = 0 [pid 5196] close(3) = 0 [pid 5196] close(4 [pid 5192] <... mount resumed>) = 0 [pid 5192] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5192] chdir("./bus") = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5187] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5197] <... close resumed>) = 0 [pid 5196] <... close resumed>) = 0 [pid 5186] <... close resumed>) = 0 [pid 5196] mkdir("./bus", 0777 [pid 5197] mkdir("./bus", 0777 [pid 5186] close(4 [pid 5196] <... mkdir resumed>) = 0 [pid 5197] <... mkdir resumed>) = 0 [pid 5196] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5197] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5192] <... openat resumed>) = 4 [pid 5192] ioctl(4, LOOP_CLR_FD [pid 5196] <... mount resumed>) = 0 [pid 5192] <... ioctl resumed>) = 0 [pid 5196] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5192] close(4) = 0 [pid 5192] memfd_create("syzkaller", 0 [pid 5196] <... openat resumed>) = 3 [pid 5196] chdir("./bus" [pid 5192] <... memfd_create resumed>) = 4 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5196] <... chdir resumed>) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5192] <... mmap resumed>) = 0x7f7c475b3000 [pid 5197] <... mount resumed>) = 0 [pid 5196] <... openat resumed>) = 4 [ 230.999516][ T5192] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/245/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5196] ioctl(4, LOOP_CLR_FD [pid 5197] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5196] <... ioctl resumed>) = 0 [pid 5196] close(4 [pid 5197] <... openat resumed>) = 3 [pid 5197] chdir("./bus" [pid 5196] <... close resumed>) = 0 [pid 5197] <... chdir resumed>) = 0 [pid 5197] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5196] memfd_create("syzkaller", 0 [pid 5197] <... openat resumed>) = 4 [pid 5197] ioctl(4, LOOP_CLR_FD [pid 5196] <... memfd_create resumed>) = 4 [pid 5197] <... ioctl resumed>) = 0 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5197] close(4 [pid 5196] <... mmap resumed>) = 0x7f7c475b3000 [pid 5197] <... close resumed>) = 0 [pid 5197] memfd_create("syzkaller", 0) = 4 [pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5187] <... write resumed>) = 20699119 [pid 5187] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5187] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5187] ioctl(5, LOOP_CLR_FD) = 0 [pid 5187] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5187] close(5) = 0 [ 231.048478][ T5196] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/242/bus supports timestamps until (%ptR?) (0x7fffffff) [ 231.061969][ T5197] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/241/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5187] close(4 [pid 5186] <... close resumed>) = 0 [pid 5186] exit_group(0) = ? [pid 5186] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=4, si_stime=11} --- [pid 342] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./238/binderfs") = 0 [pid 342] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 342] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./238/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./238/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./238/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./238/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./238") = 0 [pid 342] mkdir("./239", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5206 ./strace-static-x86_64: Process 5206 attached [pid 5196] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5206] set_robust_list(0x555584fcf660, 24) = 0 [pid 5206] chdir("./239") = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5206] setpgid(0, 0) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5206] write(3, "1000", 4) = 4 [pid 5206] close(3) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5206] write(1, "executing program\n", 18) = 18 [pid 5206] memfd_create("syzkaller", 0) = 3 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5206] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5206] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5206] close(3) = 0 [pid 5206] close(4 [pid 5192] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5187] <... close resumed>) = 0 [pid 5187] exit_group(0) = ? [pid 5187] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./242/binderfs") = 0 [pid 349] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5206] <... close resumed>) = 0 [pid 5206] mkdir("./bus", 0777) = 0 [pid 5206] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5197] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./242/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./242/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./242/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./242") = 0 [pid 349] mkdir("./243", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5192] <... write resumed>) = 20699119 [pid 5192] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5196] <... write resumed>) = 20699119 [pid 5192] <... openat resumed>) = 5 [pid 349] <... openat resumed>) = 3 [pid 5192] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] ioctl(3, LOOP_CLR_FD [pid 5192] ioctl(5, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5192] <... ioctl resumed>) = 0 [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5209 [pid 5192] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5192] close(5) = 0 [pid 5192] close(4 [pid 5196] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 ./strace-static-x86_64: Process 5209 attached [pid 5196] ioctl(5, LOOP_SET_FD, 4 [pid 5209] set_robust_list(0x555584fcf660, 24 [pid 5196] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5209] <... set_robust_list resumed>) = 0 [pid 5196] ioctl(5, LOOP_CLR_FD) = 0 [pid 5209] chdir("./243") = 0 [pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5209] setpgid(0, 0) = 0 [pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5209] write(3, "1000", 4 [pid 5196] ioctl(5, LOOP_SET_FD, 4 [pid 5209] <... write resumed>) = 4 [pid 5196] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5209] close(3 [pid 5196] close(5 [pid 5209] <... close resumed>) = 0 [pid 5196] <... close resumed>) = 0 [pid 5209] symlink("/dev/binderfs", "./binderfs" [pid 5197] <... write resumed>) = 20699119 [pid 5196] close(4 [pid 5209] <... symlink resumed>) = 0 [pid 5197] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5197] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5197] ioctl(5, LOOP_SET_FD, 4executing program ) = -1 EBUSY (Device or resource busy) [pid 5209] write(1, "executing program\n", 18) = 18 [pid 5209] memfd_create("syzkaller", 0 [pid 5197] ioctl(5, LOOP_CLR_FD) = 0 [pid 5206] <... mount resumed>) = 0 [pid 5206] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5206] chdir("./bus") = 0 [pid 5197] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5197] close(5) = 0 [pid 5197] close(4 [pid 5209] <... memfd_create resumed>) = 3 [pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5206] ioctl(4, LOOP_CLR_FD) = 0 [pid 5206] close(4 [pid 5209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5206] <... close resumed>) = 0 [pid 5206] memfd_create("syzkaller", 0 [pid 5209] <... write resumed>) = 262144 [pid 5209] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5209] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5209] ioctl(4, LOOP_SET_FD, 3 [pid 5206] <... memfd_create resumed>) = 4 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5209] <... ioctl resumed>) = 0 [pid 5209] close(3) = 0 [ 231.415690][ T5206] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/239/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5209] close(4 [pid 5192] <... close resumed>) = 0 [pid 5192] exit_group(0) = ? [pid 5192] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5196] <... close resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 5196] exit_group(0) = ? [pid 5196] +++ exited with 0 +++ [pid 343] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] getdents64(3, [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(3, "", [pid 343] newfstatat(AT_FDCWD, "./245/binderfs", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] getdents64(3, [pid 343] unlink("./245/binderfs" [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5209] <... close resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./242/binderfs", [pid 343] <... unlink resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./242/binderfs" [pid 5209] mkdir("./bus", 0777 [pid 348] <... unlink resumed>) = 0 [pid 343] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5209] <... mkdir resumed>) = 0 [pid 5209] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5197] <... close resumed>) = 0 [pid 5197] exit_group(0) = ? [pid 5197] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./241/binderfs") = 0 [pid 344] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5206] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5209] <... mount resumed>) = 0 [pid 5209] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5209] chdir("./bus") = 0 [pid 5209] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5206] <... write resumed>) = 20699119 [pid 5206] munmap(0x7f7c475b3000, 138412032) = 0 [ 231.608789][ T5209] ext4 filesystem being mounted at /root/syzkaller.53SCZU/243/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5209] <... openat resumed>) = 4 [pid 5209] ioctl(4, LOOP_CLR_FD) = 0 [pid 5209] close(4) = 0 [pid 5209] memfd_create("syzkaller", 0) = 4 [pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5206] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5206] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5206] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5206] ioctl(5, LOOP_CLR_FD [pid 348] newfstatat(AT_FDCWD, "./242/bus", [pid 344] newfstatat(AT_FDCWD, "./241/bus", [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5206] <... ioctl resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] newfstatat(AT_FDCWD, "./245/bus", [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] openat(AT_FDCWD, "./242/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... openat resumed>) = 4 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] newfstatat(4, "", [pid 344] openat(AT_FDCWD, "./241/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] getdents64(4, [pid 344] <... openat resumed>) = 4 [pid 343] openat(AT_FDCWD, "./245/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] newfstatat(4, "", [pid 343] <... openat resumed>) = 4 [pid 5206] ioctl(5, LOOP_SET_FD, 4 [pid 348] getdents64(4, [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] newfstatat(4, "", [pid 5206] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] getdents64(4, [pid 5206] close(5 [pid 348] close(4 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5206] <... close resumed>) = 0 [pid 343] getdents64(4, [pid 5206] close(4 [pid 348] <... close resumed>) = 0 [pid 344] getdents64(4, [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] rmdir("./242/bus" [pid 343] getdents64(4, [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4 [pid 348] getdents64(3, [pid 343] close(4 [pid 344] <... close resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] rmdir("./241/bus" [pid 343] <... close resumed>) = 0 [pid 348] close(3 [pid 344] <... rmdir resumed>) = 0 [pid 343] rmdir("./245/bus" [pid 348] <... close resumed>) = 0 [pid 344] getdents64(3, [pid 343] <... rmdir resumed>) = 0 [pid 348] rmdir("./242" [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] getdents64(3, [pid 348] <... rmdir resumed>) = 0 [pid 344] close(3 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] mkdir("./243", 0777 [pid 344] <... close resumed>) = 0 [pid 343] close(3 [pid 348] <... mkdir resumed>) = 0 [pid 344] rmdir("./241" [pid 343] <... close resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... rmdir resumed>) = 0 [pid 343] rmdir("./245" [pid 348] <... openat resumed>) = 3 [pid 343] <... rmdir resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] mkdir("./242", 0777 [pid 343] mkdir("./246", 0777 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... mkdir resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 348] close(3 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... close resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5214 [pid 344] close(3 [pid 343] close(3 [pid 344] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5215 attached ./strace-static-x86_64: Process 5216 attached [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5215 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5216 [pid 5216] set_robust_list(0x555584fcf660, 24 [pid 5215] set_robust_list(0x555584fcf660, 24 [pid 5216] <... set_robust_list resumed>) = 0 [pid 5215] <... set_robust_list resumed>) = 0 [pid 5216] chdir("./246" [pid 5215] chdir("./242" [pid 5216] <... chdir resumed>) = 0 [pid 5215] <... chdir resumed>) = 0 [pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5216] <... prctl resumed>) = 0 [pid 5215] <... prctl resumed>) = 0 [pid 5216] setpgid(0, 0 [pid 5215] setpgid(0, 0 [pid 5216] <... setpgid resumed>) = 0 [pid 5215] <... setpgid resumed>) = 0 [pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5216] <... openat resumed>) = 3 [pid 5216] write(3, "1000", 4 [pid 5215] <... openat resumed>) = 3 [pid 5216] <... write resumed>) = 4 [pid 5215] write(3, "1000", 4 [pid 5216] close(3 [pid 5215] <... write resumed>) = 4 [pid 5216] <... close resumed>) = 0 [pid 5215] close(3 [pid 5216] symlink("/dev/binderfs", "./binderfs" [pid 5215] <... close resumed>) = 0 [pid 5216] <... symlink resumed>) = 0 [pid 5215] symlink("/dev/binderfs", "./binderfs" [pid 5216] write(1, "executing program\n", 18executing program ) = 18 [pid 5215] <... symlink resumed>) = 0 [pid 5216] memfd_create("syzkaller", 0 [pid 5215] write(1, "executing program\n", 18executing program [pid 5216] <... memfd_create resumed>) = 3 [pid 5215] <... write resumed>) = 18 [pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5215] memfd_create("syzkaller", 0 [pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5215] <... memfd_create resumed>) = 3 [pid 5216] <... write resumed>) = 262144 [pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5216] munmap(0x7f7c475b3000, 138412032 [pid 5215] <... mmap resumed>) = 0x7f7c475b3000 [pid 5216] <... munmap resumed>) = 0 [pid 5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5216] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5215] <... write resumed>) = 262144 [pid 5216] <... openat resumed>) = 4 [pid 5215] munmap(0x7f7c475b3000, 138412032 [pid 5216] ioctl(4, LOOP_SET_FD, 3 [pid 5215] <... munmap resumed>) = 0 [pid 5215] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5214 attached [pid 5214] set_robust_list(0x555584fcf660, 24) = 0 [pid 5214] chdir("./243") = 0 [pid 5214] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5214] setpgid(0, 0) = 0 [pid 5214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5214] write(3, "1000", 4) = 4 [pid 5214] close(3) = 0 [pid 5214] symlink("/dev/binderfs", "./binderfs" [pid 5216] <... ioctl resumed>) = 0 [pid 5215] <... openat resumed>) = 4 [pid 5215] ioctl(4, LOOP_SET_FD, 3 [pid 5216] close(3) = 0 [pid 5216] close(4 [pid 5214] <... symlink resumed>) = 0 [pid 5214] write(1, "executing program\n", 18executing program ) = 18 [pid 5214] memfd_create("syzkaller", 0) = 3 [pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5215] <... ioctl resumed>) = 0 [pid 5216] <... close resumed>) = 0 [pid 5214] <... write resumed>) = 262144 [pid 5214] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5214] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5214] ioctl(4, LOOP_SET_FD, 3 [pid 5216] mkdir("./bus", 0777 [pid 5215] close(3 [pid 5216] <... mkdir resumed>) = 0 [pid 5215] <... close resumed>) = 0 [pid 5216] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5215] close(4 [pid 5214] <... ioctl resumed>) = 0 [pid 5214] close(3) = 0 [pid 5214] close(4 [pid 5206] <... close resumed>) = 0 [pid 5206] exit_group(0) = ? [pid 5206] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=2, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./239/binderfs") = 0 [pid 342] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5209] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5215] <... close resumed>) = 0 [pid 5215] mkdir("./bus", 0777) = 0 [pid 5215] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5209] <... write resumed>) = 20699119 [pid 5209] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5209] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5214] <... close resumed>) = 0 [pid 5214] mkdir("./bus", 0777) = 0 [pid 5214] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5216] <... mount resumed>) = 0 [pid 5216] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5216] chdir("./bus") = 0 [pid 5216] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5209] <... openat resumed>) = 5 [pid 5209] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5209] ioctl(5, LOOP_CLR_FD) = 0 [pid 5216] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 5216] ioctl(4, LOOP_CLR_FD [pid 342] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5216] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5216] close(4 [pid 342] newfstatat(AT_FDCWD, "./239/bus", [pid 5216] <... close resumed>) = 0 [pid 5209] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5216] memfd_create("syzkaller", 0 [pid 5209] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] umount2("./239/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5216] <... memfd_create resumed>) = 4 [pid 5209] close(5 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5209] <... close resumed>) = 0 [pid 342] openat(AT_FDCWD, "./239/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5216] <... mmap resumed>) = 0x7f7c475b3000 [ 231.928581][ T5216] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/246/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5209] close(4 [pid 342] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 5215] <... mount resumed>) = 0 [pid 5214] <... mount resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5215] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5214] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 342] getdents64(4, [pid 5215] <... openat resumed>) = 3 [pid 5214] <... openat resumed>) = 3 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5215] chdir("./bus" [pid 5214] chdir("./bus" [pid 342] close(4 [pid 5215] <... chdir resumed>) = 0 [pid 5214] <... chdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 5215] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5214] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] rmdir("./239/bus" [pid 5215] <... openat resumed>) = 4 [pid 5214] <... openat resumed>) = 4 [pid 342] <... rmdir resumed>) = 0 [pid 5215] ioctl(4, LOOP_CLR_FD [pid 5214] ioctl(4, LOOP_CLR_FD [pid 342] getdents64(3, [pid 5215] <... ioctl resumed>) = 0 [pid 5214] <... ioctl resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5215] close(4 [pid 5214] close(4 [pid 342] close(3 [pid 5215] <... close resumed>) = 0 [pid 5214] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./239") = 0 [pid 342] mkdir("./240", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5214] memfd_create("syzkaller", 0 [pid 342] ioctl(3, LOOP_CLR_FD [pid 5215] memfd_create("syzkaller", 0 [pid 5214] <... memfd_create resumed>) = 4 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5215] <... memfd_create resumed>) = 4 [pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] close(3 [pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5214] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... close resumed>) = 0 [pid 5215] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5226 ./strace-static-x86_64: Process 5226 attached [pid 5226] set_robust_list(0x555584fcf660, 24) = 0 [pid 5226] chdir("./240") = 0 [pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5226] setpgid(0, 0) = 0 [pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1000", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5226] write(1, "executing program\n", 18executing program ) = 18 [pid 5226] memfd_create("syzkaller", 0) = 3 [pid 5226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5226] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5226] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5226] close(3) = 0 [pid 5226] close(4) = 0 [pid 5226] mkdir("./bus", 0777) = 0 [ 232.006467][ T5215] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/242/bus supports timestamps until (%ptR?) (0x7fffffff) [ 232.031157][ T5214] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/243/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5226] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5209] <... close resumed>) = 0 [pid 5216] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5209] exit_group(0) = ? [pid 5209] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=6, si_stime=9} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./243/binderfs") = 0 [pid 349] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5226] <... mount resumed>) = 0 [pid 5226] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5226] chdir("./bus") = 0 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5226] <... openat resumed>) = 4 [pid 349] newfstatat(AT_FDCWD, "./243/bus", [pid 5226] ioctl(4, LOOP_CLR_FD [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5226] <... ioctl resumed>) = 0 [pid 349] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5226] close(4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5226] <... close resumed>) = 0 [pid 349] openat(AT_FDCWD, "./243/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5226] memfd_create("syzkaller", 0 [pid 349] <... openat resumed>) = 4 [pid 5226] <... memfd_create resumed>) = 4 [pid 349] newfstatat(4, "", [pid 5226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5226] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./243/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./243") = 0 [pid 349] mkdir("./244", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5230 ./strace-static-x86_64: Process 5230 attached [pid 5230] set_robust_list(0x555584fcf660, 24) = 0 [pid 5230] chdir("./244") = 0 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5230] setpgid(0, 0) = 0 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5230] write(3, "1000", 4) = 4 [pid 5230] close(3) = 0 [pid 5230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5230] write(1, "executing program\n", 18executing program ) = 18 [pid 5230] memfd_create("syzkaller", 0) = 3 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 232.153987][ T5226] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/240/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5230] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5230] close(3) = 0 [pid 5230] close(4) = 0 [pid 5230] mkdir("./bus", 0777) = 0 [pid 5230] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5214] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5215] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5230] <... mount resumed>) = 0 [pid 5230] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5230] chdir("./bus") = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5230] ioctl(4, LOOP_CLR_FD) = 0 [pid 5230] close(4) = 0 [pid 5230] memfd_create("syzkaller", 0) = 4 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5216] <... write resumed>) = 20699119 [pid 5216] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5216] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5216] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5216] ioctl(5, LOOP_CLR_FD) = 0 [pid 5216] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5216] close(5) = 0 [ 232.306437][ T5230] ext4 filesystem being mounted at /root/syzkaller.53SCZU/244/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5216] close(4 [pid 5214] <... write resumed>) = 20699119 [pid 5226] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5214] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5214] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5214] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5214] ioctl(5, LOOP_CLR_FD) = 0 [pid 5214] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5214] close(5) = 0 [pid 5214] close(4 [pid 5216] <... close resumed>) = 0 [pid 5216] exit_group(0) = ? [pid 5216] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./246/binderfs") = 0 [pid 343] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5215] <... write resumed>) = 20699119 [pid 5215] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5215] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5214] <... close resumed>) = 0 [pid 5230] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5214] exit_group(0 [pid 5215] <... openat resumed>) = 5 [pid 5214] <... exit_group resumed>) = ? [pid 343] <... umount2 resumed>) = 0 [pid 5215] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5214] +++ exited with 0 +++ [pid 343] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5214, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 343] newfstatat(AT_FDCWD, "./246/bus", [pid 348] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... openat resumed>) = 3 [pid 343] openat(AT_FDCWD, "./246/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] newfstatat(3, "", [pid 5215] ioctl(5, LOOP_CLR_FD [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... openat resumed>) = 4 [pid 348] getdents64(3, [pid 343] newfstatat(4, "", [pid 5215] <... ioctl resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] getdents64(4, [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./243/binderfs", [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] getdents64(4, [pid 348] unlink("./243/binderfs" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] <... unlink resumed>) = 0 [pid 343] close(4 [pid 348] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./246/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 5215] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... close resumed>) = 0 [pid 5215] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] rmdir("./246" [pid 5215] close(5 [pid 5226] <... write resumed>) = 20699119 [pid 5215] <... close resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 5215] close(4 [pid 5226] munmap(0x7f7c475b3000, 138412032 [pid 343] mkdir("./247", 0777 [pid 5226] <... munmap resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5215] <... close resumed>) = 0 [pid 5215] exit_group(0) = ? [pid 5215] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5230] <... write resumed>) = 20699119 [pid 5230] munmap(0x7f7c475b3000, 138412032 [pid 348] <... umount2 resumed>) = 0 [pid 5230] <... munmap resumed>) = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5230] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5230] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./243/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./243/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./243/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 5226] <... openat resumed>) = 5 [pid 343] <... openat resumed>) = 3 [pid 348] close(3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 5226] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5226] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] close(3 [pid 5226] ioctl(5, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./243") = 0 [pid 348] mkdir("./244", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5226] <... ioctl resumed>) = 0 [pid 344] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5234 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5235 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./242/binderfs", [pid 5230] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5230] close(5) = 0 [pid 5230] close(4 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5226] ioctl(5, LOOP_SET_FD, 4 [pid 344] unlink("./242/binderfs" [pid 5226] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5226] close(5 [pid 344] <... unlink resumed>) = 0 [pid 5226] <... close resumed>) = 0 [pid 344] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5226] close(4./strace-static-x86_64: Process 5234 attached ./strace-static-x86_64: Process 5235 attached [pid 5234] set_robust_list(0x555584fcf660, 24 [pid 5235] set_robust_list(0x555584fcf660, 24) = 0 [pid 5234] <... set_robust_list resumed>) = 0 [pid 5234] chdir("./247" [pid 5235] chdir("./244" [pid 5234] <... chdir resumed>) = 0 [pid 5235] <... chdir resumed>) = 0 [pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5234] <... prctl resumed>) = 0 [pid 5235] <... prctl resumed>) = 0 [pid 5234] setpgid(0, 0 [pid 5235] setpgid(0, 0 [pid 5234] <... setpgid resumed>) = 0 [pid 5235] <... setpgid resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5235] <... openat resumed>) = 3 [pid 5235] write(3, "1000", 4 [pid 5234] <... openat resumed>) = 3 [pid 5235] <... write resumed>) = 4 [pid 5234] write(3, "1000", 4 [pid 5235] close(3 [pid 5234] <... write resumed>) = 4 [pid 5235] <... close resumed>) = 0 [pid 5234] close(3 [pid 5235] symlink("/dev/binderfs", "./binderfs" [pid 5234] <... close resumed>) = 0 [pid 5235] <... symlink resumed>) = 0 [pid 5234] symlink("/dev/binderfs", "./binderfs" [pid 5235] write(1, "executing program\n", 18executing program ) = 18 [pid 5234] <... symlink resumed>) = 0 [pid 5235] memfd_create("syzkaller", 0 [pid 5234] write(1, "executing program\n", 18executing program [pid 5235] <... memfd_create resumed>) = 3 [pid 5234] <... write resumed>) = 18 [pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5234] memfd_create("syzkaller", 0 [pid 5235] <... mmap resumed>) = 0x7f7c475b3000 [pid 5234] <... memfd_create resumed>) = 3 [pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5235] <... write resumed>) = 262144 [pid 5234] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5235] munmap(0x7f7c475b3000, 138412032 [pid 5234] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5235] <... munmap resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5234] <... openat resumed>) = 4 [pid 5234] ioctl(4, LOOP_SET_FD, 3 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./242/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./242/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./242/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./242") = 0 [pid 344] mkdir("./243", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5234] <... ioctl resumed>) = 0 [pid 5235] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 5235] ioctl(4, LOOP_SET_FD, 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5234] close(3 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5234] <... close resumed>) = 0 [pid 344] close(3 [pid 5234] close(4 [pid 5235] <... ioctl resumed>) = 0 [pid 5234] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 5234] mkdir("./bus", 0777 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5234] <... mkdir resumed>) = 0 [pid 5235] close(3) = 0 [pid 5234] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5238 [pid 5235] close(4 [pid 5230] <... close resumed>) = 0 ./strace-static-x86_64: Process 5238 attached [pid 5238] set_robust_list(0x555584fcf660, 24) = 0 [pid 5238] chdir("./243") = 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5238] setpgid(0, 0) = 0 [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5238] write(3, "1000", 4) = 4 [pid 5238] close(3) = 0 [pid 5238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5238] write(1, "executing program\n", 18executing program ) = 18 [pid 5238] memfd_create("syzkaller", 0) = 3 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5230] exit_group(0) = ? [pid 5230] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5238] <... write resumed>) = 262144 [pid 5238] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5226] <... close resumed>) = 0 [pid 5226] exit_group(0) = ? [pid 5226] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5226, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./244/binderfs") = 0 [pid 349] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5235] <... close resumed>) = 0 [pid 5235] mkdir("./bus", 0777) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 5235] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5238] <... openat resumed>) = 4 [pid 5238] ioctl(4, LOOP_SET_FD, 3 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5238] <... ioctl resumed>) = 0 [pid 5238] close(3) = 0 [pid 5238] close(4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./240/binderfs") = 0 [pid 342] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5234] <... mount resumed>) = 0 [pid 5234] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5234] chdir("./bus") = 0 [pid 5234] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5235] <... mount resumed>) = 0 [pid 5235] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5235] chdir("./bus") = 0 [pid 5235] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5238] <... close resumed>) = 0 [pid 5238] mkdir("./bus", 0777) = 0 [pid 5238] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5235] <... openat resumed>) = 4 [ 232.739222][ T5234] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/247/bus supports timestamps until (%ptR?) (0x7fffffff) [ 232.739444][ T5235] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/244/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5235] ioctl(4, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./244/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./244/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 5234] <... openat resumed>) = 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./244/bus" [pid 5234] ioctl(4, LOOP_CLR_FD [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./244") = 0 [pid 349] mkdir("./245", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5235] <... ioctl resumed>) = 0 [pid 5234] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 5235] close(4 [pid 5234] close(4 [pid 342] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5235] <... close resumed>) = 0 [pid 5234] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5235] memfd_create("syzkaller", 0 [pid 5234] memfd_create("syzkaller", 0 [pid 342] newfstatat(AT_FDCWD, "./240/bus", [pid 5235] <... memfd_create resumed>) = 4 [pid 5234] <... memfd_create resumed>) = 4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] umount2("./240/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5235] <... mmap resumed>) = 0x7f7c475b3000 [pid 5234] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] close(3 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... close resumed>) = 0 [pid 342] openat(AT_FDCWD, "./240/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5245 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 ./strace-static-x86_64: Process 5245 attached [pid 342] rmdir("./240/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./240") = 0 [pid 342] mkdir("./241", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5247 ./strace-static-x86_64: Process 5247 attached [pid 5247] set_robust_list(0x555584fcf660, 24) = 0 [pid 5247] chdir("./241") = 0 [pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5247] setpgid(0, 0) = 0 [pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5247] write(3, "1000", 4) = 4 [pid 5247] close(3) = 0 executing program [pid 5247] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5247] write(1, "executing program\n", 18) = 18 [pid 5247] memfd_create("syzkaller", 0) = 3 [pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5247] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5247] ioctl(4, LOOP_SET_FD, 3 [pid 5245] set_robust_list(0x555584fcf660, 24) = 0 [pid 5245] chdir("./245") = 0 [pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5245] setpgid(0, 0) = 0 [pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5238] <... mount resumed>) = 0 [pid 5245] write(3, "1000", 4) = 4 [pid 5238] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5245] close(3) = 0 [pid 5238] <... openat resumed>) = 3 [pid 5245] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5238] chdir("./bus" [pid 5245] write(1, "executing program\n", 18) = 18 [pid 5238] <... chdir resumed>) = 0 [pid 5245] memfd_create("syzkaller", 0 [pid 5238] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5245] <... memfd_create resumed>) = 3 [pid 5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5245] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5245] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5247] <... ioctl resumed>) = 0 [pid 5247] close(3) = 0 [pid 5247] close(4) = 0 [pid 5247] mkdir("./bus", 0777) = 0 [pid 5247] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5245] <... openat resumed>) = 4 [pid 5238] <... openat resumed>) = 4 [pid 5245] ioctl(4, LOOP_SET_FD, 3 [pid 5238] ioctl(4, LOOP_CLR_FD [pid 5245] <... ioctl resumed>) = 0 [pid 5238] <... ioctl resumed>) = 0 [pid 5238] close(4) = 0 [pid 5238] memfd_create("syzkaller", 0) = 4 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5245] close(3) = 0 [pid 5245] close(4) = 0 [pid 5245] mkdir("./bus", 0777) = 0 [ 232.936179][ T5238] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/243/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5245] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5247] <... mount resumed>) = 0 [pid 5247] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5247] chdir("./bus") = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5247] ioctl(4, LOOP_CLR_FD) = 0 [pid 5247] close(4) = 0 [pid 5247] memfd_create("syzkaller", 0) = 4 [pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5234] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5245] <... mount resumed>) = 0 [pid 5245] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5245] chdir("./bus") = 0 [ 232.998072][ T5247] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/241/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5245] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5245] ioctl(4, LOOP_CLR_FD) = 0 [pid 5245] close(4) = 0 [pid 5245] memfd_create("syzkaller", 0) = 4 [pid 5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 233.055394][ T5245] ext4 filesystem being mounted at /root/syzkaller.53SCZU/245/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5235] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5238] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5234] <... write resumed>) = 20699119 [pid 5234] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5247] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5234] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5234] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5234] ioctl(5, LOOP_CLR_FD) = 0 [pid 5234] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5234] close(5) = 0 [pid 5234] close(4 [pid 5235] <... write resumed>) = 20699119 [pid 5235] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5235] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5235] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5235] ioctl(5, LOOP_CLR_FD) = 0 [pid 5235] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5235] close(5) = 0 [pid 5245] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5235] close(4 [pid 5238] <... write resumed>) = 20699119 [pid 5238] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5234] <... close resumed>) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5238] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5238] ioctl(5, LOOP_CLR_FD) = 0 [pid 5238] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5238] close(5) = 0 [pid 5238] close(4 [pid 5234] exit_group(0) = ? [pid 5234] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./247/binderfs") = 0 [pid 343] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5247] <... write resumed>) = 20699119 [pid 5247] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5235] <... close resumed>) = 0 [pid 5235] exit_group(0) = ? [pid 5235] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5238] <... close resumed>) = 0 [pid 5238] exit_group(0) = ? [pid 5238] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5245] <... write resumed>) = 20699119 [pid 5247] <... openat resumed>) = 5 [pid 5245] munmap(0x7f7c475b3000, 138412032 [pid 348] <... restart_syscall resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5247] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 5247] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5247] ioctl(5, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5247] <... ioctl resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./247/bus", [pid 348] unlink("./244/binderfs") = 0 [pid 348] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5245] <... munmap resumed>) = 0 [pid 344] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5245] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] <... openat resumed>) = 3 [pid 343] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] getdents64(3, [pid 343] openat(AT_FDCWD, "./247/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5247] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] newfstatat(4, "", [pid 5247] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5247] close(5 [pid 344] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] getdents64(4, [pid 344] newfstatat(AT_FDCWD, "./243/binderfs", [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] getdents64(4, [pid 344] unlink("./243/binderfs" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4 [pid 344] <... unlink resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./247/bus" [pid 344] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./247") = 0 [pid 343] mkdir("./248", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5247] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./244/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./244/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./244/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./244") = 0 [pid 348] mkdir("./245", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5254 [pid 5245] <... openat resumed>) = 5 [pid 5245] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5245] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5254 attached [pid 5247] close(4 [pid 5245] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5245] close(5 [pid 5254] set_robust_list(0x555584fcf660, 24) = 0 [pid 5254] chdir("./245") = 0 [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5254] setpgid(0, 0) = 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5254] write(3, "1000", 4) = 4 [pid 5254] close(3) = 0 [pid 5254] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5254] write(1, "executing program\n", 18executing program ) = 18 [pid 5254] memfd_create("syzkaller", 0) = 3 [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5254] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5254] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5247] <... close resumed>) = 0 [pid 5247] exit_group(0) = ? [pid 5247] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5247, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./241/binderfs") = 0 [pid 342] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5245] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 5245] close(4 [pid 344] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] ioctl(3, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./243/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./243/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./243/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./243") = 0 [pid 344] mkdir("./244", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5254] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... umount2 resumed>) = 0 [pid 5254] ioctl(4, LOOP_SET_FD, 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 343] close(3 [pid 342] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./241/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./241/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./241/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./241/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./241") = 0 [pid 342] mkdir("./242", 0777 [pid 5254] <... ioctl resumed>) = 0 [pid 5245] <... close resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... close resumed>) = 0 [pid 342] <... mkdir resumed>) = 0 [pid 5254] close(3 [pid 344] close(3 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5254] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 5254] close(4 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5256 [pid 342] ioctl(3, LOOP_CLR_FD [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5257 ./strace-static-x86_64: Process 5256 attached [pid 5256] set_robust_list(0x555584fcf660, 24) = 0 [pid 5256] chdir("./248") = 0 [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5256] setpgid(0, 0) = 0 [pid 5245] exit_group(0 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5256] write(3, "1000", 4) = 4 [pid 5256] close(3) = 0 [pid 5256] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5257 attached [pid 5245] <... exit_group resumed>) = ? [pid 5256] <... symlink resumed>) = 0 [pid 5256] write(1, "executing program\n", 18 [pid 5245] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5245, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>executing program [pid 5256] <... write resumed>) = 18 [pid 5256] memfd_create("syzkaller", 0 [pid 5257] set_robust_list(0x555584fcf660, 24 [pid 5256] <... memfd_create resumed>) = 3 [pid 5257] <... set_robust_list resumed>) = 0 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5257] chdir("./244") = 0 [pid 5257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5257] setpgid(0, 0) = 0 [pid 5257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5257] write(3, "1000", 4) = 4 [pid 5257] close(3) = 0 [pid 5257] symlink("/dev/binderfs", "./binderfs" [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] <... restart_syscall resumed>) = 0 [pid 5257] <... symlink resumed>) = 0 [pid 349] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5257] write(1, "executing program\n", 18 [pid 349] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, executing program 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5257] <... write resumed>) = 18 [pid 349] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5257] memfd_create("syzkaller", 0 [pid 349] unlink("./245/binderfs" [pid 5257] <... memfd_create resumed>) = 3 [pid 349] <... unlink resumed>) = 0 [pid 349] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5256] <... write resumed>) = 262144 [pid 5256] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5257] <... write resumed>) = 262144 [pid 5257] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5257] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5254] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5254] mkdir("./bus", 0777 [pid 342] close(3 [pid 5254] <... mkdir resumed>) = 0 [pid 5254] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5258 [pid 5257] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5258 attached [pid 349] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./245/bus", [pid 5256] <... openat resumed>) = 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5258] set_robust_list(0x555584fcf660, 24 [pid 5256] ioctl(4, LOOP_SET_FD, 3 [pid 349] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./245/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5258] <... set_robust_list resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./245/bus" [pid 5258] chdir("./242" [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 5258] <... chdir resumed>) = 0 [pid 5257] ioctl(4, LOOP_SET_FD, 3 [pid 5256] <... ioctl resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./245" [pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5256] close(3 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./246", 0777 [pid 5258] <... prctl resumed>) = 0 [pid 5256] <... close resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5258] setpgid(0, 0) = 0 [pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5258] write(3, "1000", 4) = 4 [pid 5258] close(3) = 0 executing program [pid 5258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5258] write(1, "executing program\n", 18) = 18 [pid 5258] memfd_create("syzkaller", 0) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5258] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5256] close(4 [pid 5258] <... openat resumed>) = 4 [pid 5257] <... ioctl resumed>) = 0 [pid 5256] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 5258] ioctl(4, LOOP_SET_FD, 3 [pid 5257] close(3 [pid 5256] mkdir("./bus", 0777 [pid 349] ioctl(3, LOOP_CLR_FD [pid 5257] <... close resumed>) = 0 [pid 5256] <... mkdir resumed>) = 0 [pid 5257] close(4 [pid 5256] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5257] <... close resumed>) = 0 [pid 5254] <... mount resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 5257] mkdir("./bus", 0777 [pid 5258] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5254] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5254] chdir("./bus") = 0 [pid 5254] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5254] ioctl(4, LOOP_CLR_FD) = 0 [pid 5254] close(4) = 0 [pid 5254] memfd_create("syzkaller", 0) = 4 [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5257] <... mkdir resumed>) = 0 [pid 5257] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5265 [pid 5258] close(3) = 0 [pid 5258] close(4./strace-static-x86_64: Process 5265 attached [pid 5265] set_robust_list(0x555584fcf660, 24) = 0 [pid 5265] chdir("./246" [pid 5258] <... close resumed>) = 0 [pid 5258] mkdir("./bus", 0777 [pid 5265] <... chdir resumed>) = 0 [pid 5265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5265] setpgid(0, 0) = 0 [pid 5265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5265] write(3, "1000", 4) = 4 [pid 5265] close(3) = 0 [pid 5265] symlink("/dev/binderfs", "./binderfs" [pid 5258] <... mkdir resumed>) = 0 [pid 5258] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"executing program [pid 5265] <... symlink resumed>) = 0 [pid 5265] write(1, "executing program\n", 18) = 18 [pid 5265] memfd_create("syzkaller", 0) = 3 [pid 5265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5265] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5265] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5256] <... mount resumed>) = 0 [pid 5256] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] chdir("./bus") = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5265] <... openat resumed>) = 4 [pid 5265] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5265] close(3) = 0 [pid 5265] close(4 [pid 5256] <... openat resumed>) = 4 [pid 5256] ioctl(4, LOOP_CLR_FD [pid 5257] <... mount resumed>) = 0 [pid 5257] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5257] chdir("./bus") = 0 [pid 5257] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5258] <... mount resumed>) = 0 [pid 5258] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5258] chdir("./bus") = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 233.690748][ T5254] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/245/bus supports timestamps until (%ptR?) (0x7fffffff) [ 233.725425][ T5256] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/248/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5254] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5265] <... close resumed>) = 0 [pid 5257] <... openat resumed>) = 4 [pid 5256] <... ioctl resumed>) = 0 [pid 5265] mkdir("./bus", 0777 [pid 5257] ioctl(4, LOOP_CLR_FD [pid 5256] close(4 [pid 5265] <... mkdir resumed>) = 0 [pid 5257] <... ioctl resumed>) = 0 [pid 5256] <... close resumed>) = 0 [pid 5265] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5257] close(4 [pid 5256] memfd_create("syzkaller", 0 [pid 5257] <... close resumed>) = 0 [pid 5256] <... memfd_create resumed>) = 4 [pid 5257] memfd_create("syzkaller", 0 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5257] <... memfd_create resumed>) = 4 [pid 5256] <... mmap resumed>) = 0x7f7c475b3000 [pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5258] <... openat resumed>) = 4 [pid 5258] ioctl(4, LOOP_CLR_FD) = 0 [pid 5258] close(4) = 0 [pid 5258] memfd_create("syzkaller", 0) = 4 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 233.749734][ T5257] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/244/bus supports timestamps until (%ptR?) (0x7fffffff) [ 233.768604][ T5258] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/242/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5265] <... mount resumed>) = 0 [pid 5265] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5265] chdir("./bus") = 0 [pid 5265] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5265] ioctl(4, LOOP_CLR_FD) = 0 [pid 5265] close(4) = 0 [pid 5265] memfd_create("syzkaller", 0) = 4 [pid 5265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5254] <... write resumed>) = 20699119 [pid 5254] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5254] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5254] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5254] ioctl(5, LOOP_CLR_FD) = 0 [pid 5254] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5254] close(5) = 0 [ 233.850712][ T5265] ext4 filesystem being mounted at /root/syzkaller.53SCZU/246/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5254] close(4) = 0 [pid 5258] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5254] exit_group(0) = ? [pid 5254] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./245/binderfs") = 0 [pid 348] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5256] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5257] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./245/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./245/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./245/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./245") = 0 [pid 348] mkdir("./246", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5274 ./strace-static-x86_64: Process 5274 attached [pid 5274] set_robust_list(0x555584fcf660, 24) = 0 [pid 5274] chdir("./246") = 0 [pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5274] setpgid(0, 0) = 0 [pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5274] write(3, "1000", 4) = 4 [pid 5274] close(3) = 0 [pid 5274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5274] write(1, "executing program\n", 18executing program ) = 18 [pid 5274] memfd_create("syzkaller", 0) = 3 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5265] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5274] <... mmap resumed>) = 0x7f7c475b3000 [pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5274] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5274] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5274] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5274] close(3) = 0 [pid 5274] close(4) = 0 [pid 5274] mkdir("./bus", 0777) = 0 [pid 5274] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5258] <... write resumed>) = 20699119 [pid 5258] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5258] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5258] ioctl(5, LOOP_CLR_FD) = 0 [pid 5258] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5258] close(5) = 0 [pid 5258] close(4 [pid 5256] <... write resumed>) = 20699119 [pid 5256] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5256] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5256] ioctl(5, LOOP_CLR_FD) = 0 [pid 5256] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5256] close(5) = 0 [pid 5256] close(4 [pid 5274] <... mount resumed>) = 0 [pid 5257] <... write resumed>) = 20699119 [pid 5274] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5257] munmap(0x7f7c475b3000, 138412032 [pid 5274] <... openat resumed>) = 3 [pid 5257] <... munmap resumed>) = 0 [pid 5274] chdir("./bus") = 0 [pid 5257] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5274] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5257] <... openat resumed>) = 5 [pid 5274] <... openat resumed>) = 4 [pid 5274] ioctl(4, LOOP_CLR_FD [pid 5257] ioctl(5, LOOP_SET_FD, 4 [pid 5274] <... ioctl resumed>) = 0 [pid 5257] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5274] close(4 [pid 5257] ioctl(5, LOOP_CLR_FD [pid 5274] <... close resumed>) = 0 [pid 5257] <... ioctl resumed>) = 0 [pid 5274] memfd_create("syzkaller", 0) = 4 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5257] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5257] close(5) = 0 [pid 5257] close(4 [pid 5265] <... write resumed>) = 20699119 [pid 5265] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5265] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5265] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5265] ioctl(5, LOOP_CLR_FD) = 0 [pid 5265] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5265] close(5) = 0 [ 234.225644][ T5274] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/246/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5265] close(4 [pid 5258] <... close resumed>) = 0 [pid 5258] exit_group(0) = ? [pid 5258] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./242/binderfs") = 0 [pid 342] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5256] <... close resumed>) = 0 [pid 5256] exit_group(0) = ? [pid 5256] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./248/binderfs") = 0 [pid 343] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5265] <... close resumed>) = 0 [pid 5257] <... close resumed>) = 0 [pid 5265] exit_group(0 [pid 5257] exit_group(0 [pid 5265] <... exit_group resumed>) = ? [pid 5257] <... exit_group resumed>) = ? [pid 5265] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5265, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5257] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5257, si_uid=0, si_status=0, si_utime=2, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./242/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./242/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./242/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4 [pid 349] <... restart_syscall resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./242/bus" [pid 349] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... rmdir resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] getdents64(3, [pid 349] newfstatat(3, "", [pid 344] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] newfstatat(3, "", [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] getdents64(3, [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] close(3 [pid 349] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] getdents64(3, [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] newfstatat(AT_FDCWD, "./246/binderfs", [pid 344] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] rmdir("./242" [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] unlink("./246/binderfs" [pid 342] <... rmdir resumed>) = 0 [pid 344] newfstatat(AT_FDCWD, "./244/binderfs", [pid 349] <... unlink resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] mkdir("./243", 0777 [pid 349] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] unlink("./244/binderfs") = 0 [pid 344] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5274] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./248/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./248/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./248/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./248") = 0 [pid 343] mkdir("./249", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5274] <... write resumed>) = 20699119 [pid 5274] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5274] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 343] <... openat resumed>) = 3 [pid 349] <... umount2 resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] close(3 [pid 344] newfstatat(AT_FDCWD, "./244/bus", [pid 343] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5278 [pid 344] openat(AT_FDCWD, "./244/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./244/bus") = 0 [pid 349] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] getdents64(3, [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... openat resumed>) = 3 [pid 349] newfstatat(AT_FDCWD, "./246/bus", [pid 344] close(3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 5274] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... close resumed>) = 0 [pid 5274] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] rmdir("./244" [pid 5274] ioctl(5, LOOP_CLR_FD [pid 349] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... rmdir resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5274] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] mkdir("./245", 0777 [pid 349] openat(AT_FDCWD, "./246/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... mkdir resumed>) = 0 [pid 342] close(3./strace-static-x86_64: Process 5278 attached [pid 349] <... openat resumed>) = 4 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 342] <... close resumed>) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] newfstatat(4, "", [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5280 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5279 [pid 5274] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5274] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5274] close(5 [pid 349] close(4 [pid 5274] <... close resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5274] close(4 [pid 349] rmdir("./246/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./246"./strace-static-x86_64: Process 5279 attached ./strace-static-x86_64: Process 5280 attached ) = 0 [pid 5279] set_robust_list(0x555584fcf660, 24 [pid 349] mkdir("./247", 0777 [pid 5279] <... set_robust_list resumed>) = 0 [pid 5279] chdir("./243" [pid 349] <... mkdir resumed>) = 0 [pid 5279] <... chdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5279] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5279] <... prctl resumed>) = 0 [pid 349] close(3 [pid 5279] setpgid(0, 0 [pid 349] <... close resumed>) = 0 [pid 5279] <... setpgid resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5279] write(3, "1000", 4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5281 [pid 5279] <... write resumed>) = 4 [pid 5279] close(3 [pid 5278] set_robust_list(0x555584fcf660, 24 [pid 5280] set_robust_list(0x555584fcf660, 24 [pid 5279] <... close resumed>) = 0 [pid 5279] symlink("/dev/binderfs", "./binderfs" [pid 5280] <... set_robust_list resumed>) = 0 [pid 5279] <... symlink resumed>) = 0 [pid 5278] <... set_robust_list resumed>) = 0 [pid 5278] chdir("./249"./strace-static-x86_64: Process 5281 attached [pid 5281] set_robust_list(0x555584fcf660, 24 [pid 5280] chdir("./245" [pid 5278] <... chdir resumed>) = 0 [pid 5280] <... chdir resumed>) = 0 [pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5280] setpgid(0, 0 [pid 5278] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5280] <... setpgid resumed>) = 0 [pid 5281] <... set_robust_list resumed>) = 0 [pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5278] <... prctl resumed>) = 0 [pid 5280] <... openat resumed>) = 3 [pid 5279] write(1, "executing program\n", 18 [pid 5278] setpgid(0, 0executing program [pid 5281] chdir("./247" [pid 5280] write(3, "1000", 4 [pid 5279] <... write resumed>) = 18 [pid 5280] <... write resumed>) = 4 [pid 5279] memfd_create("syzkaller", 0 [pid 5281] <... chdir resumed>) = 0 [pid 5278] <... setpgid resumed>) = 0 [pid 5280] close(3 [pid 5279] <... memfd_create resumed>) = 3 [pid 5278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5280] <... close resumed>) = 0 [pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5280] symlink("/dev/binderfs", "./binderfs" [pid 5279] <... mmap resumed>) = 0x7f7c475b3000 executing program [pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5280] <... symlink resumed>) = 0 [pid 5279] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5278] <... openat resumed>) = 3 [pid 5280] write(1, "executing program\n", 18) = 18 [pid 5280] memfd_create("syzkaller", 0) = 3 [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5278] write(3, "1000", 4 [pid 5281] <... prctl resumed>) = 0 [pid 5278] <... write resumed>) = 4 [pid 5281] setpgid(0, 0 [pid 5278] close(3 [pid 5281] <... setpgid resumed>) = 0 [pid 5278] <... close resumed>) = 0 [pid 5278] symlink("/dev/binderfs", "./binderfs" [pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5279] <... write resumed>) = 262144 [pid 5278] <... symlink resumed>) = 0 executing program [pid 5278] write(1, "executing program\n", 18 [pid 5281] <... openat resumed>) = 3 [pid 5280] <... write resumed>) = 262144 [pid 5278] <... write resumed>) = 18 [pid 5279] munmap(0x7f7c475b3000, 138412032 [pid 5281] write(3, "1000", 4 [pid 5278] memfd_create("syzkaller", 0 [pid 5281] <... write resumed>) = 4 [pid 5279] <... munmap resumed>) = 0 [pid 5278] <... memfd_create resumed>) = 3 [pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5281] close(3 [pid 5278] <... mmap resumed>) = 0x7f7c475b3000 [pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5279] ioctl(4, LOOP_SET_FD, 3 [pid 5280] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5280] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5281] <... close resumed>) = 0 [pid 5278] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5281] symlink("/dev/binderfs", "./binderfs" [pid 5279] <... ioctl resumed>) = 0 [pid 5280] <... openat resumed>) = 4 [pid 5280] ioctl(4, LOOP_SET_FD, 3 [pid 5278] <... write resumed>) = 262144 [pid 5281] <... symlink resumed>) = 0 [pid 5278] munmap(0x7f7c475b3000, 138412032executing program [pid 5281] write(1, "executing program\n", 18) = 18 [pid 5278] <... munmap resumed>) = 0 [pid 5281] memfd_create("syzkaller", 0 [pid 5278] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5281] <... memfd_create resumed>) = 3 [pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5280] <... ioctl resumed>) = 0 [pid 5279] close(3 [pid 5278] <... openat resumed>) = 4 [pid 5280] close(3) = 0 [pid 5280] close(4) = 0 [pid 5280] mkdir("./bus", 0777) = 0 [pid 5280] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5278] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5278] close(3) = 0 [pid 5278] close(4 [pid 5281] munmap(0x7f7c475b3000, 138412032 [pid 5279] <... close resumed>) = 0 [pid 5281] <... munmap resumed>) = 0 [pid 5279] close(4 [pid 5281] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5280] <... mount resumed>) = 0 [pid 5280] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5280] chdir("./bus") = 0 [pid 5280] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5274] <... close resumed>) = 0 [pid 5274] exit_group(0) = ? [pid 5274] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=9, si_stime=7} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5278] <... close resumed>) = 0 [pid 5278] mkdir("./bus", 0777) = 0 [pid 5278] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5281] <... openat resumed>) = 4 [pid 5281] ioctl(4, LOOP_SET_FD, 3 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./246/binderfs") = 0 [pid 348] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5278] <... mount resumed>) = 0 [pid 5278] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5278] chdir("./bus") = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5279] <... close resumed>) = 0 [pid 5281] <... ioctl resumed>) = 0 [pid 5280] <... openat resumed>) = 4 [pid 5279] mkdir("./bus", 0777 [pid 5280] ioctl(4, LOOP_CLR_FD [pid 5279] <... mkdir resumed>) = 0 [pid 5281] close(3) = 0 [pid 5279] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 234.619002][ T5280] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/245/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5281] close(4) = 0 [pid 5281] mkdir("./bus", 0777) = 0 [pid 5280] <... ioctl resumed>) = 0 [pid 5281] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 234.658728][ T5278] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/249/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5280] close(4 [pid 5278] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 5280] <... close resumed>) = 0 [pid 348] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5280] memfd_create("syzkaller", 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5280] <... memfd_create resumed>) = 4 [pid 348] newfstatat(AT_FDCWD, "./246/bus", [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5280] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./246/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./246/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./246") = 0 [pid 348] mkdir("./247", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5293 [pid 5278] ioctl(4, LOOP_CLR_FD) = 0 [pid 5278] close(4) = 0 [pid 5278] memfd_create("syzkaller", 0) = 4 [pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5293 attached [pid 5293] set_robust_list(0x555584fcf660, 24) = 0 [pid 5293] chdir("./247") = 0 [pid 5293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5293] setpgid(0, 0) = 0 [pid 5293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5293] write(3, "1000", 4) = 4 [pid 5293] close(3) = 0 [pid 5293] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5293] write(1, "executing program\n", 18executing program ) = 18 [pid 5293] memfd_create("syzkaller", 0) = 3 [pid 5293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5281] <... mount resumed>) = 0 [pid 5281] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5279] <... mount resumed>) = 0 [pid 5281] <... openat resumed>) = 3 [pid 5279] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5281] chdir("./bus" [pid 5279] <... openat resumed>) = 3 [pid 5281] <... chdir resumed>) = 0 [pid 5279] chdir("./bus" [pid 5281] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5279] <... chdir resumed>) = 0 [pid 5281] <... openat resumed>) = 4 [pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5281] ioctl(4, LOOP_CLR_FD [pid 5279] <... openat resumed>) = 4 [pid 5281] <... ioctl resumed>) = 0 [pid 5279] ioctl(4, LOOP_CLR_FD [pid 5281] close(4 [pid 5279] <... ioctl resumed>) = 0 [pid 5281] <... close resumed>) = 0 [pid 5293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5293] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5293] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5293] ioctl(4, LOOP_SET_FD, 3 [pid 5281] memfd_create("syzkaller", 0 [pid 5279] close(4 [pid 5281] <... memfd_create resumed>) = 4 [pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5293] <... ioctl resumed>) = 0 [pid 5293] close(3) = 0 [pid 5293] close(4) = 0 [pid 5279] <... close resumed>) = 0 [pid 5293] mkdir("./bus", 0777) = 0 [pid 5293] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5279] memfd_create("syzkaller", 0) = 4 [pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5293] <... mount resumed>) = 0 [pid 5293] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5293] chdir("./bus") = 0 [pid 5293] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5293] ioctl(4, LOOP_CLR_FD) = 0 [pid 5293] close(4) = 0 [pid 5293] memfd_create("syzkaller", 0) = 4 [pid 5293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 234.756404][ T5279] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/243/bus supports timestamps until (%ptR?) (0x7fffffff) [ 234.782176][ T5281] ext4 filesystem being mounted at /root/syzkaller.53SCZU/247/bus supports timestamps until (%ptR?) (0x7fffffff) [ 234.836324][ T5293] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/247/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5280] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5278] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5281] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5293] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5279] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5280] <... write resumed>) = 20699119 [pid 5280] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5280] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5280] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5280] ioctl(5, LOOP_CLR_FD) = 0 [pid 5280] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5280] close(5) = 0 [pid 5280] close(4 [pid 5278] <... write resumed>) = 20699119 [pid 5278] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5278] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5278] ioctl(5, LOOP_CLR_FD) = 0 [pid 5278] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5278] close(5) = 0 [pid 5278] close(4 [pid 5281] <... write resumed>) = 20699119 [pid 5281] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5281] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5281] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5281] ioctl(5, LOOP_CLR_FD) = 0 [pid 5281] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5281] close(5) = 0 [pid 5281] close(4 [pid 5280] <... close resumed>) = 0 [pid 5280] exit_group(0) = ? [pid 5280] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=9, si_stime=10} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./245/binderfs") = 0 [pid 344] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5293] <... write resumed>) = 20699119 [pid 5279] <... write resumed>) = 20699119 [pid 5281] <... close resumed>) = 0 [pid 5293] munmap(0x7f7c475b3000, 138412032 [pid 5279] munmap(0x7f7c475b3000, 138412032 [pid 5281] exit_group(0 [pid 5293] <... munmap resumed>) = 0 [pid 5281] <... exit_group resumed>) = ? [pid 5279] <... munmap resumed>) = 0 [pid 5278] <... close resumed>) = 0 [pid 5293] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5281] +++ exited with 0 +++ [pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5281, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5278] exit_group(0) = ? [pid 349] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5278] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5278, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 349] getdents64(3, [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./247/binderfs") = 0 [pid 349] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./245/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./245/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./245/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./245") = 0 [pid 344] mkdir("./246", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5298 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./249/binderfs") = 0 [pid 343] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5298 attached [pid 5298] set_robust_list(0x555584fcf660, 24) = 0 [pid 5298] chdir("./246") = 0 [pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5298] setpgid(0, 0) = 0 [pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5298] write(3, "1000", 4) = 4 [pid 5298] close(3) = 0 [pid 5298] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5298] write(1, "executing program\n", 18executing program ) = 18 [pid 5298] memfd_create("syzkaller", 0) = 3 [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5298] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5293] <... openat resumed>) = 5 [pid 5279] <... openat resumed>) = 5 [pid 5293] ioctl(5, LOOP_SET_FD, 4 [pid 5279] ioctl(5, LOOP_SET_FD, 4 [pid 5293] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5279] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5293] ioctl(5, LOOP_CLR_FD [pid 5279] ioctl(5, LOOP_CLR_FD [pid 5293] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5293] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5293] close(5 [pid 5298] <... openat resumed>) = 4 [pid 5293] <... close resumed>) = 0 [pid 5279] <... ioctl resumed>) = 0 [pid 349] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./247/bus", [pid 343] newfstatat(AT_FDCWD, "./249/bus", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5293] close(4 [pid 5279] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5279] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] openat(AT_FDCWD, "./247/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./249/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5279] close(5 [pid 349] <... openat resumed>) = 4 [pid 343] <... openat resumed>) = 4 [pid 5279] <... close resumed>) = 0 [pid 349] newfstatat(4, "", [pid 343] newfstatat(4, "", [pid 5298] ioctl(4, LOOP_SET_FD, 3 [pid 5279] close(4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 343] getdents64(4, [pid 5298] <... ioctl resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5298] close(3 [pid 349] getdents64(4, [pid 343] getdents64(4, [pid 5298] <... close resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5298] close(4 [pid 349] close(4 [pid 343] close(4 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] rmdir("./247/bus" [pid 343] rmdir("./249/bus" [pid 349] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 343] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] rmdir("./247" [pid 343] rmdir("./249" [pid 349] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] mkdir("./248", 0777 [pid 343] mkdir("./250", 0777 [pid 349] <... mkdir resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5293] <... close resumed>) = 0 [pid 5293] exit_group(0) = ? [pid 5293] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5293, si_uid=0, si_status=0, si_utime=9, si_stime=10} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5279] <... close resumed>) = 0 [pid 5279] exit_group(0) = ? [pid 5279] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5279, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] <... restart_syscall resumed>) = 0 [pid 348] newfstatat(3, "", [pid 342] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./243/binderfs") = 0 [pid 342] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./247/binderfs" [pid 5298] <... close resumed>) = 0 [pid 5298] mkdir("./bus", 0777 [pid 342] <... umount2 resumed>) = 0 [pid 5298] <... mkdir resumed>) = 0 [pid 348] <... unlink resumed>) = 0 [pid 5298] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./243/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./243/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./243/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./243/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./243") = 0 [pid 342] mkdir("./244", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] close(3 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5300 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5301 [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5302 ./strace-static-x86_64: Process 5302 attached ./strace-static-x86_64: Process 5301 attached [pid 5302] set_robust_list(0x555584fcf660, 24 [pid 5301] set_robust_list(0x555584fcf660, 24) = 0 [pid 5302] <... set_robust_list resumed>) = 0 [pid 5302] chdir("./244" [pid 5301] chdir("./250") = 0 [pid 5302] <... chdir resumed>) = 0 [pid 5302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5302] <... prctl resumed>) = 0 [pid 5302] setpgid(0, 0 [pid 5301] setpgid(0, 0) = 0 [pid 5302] <... setpgid resumed>) = 0 [pid 5301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5301] <... openat resumed>) = 3 [pid 5301] write(3, "1000", 4 [pid 5302] write(3, "1000", 4 [pid 5301] <... write resumed>) = 4 [pid 5302] <... write resumed>) = 4 [pid 5301] close(3 [pid 5302] close(3 [pid 5301] <... close resumed>) = 0 [pid 5302] <... close resumed>) = 0 [pid 5302] symlink("/dev/binderfs", "./binderfs" [pid 5301] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5300 attached ) = 0 executing program [pid 5300] set_robust_list(0x555584fcf660, 24 [pid 5301] write(1, "executing program\n", 18) = 18 [pid 5301] memfd_create("syzkaller", 0 [pid 5300] <... set_robust_list resumed>) = 0 [pid 5300] chdir("./248" [pid 5301] <... memfd_create resumed>) = 3 [pid 5300] <... chdir resumed>) = 0 [pid 5300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5300] setpgid(0, 0 [pid 5301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5300] <... setpgid resumed>) = 0 [pid 5300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5300] <... openat resumed>) = 3 executing program [pid 5302] <... symlink resumed>) = 0 [pid 5302] write(1, "executing program\n", 18) = 18 [pid 5300] write(3, "1000", 4) = 4 [pid 5302] memfd_create("syzkaller", 0 [pid 5300] close(3) = 0 [pid 5301] <... write resumed>) = 262144 [pid 5300] symlink("/dev/binderfs", "./binderfs" [pid 5301] munmap(0x7f7c475b3000, 138412032 [pid 5302] <... memfd_create resumed>) = 3 [pid 5302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5300] <... symlink resumed>) = 0 [pid 5301] <... munmap resumed>) = 0 [pid 5300] write(1, "executing program\n", 18 [pid 5301] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 5300] <... write resumed>) = 18 [pid 5300] memfd_create("syzkaller", 0) = 3 [pid 5300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5302] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5300] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5300] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5298] <... mount resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./247/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./247/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./247/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./247" [pid 5302] <... openat resumed>) = 4 [pid 5301] <... openat resumed>) = 4 [pid 5300] <... openat resumed>) = 4 [pid 348] <... rmdir resumed>) = 0 [pid 5302] ioctl(4, LOOP_SET_FD, 3 [pid 348] mkdir("./248", 0777 [pid 5300] ioctl(4, LOOP_SET_FD, 3 [pid 5301] ioctl(4, LOOP_SET_FD, 3 [pid 5298] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5302] <... ioctl resumed>) = 0 [pid 5302] close(3) = 0 [pid 5302] close(4 [pid 5300] <... ioctl resumed>) = 0 [pid 5298] <... openat resumed>) = 3 [pid 5300] close(3 [pid 5301] <... ioctl resumed>) = 0 [pid 5300] <... close resumed>) = 0 [pid 5298] chdir("./bus" [pid 348] <... openat resumed>) = 3 [pid 5301] close(3 [pid 5300] close(4 [pid 348] ioctl(3, LOOP_CLR_FD [pid 5301] <... close resumed>) = 0 [pid 5301] close(4 [pid 5298] <... chdir resumed>) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5302] <... close resumed>) = 0 [pid 5302] mkdir("./bus", 0777) = 0 [ 235.498541][ T5298] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/246/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5302] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5301] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 5301] mkdir("./bus", 0777) = 0 [pid 5301] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5300] <... close resumed>) = 0 [pid 5298] <... openat resumed>) = 4 [pid 348] <... close resumed>) = 0 [pid 5298] ioctl(4, LOOP_CLR_FD [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5300] mkdir("./bus", 0777 [pid 5298] <... ioctl resumed>) = 0 [pid 5298] close(4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5308 [pid 5298] <... close resumed>) = 0 [pid 5298] memfd_create("syzkaller", 0 [pid 5300] <... mkdir resumed>) = 0 [pid 5298] <... memfd_create resumed>) = 4 [pid 5300] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5308 attached [pid 5308] set_robust_list(0x555584fcf660, 24) = 0 [pid 5308] chdir("./248") = 0 [pid 5308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5308] setpgid(0, 0) = 0 [pid 5308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5308] write(3, "1000", 4) = 4 [pid 5308] close(3) = 0 [pid 5308] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5308] write(1, "executing program\n", 18) = 18 [pid 5308] memfd_create("syzkaller", 0) = 3 [pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5308] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5308] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5308] close(3) = 0 [pid 5308] close(4 [pid 5300] <... mount resumed>) = 0 [pid 5300] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5302] <... mount resumed>) = 0 [pid 5302] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5300] <... openat resumed>) = 3 [pid 5302] <... openat resumed>) = 3 [pid 5300] chdir("./bus" [pid 5302] chdir("./bus" [pid 5300] <... chdir resumed>) = 0 [pid 5308] <... close resumed>) = 0 [pid 5302] <... chdir resumed>) = 0 [pid 5300] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5308] mkdir("./bus", 0777) = 0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5308] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5301] <... mount resumed>) = 0 [pid 5301] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5301] chdir("./bus") = 0 [pid 5301] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5298] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5300] <... openat resumed>) = 4 [pid 5302] <... openat resumed>) = 4 [pid 5302] ioctl(4, LOOP_CLR_FD [pid 5301] <... openat resumed>) = 4 [pid 5300] ioctl(4, LOOP_CLR_FD) = 0 [pid 5302] <... ioctl resumed>) = 0 [pid 5301] ioctl(4, LOOP_CLR_FD [pid 5302] close(4 [pid 5300] close(4 [pid 5301] <... ioctl resumed>) = 0 [pid 5302] <... close resumed>) = 0 [pid 5301] close(4 [pid 5300] <... close resumed>) = 0 [pid 5300] memfd_create("syzkaller", 0 [pid 5302] memfd_create("syzkaller", 0 [pid 5300] <... memfd_create resumed>) = 4 [pid 5302] <... memfd_create resumed>) = 4 [pid 5300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5301] <... close resumed>) = 0 [pid 5300] <... mmap resumed>) = 0x7f7c475b3000 [pid 5302] <... mmap resumed>) = 0x7f7c475b3000 [pid 5298] <... write resumed>) = 20699119 [pid 5298] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5298] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5298] ioctl(5, LOOP_CLR_FD) = 0 [pid 5301] memfd_create("syzkaller", 0) = 4 [pid 5301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 235.652433][ T5302] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/244/bus supports timestamps until (%ptR?) (0x7fffffff) [ 235.665494][ T5300] ext4 filesystem being mounted at /root/syzkaller.53SCZU/248/bus supports timestamps until (%ptR?) (0x7fffffff) [ 235.681709][ T5301] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/250/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5298] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5298] close(5) = 0 [pid 5298] close(4 [pid 5308] <... mount resumed>) = 0 [pid 5308] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5308] chdir("./bus") = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5308] ioctl(4, LOOP_CLR_FD) = 0 [pid 5308] close(4) = 0 [pid 5308] memfd_create("syzkaller", 0) = 4 [pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 235.769186][ T5308] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/248/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5298] <... close resumed>) = 0 [pid 5298] exit_group(0) = ? [pid 5298] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=4, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./246/binderfs") = 0 [pid 344] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 344] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./246/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./246/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./246/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./246") = 0 [pid 344] mkdir("./247", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5318 ./strace-static-x86_64: Process 5318 attached [pid 5318] set_robust_list(0x555584fcf660, 24) = 0 [pid 5318] chdir("./247") = 0 [pid 5318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5318] setpgid(0, 0) = 0 [pid 5318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5318] write(3, "1000", 4) = 4 [pid 5318] close(3) = 0 [pid 5318] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5318] write(1, "executing program\n", 18) = 18 [pid 5318] memfd_create("syzkaller", 0) = 3 [pid 5318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5318] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5318] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5318] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5318] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5318] close(3) = 0 [pid 5318] close(4 [pid 5302] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5300] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5318] <... close resumed>) = 0 [pid 5318] mkdir("./bus", 0777) = 0 [pid 5318] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5301] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5308] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5302] <... write resumed>) = 20699119 [pid 5302] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5302] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5302] ioctl(5, LOOP_CLR_FD) = 0 [pid 5318] <... mount resumed>) = 0 [pid 5318] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5318] chdir("./bus") = 0 [pid 5318] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5318] ioctl(4, LOOP_CLR_FD) = 0 [pid 5318] close(4 [pid 5302] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5302] close(5) = 0 [pid 5302] close(4 [pid 5318] <... close resumed>) = 0 [pid 5318] memfd_create("syzkaller", 0) = 4 [pid 5318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5301] <... write resumed>) = 20699119 [pid 5300] <... write resumed>) = 20699119 [pid 5301] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5301] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5301] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5301] ioctl(5, LOOP_CLR_FD) = 0 [pid 5300] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5301] ioctl(5, LOOP_SET_FD, 4 [pid 5300] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5301] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5300] <... openat resumed>) = 5 [ 236.131009][ T5318] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/247/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5301] close(5) = 0 [pid 5308] <... write resumed>) = 20699119 [pid 5308] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5308] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5308] ioctl(5, LOOP_CLR_FD) = 0 [pid 5301] close(4 [pid 5300] ioctl(5, LOOP_SET_FD, 4 [pid 5308] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5308] close(5) = 0 [pid 5308] close(4 [pid 5300] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5300] ioctl(5, LOOP_CLR_FD) = 0 [pid 5300] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5300] close(5) = 0 [pid 5300] close(4 [pid 5302] <... close resumed>) = 0 [pid 5302] exit_group(0) = ? [pid 5302] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5302, si_uid=0, si_status=0, si_utime=6, si_stime=9} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./244/binderfs") = 0 [pid 342] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 342] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./244/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./244/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./244/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./244/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./244") = 0 [pid 342] mkdir("./245", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5322 [pid 5308] <... close resumed>) = 0 ./strace-static-x86_64: Process 5322 attached [pid 5308] exit_group(0 [pid 5322] set_robust_list(0x555584fcf660, 24) = 0 [pid 5308] <... exit_group resumed>) = ? [pid 5322] chdir("./245") = 0 [pid 5322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5322] setpgid(0, 0) = 0 [pid 5322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5322] write(3, "1000", 4) = 4 [pid 5322] close(3) = 0 [pid 5322] symlink("/dev/binderfs", "./binderfs" [pid 5308] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5308, si_uid=0, si_status=0, si_utime=9, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>executing program [pid 5322] <... symlink resumed>) = 0 [pid 5322] write(1, "executing program\n", 18) = 18 [pid 5322] memfd_create("syzkaller", 0) = 3 [pid 348] <... restart_syscall resumed>) = 0 [pid 5322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./248/binderfs") = 0 [pid 348] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5322] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5322] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5301] <... close resumed>) = 0 [pid 5301] exit_group(0) = ? [pid 5301] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5301, si_uid=0, si_status=0, si_utime=9, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5300] <... close resumed>) = 0 [pid 5300] exit_group(0) = ? [pid 5300] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5300, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5318] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 349] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 349] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./248/binderfs") = 0 [pid 343] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./250/binderfs") = 0 [pid 343] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5322] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 5322] ioctl(4, LOOP_SET_FD, 3 [pid 348] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./248/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./248/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./248/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./248") = 0 [pid 348] mkdir("./249", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5318] <... write resumed>) = 20699119 [pid 5318] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5318] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5322] <... ioctl resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 5322] close(3 [pid 5318] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = 0 [pid 5322] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5322] close(4 [pid 348] close(3 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./250/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./250/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 349] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4 [pid 5318] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... close resumed>) = 0 [pid 5318] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] rmdir("./250/bus" [pid 5318] ioctl(5, LOOP_CLR_FD [pid 343] <... rmdir resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./250" [pid 349] newfstatat(AT_FDCWD, "./248/bus", [pid 343] <... rmdir resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] mkdir("./251", 0777 [pid 349] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./248/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./248/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./248") = 0 [pid 349] mkdir("./249", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5322] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 5322] mkdir("./bus", 0777 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5322] <... mkdir resumed>) = 0 [pid 5322] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5324 ./strace-static-x86_64: Process 5324 attached [pid 5324] set_robust_list(0x555584fcf660, 24) = 0 [pid 5324] chdir("./249") = 0 [pid 5324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5324] setpgid(0, 0) = 0 [pid 5324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5324] write(3, "1000", 4) = 4 [pid 5324] close(3) = 0 [pid 5324] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5324] write(1, "executing program\n", 18) = 18 [pid 5324] memfd_create("syzkaller", 0) = 3 [pid 5324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5324] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5324] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5318] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 5318] ioctl(5, LOOP_SET_FD, 4 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5318] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5318] close(5 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5325 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5326 [pid 5318] <... close resumed>) = 0 [pid 5318] close(4 [pid 5324] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5326 attached [pid 5326] set_robust_list(0x555584fcf660, 24) = 0 [pid 5326] chdir("./251") = 0 [pid 5326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5326] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5325 attached [pid 5324] <... ioctl resumed>) = 0 [pid 5324] close(3) = 0 [pid 5324] close(4) = 0 [pid 5324] mkdir("./bus", 0777) = 0 [pid 5324] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5326] write(3, "1000", 4) = 4 [pid 5326] close(3) = 0 [pid 5326] symlink("/dev/binderfs", "./binderfs" [pid 5325] set_robust_list(0x555584fcf660, 24) = 0 [pid 5325] chdir("./249") = 0 [pid 5325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5325] setpgid(0, 0) = 0 [pid 5325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5326] <... symlink resumed>) = 0 [pid 5325] <... openat resumed>) = 3 [pid 5325] write(3, "1000", 4) = 4 [pid 5325] close(3) = 0 [pid 5325] symlink("/dev/binderfs", "./binderfs" [pid 5326] write(1, "executing program\n", 18 [pid 5325] <... symlink resumed>) = 0 executing program [pid 5325] write(1, "executing program\n", 18) = 18 executing program [pid 5326] <... write resumed>) = 18 [pid 5325] memfd_create("syzkaller", 0) = 3 [pid 5325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5326] memfd_create("syzkaller", 0) = 3 [pid 5326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5326] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5325] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5325] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5325] ioctl(4, LOOP_SET_FD, 3 [pid 5326] <... write resumed>) = 262144 [pid 5326] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5326] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5322] <... mount resumed>) = 0 [pid 5322] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5322] chdir("./bus") = 0 [pid 5322] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5326] <... openat resumed>) = 4 [pid 5325] <... ioctl resumed>) = 0 [pid 5326] ioctl(4, LOOP_SET_FD, 3 [pid 5325] close(3) = 0 [pid 5325] close(4 [pid 5326] <... ioctl resumed>) = 0 [pid 5322] <... openat resumed>) = 4 [pid 5325] <... close resumed>) = 0 [pid 5322] ioctl(4, LOOP_CLR_FD [pid 5325] mkdir("./bus", 0777 [pid 5322] <... ioctl resumed>) = 0 [pid 5326] close(3 [pid 5325] <... mkdir resumed>) = 0 [pid 5322] close(4 [pid 5326] <... close resumed>) = 0 [pid 5322] <... close resumed>) = 0 [pid 5326] close(4 [pid 5322] memfd_create("syzkaller", 0 [pid 5325] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5322] <... memfd_create resumed>) = 4 [pid 5322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5324] <... mount resumed>) = 0 [pid 5324] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5324] chdir("./bus") = 0 [pid 5326] <... close resumed>) = 0 [pid 5326] mkdir("./bus", 0777) = 0 [pid 5326] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5324] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5324] ioctl(4, LOOP_CLR_FD) = 0 [pid 5324] close(4) = 0 [pid 5324] memfd_create("syzkaller", 0) = 4 [pid 5324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5318] <... close resumed>) = 0 [pid 5318] exit_group(0) = ? [pid 5318] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5318, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5326] <... mount resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5326] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 344] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5326] <... openat resumed>) = 3 [pid 5325] <... mount resumed>) = 0 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5326] chdir("./bus" [pid 5325] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5326] <... chdir resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5326] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5325] <... openat resumed>) = 3 [pid 344] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./247/binderfs") = 0 [pid 5326] <... openat resumed>) = 4 [pid 5325] chdir("./bus" [pid 344] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5326] ioctl(4, LOOP_CLR_FD) = 0 [pid 5326] close(4 [pid 5325] <... chdir resumed>) = 0 [ 236.563729][ T5322] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/245/bus supports timestamps until (%ptR?) (0x7fffffff) [ 236.593035][ T5324] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/249/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5326] <... close resumed>) = 0 [pid 5325] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5326] memfd_create("syzkaller", 0 [pid 5325] <... openat resumed>) = 4 [pid 5325] ioctl(4, LOOP_CLR_FD [pid 5326] <... memfd_create resumed>) = 4 [pid 5325] <... ioctl resumed>) = 0 [pid 5326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5325] close(4 [pid 5326] <... mmap resumed>) = 0x7f7c475b3000 [pid 5325] <... close resumed>) = 0 [pid 5325] memfd_create("syzkaller", 0) = 4 [pid 5325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./247/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./247/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./247/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./247") = 0 [pid 344] mkdir("./248", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5338 ./strace-static-x86_64: Process 5338 attached [pid 5338] set_robust_list(0x555584fcf660, 24) = 0 [pid 5338] chdir("./248") = 0 [pid 5338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5338] setpgid(0, 0) = 0 [pid 5338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5338] write(3, "1000", 4) = 4 [pid 5338] close(3) = 0 [pid 5338] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5338] write(1, "executing program\n", 18executing program ) = 18 [pid 5338] memfd_create("syzkaller", 0) = 3 [pid 5338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5338] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5338] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5338] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5338] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5338] close(3) = 0 [pid 5338] close(4) = 0 [ 236.647249][ T5325] ext4 filesystem being mounted at /root/syzkaller.53SCZU/249/bus supports timestamps until (%ptR?) (0x7fffffff) [ 236.661481][ T5326] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/251/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5338] mkdir("./bus", 0777) = 0 [pid 5338] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5322] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5324] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5338] <... mount resumed>) = 0 [pid 5338] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5338] chdir("./bus") = 0 [pid 5338] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5338] ioctl(4, LOOP_CLR_FD) = 0 [pid 5338] close(4) = 0 [pid 5338] memfd_create("syzkaller", 0) = 4 [pid 5338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 236.802303][ T5338] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/248/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5326] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5325] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5322] <... write resumed>) = 20699119 [pid 5322] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5322] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5322] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5322] ioctl(5, LOOP_CLR_FD) = 0 [pid 5322] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5322] close(5) = 0 [pid 5322] close(4 [pid 5324] <... write resumed>) = 20699119 [pid 5324] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5324] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5324] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5324] ioctl(5, LOOP_CLR_FD) = 0 [pid 5324] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5324] close(5) = 0 [pid 5324] close(4 [pid 5325] <... write resumed>) = 20699119 [pid 5325] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5325] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5325] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5325] ioctl(5, LOOP_CLR_FD) = 0 [pid 5325] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5325] close(5) = 0 [pid 5325] close(4 [pid 5338] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5326] <... write resumed>) = 20699119 [pid 5326] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5326] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5326] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5326] ioctl(5, LOOP_CLR_FD) = 0 [pid 5326] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5326] close(5) = 0 [pid 5322] <... close resumed>) = 0 [pid 5322] exit_group(0 [pid 5326] close(4 [pid 5322] <... exit_group resumed>) = ? [pid 5322] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5322, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./245/binderfs") = 0 [pid 342] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5324] <... close resumed>) = 0 [pid 5324] exit_group(0) = ? [pid 5324] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5324, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./249/binderfs") = 0 [pid 348] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./245/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./245/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./245/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./245/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./245") = 0 [pid 342] mkdir("./246", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5326] <... close resumed>) = 0 [pid 5325] <... close resumed>) = 0 [pid 5326] exit_group(0) = ? [pid 5325] exit_group(0) = ? [pid 5325] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5325, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 5326] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5326, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 349] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 349] newfstatat(3, "", [pid 343] newfstatat(3, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, [pid 343] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./249/binderfs", [pid 343] newfstatat(AT_FDCWD, "./251/binderfs", [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./249/binderfs" [pid 343] unlink("./251/binderfs" [pid 349] <... unlink resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 349] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5338] <... write resumed>) = 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 348] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] ioctl(3, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./249/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./249/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", [pid 5338] munmap(0x7f7c475b3000, 138412032 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5338] <... munmap resumed>) = 0 [pid 348] close(4 [pid 5338] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./249/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./249") = 0 [pid 348] mkdir("./250", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./251/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./251/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./251/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./251") = 0 [pid 343] mkdir("./252", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] close(3 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5342 ./strace-static-x86_64: Process 5342 attached [pid 5342] set_robust_list(0x555584fcf660, 24) = 0 [pid 5342] chdir("./250") = 0 [pid 5342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5342] setpgid(0, 0) = 0 [pid 5342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5342] write(3, "1000", 4) = 4 [pid 5342] close(3) = 0 [pid 5342] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5342] write(1, "executing program\n", 18) = 18 [pid 5342] memfd_create("syzkaller", 0) = 3 [pid 5342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5342] <... write resumed>) = 262144 [pid 5342] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5342] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5343 [pid 5342] <... openat resumed>) = 4 [pid 5342] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5342] close(3) = 0 [pid 5342] close(4./strace-static-x86_64: Process 5343 attached [pid 5343] set_robust_list(0x555584fcf660, 24) = 0 [pid 5343] chdir("./246") = 0 [pid 5343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5343] setpgid(0, 0) = 0 [pid 5343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5343] write(3, "1000", 4) = 4 [pid 5343] close(3) = 0 [pid 5343] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5343] write(1, "executing program\n", 18executing program ) = 18 [pid 5343] memfd_create("syzkaller", 0) = 3 [pid 5343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5343] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5343] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5342] <... close resumed>) = 0 [pid 5338] <... openat resumed>) = 5 [pid 343] <... openat resumed>) = 3 [pid 5342] mkdir("./bus", 0777 [pid 5338] ioctl(5, LOOP_SET_FD, 4 [pid 343] ioctl(3, LOOP_CLR_FD [pid 5342] <... mkdir resumed>) = 0 [pid 5338] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5342] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5338] ioctl(5, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = 0 [pid 343] close(3 [pid 349] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./249/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./249/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./249/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./249") = 0 [pid 349] mkdir("./250", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5338] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 343] <... close resumed>) = 0 [pid 5343] <... openat resumed>) = 4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5343] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5345 [pid 349] close(3 [pid 5338] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5338] close(5 [pid 5343] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5338] <... close resumed>) = 0 [pid 5343] close(3 [pid 5338] close(4 [pid 5343] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5343] close(4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5348 ./strace-static-x86_64: Process 5345 attached ./strace-static-x86_64: Process 5348 attached [pid 5345] set_robust_list(0x555584fcf660, 24) = 0 [pid 5348] set_robust_list(0x555584fcf660, 24 [pid 5345] chdir("./252" [pid 5348] <... set_robust_list resumed>) = 0 [pid 5345] <... chdir resumed>) = 0 [pid 5348] chdir("./250" [pid 5345] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5348] <... chdir resumed>) = 0 [pid 5345] <... prctl resumed>) = 0 [pid 5348] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5345] setpgid(0, 0 [pid 5348] <... prctl resumed>) = 0 [pid 5345] <... setpgid resumed>) = 0 [pid 5348] setpgid(0, 0 [pid 5345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5348] <... setpgid resumed>) = 0 [pid 5345] <... openat resumed>) = 3 [pid 5345] write(3, "1000", 4 [pid 5348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5345] <... write resumed>) = 4 [pid 5348] <... openat resumed>) = 3 [pid 5345] close(3 [pid 5348] write(3, "1000", 4 [pid 5345] <... close resumed>) = 0 [pid 5348] <... write resumed>) = 4 [pid 5345] symlink("/dev/binderfs", "./binderfs" [pid 5348] close(3) = 0 [pid 5345] <... symlink resumed>) = 0 [pid 5348] symlink("/dev/binderfs", "./binderfs" [pid 5345] write(1, "executing program\n", 18executing program [pid 5348] <... symlink resumed>) = 0 [pid 5345] <... write resumed>) = 18 [pid 5348] write(1, "executing program\n", 18executing program ) = 18 [pid 5345] memfd_create("syzkaller", 0 [pid 5348] memfd_create("syzkaller", 0) = 3 [pid 5345] <... memfd_create resumed>) = 3 [pid 5348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5348] <... mmap resumed>) = 0x7f7c475b3000 [pid 5345] <... mmap resumed>) = 0x7f7c475b3000 [pid 5342] <... mount resumed>) = 0 [pid 5342] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5342] chdir("./bus") = 0 [pid 5342] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5348] <... write resumed>) = 262144 [pid 5345] <... write resumed>) = 262144 [pid 5348] munmap(0x7f7c475b3000, 138412032 [pid 5345] munmap(0x7f7c475b3000, 138412032 [pid 5348] <... munmap resumed>) = 0 [pid 5345] <... munmap resumed>) = 0 [pid 5348] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5345] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5338] <... close resumed>) = 0 [pid 5338] exit_group(0) = ? [pid 5338] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5338, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5343] <... close resumed>) = 0 [pid 5342] <... openat resumed>) = 4 [pid 344] <... restart_syscall resumed>) = 0 [pid 5343] mkdir("./bus", 0777) = 0 [pid 5343] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5342] ioctl(4, LOOP_CLR_FD [pid 5348] <... openat resumed>) = 4 [pid 5342] <... ioctl resumed>) = 0 [pid 5345] <... openat resumed>) = 4 [pid 5342] close(4 [pid 5345] ioctl(4, LOOP_SET_FD, 3 [pid 5348] ioctl(4, LOOP_SET_FD, 3 [pid 344] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5345] <... ioctl resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5345] close(3) = 0 [pid 5345] close(4 [pid 344] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5348] <... ioctl resumed>) = 0 [pid 5348] close(3) = 0 [pid 5348] close(4 [pid 5342] <... close resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 5342] memfd_create("syzkaller", 0 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, [pid 5342] <... memfd_create resumed>) = 4 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5342] <... mmap resumed>) = 0x7f7c475b3000 [pid 344] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5343] <... mount resumed>) = 0 [pid 344] unlink("./248/binderfs") = 0 [pid 344] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5343] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5343] chdir("./bus") = 0 [ 237.404232][ T5342] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/250/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5343] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5348] <... close resumed>) = 0 [pid 5345] <... close resumed>) = 0 [pid 5348] mkdir("./bus", 0777 [pid 5345] mkdir("./bus", 0777 [pid 5348] <... mkdir resumed>) = 0 [pid 5345] <... mkdir resumed>) = 0 [pid 5348] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5345] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5342] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5342] munmap(0x7f7c475b3000, 138412032) = 0 [ 237.452380][ T5343] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/246/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5342] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5343] <... openat resumed>) = 4 [pid 5343] ioctl(4, LOOP_CLR_FD) = 0 [pid 5343] close(4 [pid 5342] <... openat resumed>) = 5 [pid 5342] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5342] ioctl(5, LOOP_CLR_FD) = 0 [pid 5343] <... close resumed>) = 0 [pid 5343] memfd_create("syzkaller", 0) = 4 [pid 5343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./248/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./248/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5342] ioctl(5, LOOP_SET_FD, 4 [pid 344] getdents64(4, [pid 5342] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5342] close(5 [pid 344] getdents64(4, [pid 5342] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5342] close(4 [pid 344] close(4) = 0 [pid 344] rmdir("./248/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./248") = 0 [pid 344] mkdir("./249", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5357 ./strace-static-x86_64: Process 5357 attached [pid 5357] set_robust_list(0x555584fcf660, 24) = 0 [pid 5357] chdir("./249") = 0 [pid 5357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5357] setpgid(0, 0) = 0 [pid 5357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5348] <... mount resumed>) = 0 [pid 5348] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5348] chdir("./bus") = 0 [pid 5348] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5357] write(3, "1000", 4 [pid 5348] <... openat resumed>) = 4 [pid 5348] ioctl(4, LOOP_CLR_FD) = 0 [pid 5348] close(4) = 0 [pid 5348] memfd_create("syzkaller", 0) = 4 [pid 5348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5357] <... write resumed>) = 4 [pid 5357] close(3) = 0 [pid 5357] symlink("/dev/binderfs", "./binderfs" [pid 5345] <... mount resumed>) = 0 executing program [pid 5357] <... symlink resumed>) = 0 [pid 5345] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5357] write(1, "executing program\n", 18 [pid 5345] <... openat resumed>) = 3 [pid 5357] <... write resumed>) = 18 [pid 5357] memfd_create("syzkaller", 0 [pid 5345] chdir("./bus" [pid 5357] <... memfd_create resumed>) = 3 [pid 5345] <... chdir resumed>) = 0 [pid 5357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5345] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5357] <... mmap resumed>) = 0x7f7c475b3000 [pid 5357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5345] <... openat resumed>) = 4 [pid 5357] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5345] ioctl(4, LOOP_CLR_FD [pid 5357] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5345] <... ioctl resumed>) = 0 [pid 5357] ioctl(4, LOOP_SET_FD, 3 [pid 5345] close(4 [pid 5357] <... ioctl resumed>) = 0 [pid 5345] <... close resumed>) = 0 [pid 5357] close(3) = 0 [pid 5345] memfd_create("syzkaller", 0 [pid 5357] close(4) = 0 [pid 5345] <... memfd_create resumed>) = 4 [pid 5357] mkdir("./bus", 0777 [pid 5345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5357] <... mkdir resumed>) = 0 [pid 5345] <... mmap resumed>) = 0x7f7c475b3000 [ 237.622907][ T5348] ext4 filesystem being mounted at /root/syzkaller.53SCZU/250/bus supports timestamps until (%ptR?) (0x7fffffff) [ 237.648507][ T5345] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/252/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5357] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5342] <... close resumed>) = 0 [pid 5342] exit_group(0) = ? [pid 5342] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5342, si_uid=0, si_status=0, si_utime=5, si_stime=9} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./250/binderfs") = 0 [pid 348] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5343] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5357] <... mount resumed>) = 0 [pid 5357] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5357] chdir("./bus") = 0 [pid 5357] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... umount2 resumed>) = 0 [pid 5357] <... openat resumed>) = 4 [pid 348] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5357] ioctl(4, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./250/bus", [pid 5357] <... ioctl resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5357] close(4 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./250/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5357] <... close resumed>) = 0 [pid 348] <... openat resumed>) = 4 [pid 5357] memfd_create("syzkaller", 0 [pid 348] newfstatat(4, "", [pid 5357] <... memfd_create resumed>) = 4 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] getdents64(4, [pid 5357] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./250/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./250") = 0 [pid 348] mkdir("./251", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5362 ./strace-static-x86_64: Process 5362 attached [pid 5362] set_robust_list(0x555584fcf660, 24) = 0 [pid 5362] chdir("./251") = 0 [pid 5362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5362] setpgid(0, 0) = 0 [pid 5362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5362] write(3, "1000", 4) = 4 [pid 5362] close(3) = 0 [pid 5362] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5362] write(1, "executing program\n", 18executing program ) = 18 [pid 5362] memfd_create("syzkaller", 0) = 3 [pid 5362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5362] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5362] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5362] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5362] ioctl(4, LOOP_SET_FD, 3 [pid 5345] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5348] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5362] <... ioctl resumed>) = 0 [pid 5362] close(3) = 0 [pid 5362] close(4) = 0 [pid 5362] mkdir("./bus", 0777) = 0 [ 237.777919][ T5357] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/249/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5362] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5343] <... write resumed>) = 20699119 [pid 5343] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5343] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5362] <... mount resumed>) = 0 [pid 5362] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5343] <... openat resumed>) = 5 [pid 5362] <... openat resumed>) = 3 [pid 5343] ioctl(5, LOOP_SET_FD, 4 [pid 5362] chdir("./bus" [pid 5343] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5362] <... chdir resumed>) = 0 [pid 5343] ioctl(5, LOOP_CLR_FD [pid 5362] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5343] <... ioctl resumed>) = 0 [pid 5362] <... openat resumed>) = 4 [pid 5362] ioctl(4, LOOP_CLR_FD) = 0 [pid 5362] close(4) = 0 [pid 5362] memfd_create("syzkaller", 0 [pid 5343] ioctl(5, LOOP_SET_FD, 4 [pid 5362] <... memfd_create resumed>) = 4 [pid 5343] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5343] close(5 [pid 5362] <... mmap resumed>) = 0x7f7c475b3000 [pid 5343] <... close resumed>) = 0 [ 237.905648][ T5362] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/251/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5343] close(4 [pid 5345] <... write resumed>) = 20699119 [pid 5345] munmap(0x7f7c475b3000, 138412032 [pid 5348] <... write resumed>) = 20699119 [pid 5348] munmap(0x7f7c475b3000, 138412032 [pid 5345] <... munmap resumed>) = 0 [pid 5357] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5348] <... munmap resumed>) = 0 [pid 5345] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5345] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5345] ioctl(5, LOOP_CLR_FD) = 0 [pid 5348] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5348] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5348] ioctl(5, LOOP_CLR_FD) = 0 [pid 5345] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5345] close(5) = 0 [pid 5348] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5348] close(5) = 0 [pid 5348] close(4 [pid 5345] close(4 [pid 5343] <... close resumed>) = 0 [pid 5343] exit_group(0) = ? [pid 5343] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5343, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./246/binderfs") = 0 [pid 342] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5348] <... close resumed>) = 0 [pid 5348] exit_group(0) = ? [pid 5348] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5348, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./250/binderfs") = 0 [pid 349] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5362] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./246/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./246/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./246/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./246/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./246") = 0 [pid 342] mkdir("./247", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5345] <... close resumed>) = 0 [pid 5345] exit_group(0) = ? [pid 5345] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5345, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./252/binderfs") = 0 [pid 343] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5357] <... write resumed>) = 20699119 [pid 5357] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5357] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./250/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./250/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./250/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./250") = 0 [pid 349] mkdir("./251", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5362] <... write resumed>) = 20699119 [pid 5362] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5362] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5357] <... openat resumed>) = 5 [pid 342] <... openat resumed>) = 3 [pid 5362] <... openat resumed>) = 5 [pid 5357] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5366 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3./strace-static-x86_64: Process 5366 attached [pid 5362] ioctl(5, LOOP_SET_FD, 4 [pid 5357] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... close resumed>) = 0 [pid 343] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./252/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./252/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./252/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./252") = 0 [pid 343] mkdir("./253", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5367 [pid 5366] set_robust_list(0x555584fcf660, 24 [pid 5362] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5357] ioctl(5, LOOP_CLR_FD [pid 5362] ioctl(5, LOOP_CLR_FD [pid 5357] <... ioctl resumed>) = 0 [pid 5362] <... ioctl resumed>) = 0 [pid 5366] <... set_robust_list resumed>) = 0 [pid 5366] chdir("./247") = 0 [pid 5366] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5366] setpgid(0, 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5368 [pid 5366] <... setpgid resumed>) = 0 [pid 5357] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5362] ioctl(5, LOOP_SET_FD, 4 [pid 5357] close(5 [pid 5362] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5357] <... close resumed>) = 0 [pid 5362] close(5) = 0 [pid 5357] close(4 [pid 5362] close(4 [pid 5366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5366] write(3, "1000", 4) = 4 [pid 5366] close(3) = 0 [pid 5366] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5366] write(1, "executing program\n", 18executing program ) = 18 [pid 5366] memfd_create("syzkaller", 0) = 3 [pid 5366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5367 attached [pid 5367] set_robust_list(0x555584fcf660, 24) = 0 [pid 5367] chdir("./253") = 0 ./strace-static-x86_64: Process 5368 attached [pid 5367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5368] set_robust_list(0x555584fcf660, 24 [pid 5367] setpgid(0, 0 [pid 5368] <... set_robust_list resumed>) = 0 [pid 5367] <... setpgid resumed>) = 0 [pid 5368] chdir("./251" [pid 5367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5368] <... chdir resumed>) = 0 [pid 5367] write(3, "1000", 4 [pid 5368] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5367] <... write resumed>) = 4 [pid 5368] <... prctl resumed>) = 0 [pid 5367] close(3 [pid 5366] <... write resumed>) = 262144 [pid 5368] setpgid(0, 0 [pid 5367] <... close resumed>) = 0 [pid 5367] symlink("/dev/binderfs", "./binderfs" [pid 5368] <... setpgid resumed>) = 0 [pid 5367] <... symlink resumed>) = 0 [pid 5368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5367] write(1, "executing program\n", 18executing program ) = 18 [pid 5366] munmap(0x7f7c475b3000, 138412032 [pid 5368] <... openat resumed>) = 3 [pid 5367] memfd_create("syzkaller", 0) = 3 [pid 5368] write(3, "1000", 4 [pid 5367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5368] <... write resumed>) = 4 [pid 5367] <... mmap resumed>) = 0x7f7c475b3000 [pid 5366] <... munmap resumed>) = 0 [pid 5366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5366] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5366] close(3) = 0 [pid 5366] close(4 [pid 5367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5367] munmap(0x7f7c475b3000, 138412032 [pid 5368] close(3) = 0 [pid 5367] <... munmap resumed>) = 0 [pid 5368] symlink("/dev/binderfs", "./binderfs" [pid 5367] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5368] <... symlink resumed>) = 0 executing program [pid 5368] write(1, "executing program\n", 18) = 18 [pid 5368] memfd_create("syzkaller", 0) = 3 [pid 5368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5368] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5368] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5367] <... openat resumed>) = 4 [pid 5366] <... close resumed>) = 0 [pid 5367] ioctl(4, LOOP_SET_FD, 3 [pid 5366] mkdir("./bus", 0777) = 0 [pid 5366] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5357] <... close resumed>) = 0 [pid 5357] exit_group(0) = ? [pid 5357] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5357, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5362] <... close resumed>) = 0 [pid 5362] exit_group(0) = ? [pid 5362] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5362, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./251/binderfs") = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 348] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./249/binderfs") = 0 [pid 344] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5368] <... openat resumed>) = 4 [pid 5367] <... ioctl resumed>) = 0 [pid 5368] ioctl(4, LOOP_SET_FD, 3 [pid 5367] close(3) = 0 [pid 5367] close(4 [pid 5368] <... ioctl resumed>) = 0 [pid 5368] close(3) = 0 [pid 5368] close(4 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./251/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./251/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./251/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./251") = 0 [pid 348] mkdir("./252", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5366] <... mount resumed>) = 0 [pid 5366] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5366] chdir("./bus") = 0 [pid 5366] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5368] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5367] <... close resumed>) = 0 [pid 5366] <... openat resumed>) = 4 [pid 348] <... openat resumed>) = 3 [pid 5368] mkdir("./bus", 0777 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5367] mkdir("./bus", 0777 [pid 5368] <... mkdir resumed>) = 0 [pid 5368] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5367] <... mkdir resumed>) = 0 [pid 344] newfstatat(AT_FDCWD, "./249/bus", [pid 5367] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./249/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./249/bus") = 0 [pid 5366] ioctl(4, LOOP_CLR_FD [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./249") = 0 [pid 344] mkdir("./250", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5375 [pid 5366] <... ioctl resumed>) = 0 [pid 5366] close(4) = 0 [pid 5366] memfd_create("syzkaller", 0 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5366] <... memfd_create resumed>) = 4 [pid 5366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3./strace-static-x86_64: Process 5375 attached ) = 0 [pid 5375] set_robust_list(0x555584fcf660, 24) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5375] chdir("./252") = 0 [pid 5375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5375] setpgid(0, 0) = 0 [pid 5375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5375] write(3, "1000", 4) = 4 [pid 5375] close(3) = 0 [pid 5375] symlink("/dev/binderfs", "./binderfs" [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5378 [ 238.428393][ T5366] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/247/bus supports timestamps until (%ptR?) (0x7fffffff) executing program executing program [pid 5375] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5378 attached [pid 5378] set_robust_list(0x555584fcf660, 24 [pid 5375] write(1, "executing program\n", 18) = 18 [pid 5378] <... set_robust_list resumed>) = 0 [pid 5378] chdir("./250" [pid 5375] memfd_create("syzkaller", 0 [pid 5378] <... chdir resumed>) = 0 [pid 5375] <... memfd_create resumed>) = 3 [pid 5378] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5378] <... prctl resumed>) = 0 [pid 5375] <... mmap resumed>) = 0x7f7c475b3000 [pid 5378] setpgid(0, 0 [pid 5375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5378] <... setpgid resumed>) = 0 [pid 5378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5378] write(3, "1000", 4) = 4 [pid 5378] close(3) = 0 [pid 5378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5378] write(1, "executing program\n", 18) = 18 [pid 5378] memfd_create("syzkaller", 0) = 3 [pid 5378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5375] <... write resumed>) = 262144 [pid 5375] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5378] <... write resumed>) = 262144 [pid 5375] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5375] ioctl(4, LOOP_SET_FD, 3 [pid 5378] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5375] <... ioctl resumed>) = 0 [pid 5375] close(3) = 0 [pid 5375] close(4 [pid 5368] <... mount resumed>) = 0 [pid 5368] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5368] chdir("./bus") = 0 [pid 5368] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5378] <... openat resumed>) = 4 [pid 5375] <... close resumed>) = 0 [pid 5378] ioctl(4, LOOP_SET_FD, 3 [pid 5375] mkdir("./bus", 0777 [pid 5368] <... openat resumed>) = 4 [pid 5375] <... mkdir resumed>) = 0 [pid 5368] ioctl(4, LOOP_CLR_FD [pid 5375] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5367] <... mount resumed>) = 0 [pid 5378] <... ioctl resumed>) = 0 [pid 5368] <... ioctl resumed>) = 0 [pid 5367] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5378] close(3 [pid 5368] close(4 [pid 5378] <... close resumed>) = 0 [pid 5367] <... openat resumed>) = 3 [pid 5378] close(4 [pid 5368] <... close resumed>) = 0 [pid 5367] chdir("./bus" [pid 5368] memfd_create("syzkaller", 0 [pid 5367] <... chdir resumed>) = 0 [pid 5368] <... memfd_create resumed>) = 4 [pid 5367] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5375] <... mount resumed>) = 0 [pid 5375] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5375] chdir("./bus") = 0 [pid 5375] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5378] <... close resumed>) = 0 [pid 5378] mkdir("./bus", 0777 [pid 5375] <... openat resumed>) = 4 [pid 5367] <... openat resumed>) = 4 [pid 5378] <... mkdir resumed>) = 0 [pid 5375] ioctl(4, LOOP_CLR_FD [pid 5367] ioctl(4, LOOP_CLR_FD [ 238.520269][ T5368] ext4 filesystem being mounted at /root/syzkaller.53SCZU/251/bus supports timestamps until (%ptR?) (0x7fffffff) [ 238.540066][ T5367] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/253/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5378] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5366] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5375] <... ioctl resumed>) = 0 [pid 5367] <... ioctl resumed>) = 0 [pid 5375] close(4 [pid 5367] close(4 [pid 5375] <... close resumed>) = 0 [pid 5367] <... close resumed>) = 0 [pid 5375] memfd_create("syzkaller", 0 [pid 5367] memfd_create("syzkaller", 0 [pid 5375] <... memfd_create resumed>) = 4 [pid 5367] <... memfd_create resumed>) = 4 [pid 5375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5375] <... mmap resumed>) = 0x7f7c475b3000 [pid 5367] <... mmap resumed>) = 0x7f7c475b3000 [ 238.578032][ T5375] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/252/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5368] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5378] <... mount resumed>) = 0 [pid 5378] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5378] chdir("./bus") = 0 [pid 5378] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5378] ioctl(4, LOOP_CLR_FD) = 0 [pid 5378] close(4) = 0 [pid 5378] memfd_create("syzkaller", 0) = 4 [pid 5378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 238.703745][ T5378] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/250/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5366] <... write resumed>) = 20699119 [pid 5366] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5366] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5366] ioctl(5, LOOP_CLR_FD) = 0 [pid 5366] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5366] close(5) = 0 [pid 5366] close(4 [pid 5367] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5375] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5368] <... write resumed>) = 20699119 [pid 5368] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5368] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5368] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5368] ioctl(5, LOOP_CLR_FD) = 0 [pid 5368] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5368] close(5) = 0 [pid 5368] close(4 [pid 5378] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5366] <... close resumed>) = 0 [pid 5366] exit_group(0) = ? [pid 5366] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5366, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./247/binderfs") = 0 [pid 342] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5368] <... close resumed>) = 0 [pid 5368] exit_group(0) = ? [pid 5368] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5368, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = 0 [pid 349] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./251/binderfs") = 0 [pid 349] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./247/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./247/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./247/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./247/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./247") = 0 [pid 342] mkdir("./248", 0777) = 0 [pid 5375] <... write resumed>) = 20699119 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5375] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5375] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 349] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./251/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./251/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./251/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 5375] <... openat resumed>) = 5 [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./251" [pid 5375] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5375] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] close(3 [pid 5375] ioctl(5, LOOP_CLR_FD [pid 342] <... close resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./252", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 5375] <... ioctl resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5386 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5387 [pid 5375] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5375] close(5) = 0 ./strace-static-x86_64: Process 5387 attached [pid 5375] close(4 [pid 5387] set_robust_list(0x555584fcf660, 24) = 0 [pid 5367] <... write resumed>) = 20699119 [pid 5367] munmap(0x7f7c475b3000, 138412032) = 0 ./strace-static-x86_64: Process 5386 attached [pid 5386] set_robust_list(0x555584fcf660, 24) = 0 [pid 5386] chdir("./248") = 0 [pid 5386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5386] setpgid(0, 0) = 0 [pid 5386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5386] write(3, "1000", 4) = 4 [pid 5386] close(3 [pid 5387] chdir("./252" [pid 5386] <... close resumed>) = 0 [pid 5386] symlink("/dev/binderfs", "./binderfs" [pid 5387] <... chdir resumed>) = 0 [pid 5387] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5387] setpgid(0, 0) = 0 [pid 5387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5387] write(3, "1000", 4) = 4 [pid 5387] close(3) = 0 [pid 5387] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5387] write(1, "executing program\n", 18) = 18 [pid 5387] memfd_create("syzkaller", 0) = 3 [pid 5387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5386] <... symlink resumed>) = 0 executing program [pid 5386] write(1, "executing program\n", 18) = 18 [pid 5386] memfd_create("syzkaller", 0 [pid 5387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5386] <... memfd_create resumed>) = 3 [pid 5386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5367] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5367] <... openat resumed>) = 5 [pid 5367] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5367] ioctl(5, LOOP_CLR_FD) = 0 [pid 5386] <... write resumed>) = 262144 [pid 5367] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5367] close(5) = 0 [pid 5387] <... write resumed>) = 262144 [pid 5387] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5387] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5387] ioctl(4, LOOP_SET_FD, 3 [pid 5367] close(4 [pid 5378] <... write resumed>) = 20699119 [pid 5386] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5386] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5387] <... ioctl resumed>) = 0 [pid 5387] close(3) = 0 [pid 5387] close(4) = 0 [pid 5387] mkdir("./bus", 0777 [pid 5378] munmap(0x7f7c475b3000, 138412032 [pid 5387] <... mkdir resumed>) = 0 [pid 5387] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5386] <... openat resumed>) = 4 [pid 5386] ioctl(4, LOOP_SET_FD, 3 [pid 5378] <... munmap resumed>) = 0 [pid 5378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5386] <... ioctl resumed>) = 0 [pid 5386] close(3) = 0 [pid 5386] close(4) = 0 [pid 5378] <... openat resumed>) = 5 [pid 5386] mkdir("./bus", 0777 [pid 5378] ioctl(5, LOOP_SET_FD, 4 [pid 5386] <... mkdir resumed>) = 0 [pid 5378] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5378] ioctl(5, LOOP_CLR_FD [pid 5387] <... mount resumed>) = 0 [pid 5386] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5387] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5387] chdir("./bus") = 0 [pid 5387] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5375] <... close resumed>) = 0 [pid 5375] exit_group(0) = ? [pid 5375] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5375, si_uid=0, si_status=0, si_utime=6, si_stime=10} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5367] <... close resumed>) = 0 [pid 5367] exit_group(0) = ? [pid 5367] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5367, si_uid=0, si_status=0, si_utime=8, si_stime=10} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./253/binderfs" [pid 348] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... unlink resumed>) = 0 [pid 343] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./252/binderfs") = 0 [pid 348] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5387] <... openat resumed>) = 4 [pid 5378] <... ioctl resumed>) = 0 [pid 5387] ioctl(4, LOOP_CLR_FD) = 0 [pid 5387] close(4) = 0 [pid 5378] ioctl(5, LOOP_SET_FD, 4 [pid 5387] memfd_create("syzkaller", 0 [pid 5378] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5378] close(5 [pid 5387] <... memfd_create resumed>) = 4 [pid 5387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5386] <... mount resumed>) = 0 [pid 5386] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5386] chdir("./bus") = 0 [ 239.122056][ T5387] ext4 filesystem being mounted at /root/syzkaller.53SCZU/252/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5386] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5387] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5387] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5387] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5378] <... close resumed>) = 0 [pid 5378] close(4 [pid 343] <... umount2 resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [ 239.208388][ T5386] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/248/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5387] <... openat resumed>) = 5 [pid 5387] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5387] ioctl(5, LOOP_CLR_FD) = 0 [pid 5386] <... openat resumed>) = 4 [pid 5386] ioctl(4, LOOP_CLR_FD) = 0 [pid 5386] close(4) = 0 [pid 5386] memfd_create("syzkaller", 0 [pid 5387] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5387] close(5) = 0 [pid 5387] close(4 [pid 348] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5386] <... memfd_create resumed>) = 4 [pid 5386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./253/bus", [pid 348] newfstatat(AT_FDCWD, "./252/bus", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./253/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] openat(AT_FDCWD, "./252/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... openat resumed>) = 4 [pid 348] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", [pid 348] newfstatat(4, "", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 343] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4 [pid 343] close(4 [pid 348] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 348] rmdir("./252/bus" [pid 343] rmdir("./253/bus" [pid 348] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 348] getdents64(3, [pid 343] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3 [pid 343] close(3 [pid 348] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 348] rmdir("./252" [pid 343] rmdir("./253" [pid 348] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 348] mkdir("./253", 0777 [pid 343] mkdir("./254", 0777 [pid 348] <... mkdir resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 343] close(3 [pid 348] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5394 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5395 ./strace-static-x86_64: Process 5394 attached [pid 5394] set_robust_list(0x555584fcf660, 24) = 0 ./strace-static-x86_64: Process 5395 attached [pid 5394] chdir("./253" [pid 5395] set_robust_list(0x555584fcf660, 24) = 0 [pid 5395] chdir("./254") = 0 [pid 5395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5395] setpgid(0, 0) = 0 [pid 5395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5395] write(3, "1000", 4) = 4 [pid 5394] <... chdir resumed>) = 0 [pid 5395] close(3 [pid 5394] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5395] <... close resumed>) = 0 [pid 5395] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5394] <... prctl resumed>) = 0 [pid 5394] setpgid(0, 0 [pid 5395] write(1, "executing program\n", 18 [pid 5394] <... setpgid resumed>) = 0 executing program [pid 5395] <... write resumed>) = 18 [pid 5395] memfd_create("syzkaller", 0) = 3 [pid 5395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5394] write(3, "1000", 4) = 4 [pid 5394] close(3) = 0 [pid 5394] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5394] write(1, "executing program\n", 18) = 18 [pid 5394] memfd_create("syzkaller", 0) = 3 [pid 5394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5395] <... write resumed>) = 262144 [pid 5395] munmap(0x7f7c475b3000, 138412032 [pid 5394] <... write resumed>) = 262144 [pid 5394] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5394] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5394] ioctl(4, LOOP_SET_FD, 3 [pid 5395] <... munmap resumed>) = 0 [pid 5395] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5394] <... ioctl resumed>) = 0 [pid 5395] <... openat resumed>) = 4 [pid 5395] ioctl(4, LOOP_SET_FD, 3 [pid 5394] close(3) = 0 [pid 5394] close(4 [pid 5395] <... ioctl resumed>) = 0 [pid 5395] close(3) = 0 [pid 5395] close(4) = 0 [pid 5395] mkdir("./bus", 0777) = 0 [pid 5395] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5394] <... close resumed>) = 0 [pid 5394] mkdir("./bus", 0777) = 0 [pid 5394] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5395] <... mount resumed>) = 0 [pid 5395] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5395] chdir("./bus") = 0 [pid 5395] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5395] ioctl(4, LOOP_CLR_FD) = 0 [pid 5395] close(4) = 0 [pid 5395] memfd_create("syzkaller", 0) = 4 [pid 5395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5378] <... close resumed>) = 0 [pid 5394] <... mount resumed>) = 0 [pid 5394] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5378] exit_group(0 [pid 5394] <... openat resumed>) = 3 [pid 5378] <... exit_group resumed>) = ? [pid 5394] chdir("./bus" [pid 5378] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5378, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 5394] <... chdir resumed>) = 0 [pid 5394] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5394] <... openat resumed>) = 4 [pid 5394] ioctl(4, LOOP_CLR_FD) = 0 [pid 5394] close(4) = 0 [pid 5394] memfd_create("syzkaller", 0) = 4 [pid 5394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./250/binderfs") = 0 [pid 344] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5387] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5387] exit_group(0) = ? [pid 344] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5387] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5387, si_uid=0, si_status=0, si_utime=4, si_stime=10} --- [pid 349] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 3 [pid 344] newfstatat(AT_FDCWD, "./250/bus", [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] getdents64(3, [pid 344] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./250/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(AT_FDCWD, "./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... openat resumed>) = 4 [pid 349] unlink("./252/binderfs" [pid 344] newfstatat(4, "", [pid 349] <... unlink resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./250/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./250") = 0 [pid 344] mkdir("./251", 0777) = 0 [ 239.391596][ T5394] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/253/bus supports timestamps until (%ptR?) (0x7fffffff) [ 239.391603][ T5395] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/254/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5402 ./strace-static-x86_64: Process 5402 attached [pid 5402] set_robust_list(0x555584fcf660, 24) = 0 [pid 5402] chdir("./251") = 0 [pid 5402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5402] setpgid(0, 0) = 0 [pid 5402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5402] write(3, "1000", 4) = 4 [pid 5402] close(3) = 0 [pid 5402] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5402] write(1, "executing program\n", 18executing program ) = 18 [pid 5402] memfd_create("syzkaller", 0) = 3 [pid 5402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5402] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5402] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5386] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5402] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./252/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5402] ioctl(4, LOOP_SET_FD, 3 [pid 349] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./252/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./252/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./252") = 0 [pid 349] mkdir("./253", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5402] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 5402] close(3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5402] <... close resumed>) = 0 [pid 349] close(3 [pid 5402] close(4 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5402] <... close resumed>) = 0 [pid 5402] mkdir("./bus", 0777 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5404 [pid 5402] <... mkdir resumed>) = 0 [pid 5402] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"./strace-static-x86_64: Process 5404 attached [pid 5404] set_robust_list(0x555584fcf660, 24) = 0 [pid 5404] chdir("./253") = 0 [pid 5404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5404] setpgid(0, 0) = 0 [pid 5404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5404] write(3, "1000", 4) = 4 [pid 5404] close(3) = 0 [pid 5404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5404] write(1, "executing program\n", 18executing program ) = 18 [pid 5404] memfd_create("syzkaller", 0) = 3 [pid 5404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5404] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5404] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5404] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5404] close(3) = 0 [pid 5404] close(4) = 0 [pid 5404] mkdir("./bus", 0777) = 0 [pid 5404] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5395] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5402] <... mount resumed>) = 0 [pid 5402] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5402] chdir("./bus") = 0 [pid 5402] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5402] ioctl(4, LOOP_CLR_FD) = 0 [pid 5402] close(4 [pid 5394] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5386] <... write resumed>) = 20699119 [pid 5386] munmap(0x7f7c475b3000, 138412032 [pid 5402] <... close resumed>) = 0 [pid 5402] memfd_create("syzkaller", 0) = 4 [pid 5386] <... munmap resumed>) = 0 [pid 5386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5386] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5386] ioctl(5, LOOP_CLR_FD) = 0 [pid 5402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5386] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5386] close(5) = 0 [pid 5386] close(4 [pid 5404] <... mount resumed>) = 0 [pid 5404] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5404] chdir("./bus") = 0 [pid 5404] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5404] ioctl(4, LOOP_CLR_FD) = 0 [pid 5404] close(4) = 0 [pid 5404] memfd_create("syzkaller", 0) = 4 [pid 5404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 239.599448][ T5402] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/251/bus supports timestamps until (%ptR?) (0x7fffffff) [ 239.623515][ T5404] ext4 filesystem being mounted at /root/syzkaller.53SCZU/253/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5386] <... close resumed>) = 0 [pid 5386] exit_group(0) = ? [pid 5386] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5386, si_uid=0, si_status=0, si_utime=8, si_stime=8} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./248/binderfs") = 0 [pid 342] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5394] <... write resumed>) = 20699119 [pid 5394] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5394] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 342] <... umount2 resumed>) = 0 [pid 5394] ioctl(5, LOOP_SET_FD, 4 [pid 342] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5394] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5394] ioctl(5, LOOP_CLR_FD [pid 342] newfstatat(AT_FDCWD, "./248/bus", [pid 5394] <... ioctl resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./248/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./248/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 5394] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5394] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5394] close(5 [pid 342] getdents64(4, [pid 5394] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5395] <... write resumed>) = 20699119 [pid 5395] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5394] close(4 [pid 342] close(4 [pid 5395] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5395] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5395] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./248/bus" [pid 5395] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./248" [pid 5395] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5395] close(5 [pid 342] <... rmdir resumed>) = 0 [pid 5395] <... close resumed>) = 0 [pid 5395] close(4 [pid 342] mkdir("./249", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5410 ./strace-static-x86_64: Process 5410 attached [pid 5410] set_robust_list(0x555584fcf660, 24) = 0 [pid 5410] chdir("./249") = 0 [pid 5410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5410] setpgid(0, 0) = 0 [pid 5410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5410] write(3, "1000", 4) = 4 [pid 5410] close(3) = 0 [pid 5410] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5410] write(1, "executing program\n", 18executing program ) = 18 [pid 5410] memfd_create("syzkaller", 0) = 3 [pid 5410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5402] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5410] <... write resumed>) = 262144 [pid 5410] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5410] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5410] close(3) = 0 [pid 5410] close(4) = 0 [pid 5410] mkdir("./bus", 0777) = 0 [pid 5410] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 5410] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5410] chdir("./bus") = 0 [pid 5410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5410] ioctl(4, LOOP_CLR_FD) = 0 [pid 5410] close(4) = 0 [pid 5410] memfd_create("syzkaller", 0) = 4 [pid 5410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5394] <... close resumed>) = 0 [pid 5394] exit_group(0) = ? [pid 5394] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5394, si_uid=0, si_status=0, si_utime=8, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5404] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./253/binderfs") = 0 [pid 348] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5402] <... write resumed>) = 20699119 [pid 5402] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5395] <... close resumed>) = 0 [pid 5402] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5395] exit_group(0) = ? [pid 5395] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5395, si_uid=0, si_status=0, si_utime=6, si_stime=8} --- [pid 343] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./254/binderfs") = 0 [ 239.897966][ T5410] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/249/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 5402] <... openat resumed>) = 5 [pid 348] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5402] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5402] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] newfstatat(AT_FDCWD, "./253/bus", [pid 5402] ioctl(5, LOOP_CLR_FD [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./253/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./253/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./253") = 0 [pid 348] mkdir("./254", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5404] <... write resumed>) = 20699119 [pid 5404] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5404] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5410] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5402] <... ioctl resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./254/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./254/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./254/bus") = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./254" [pid 348] close(3 [pid 343] <... rmdir resumed>) = 0 [pid 343] mkdir("./255", 0777 [pid 348] <... close resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 5402] ioctl(5, LOOP_SET_FD, 4 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5402] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5414 [pid 5404] <... openat resumed>) = 5 [pid 5404] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5404] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5414 attached [pid 5414] set_robust_list(0x555584fcf660, 24 [pid 5402] close(5 [pid 5414] <... set_robust_list resumed>) = 0 [pid 5414] chdir("./255") = 0 [pid 5414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5402] <... close resumed>) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5415 [pid 5414] setpgid(0, 0) = 0 [pid 5414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5414] write(3, "1000", 4) = 4 [pid 5404] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5404] close(5) = 0 [pid 5404] close(4 [pid 5402] close(4executing program executing program [pid 5414] close(3) = 0 [pid 5414] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5414] write(1, "executing program\n", 18) = 18 [pid 5414] memfd_create("syzkaller", 0) = 3 [pid 5414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5415 attached [pid 5415] set_robust_list(0x555584fcf660, 24 [pid 5414] <... write resumed>) = 262144 [pid 5415] <... set_robust_list resumed>) = 0 [pid 5415] chdir("./254") = 0 [pid 5415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5415] setpgid(0, 0) = 0 [pid 5415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5415] write(3, "1000", 4) = 4 [pid 5415] close(3) = 0 [pid 5415] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5415] write(1, "executing program\n", 18) = 18 [pid 5415] memfd_create("syzkaller", 0) = 3 [pid 5414] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5414] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5414] ioctl(4, LOOP_SET_FD, 3 [pid 5415] <... write resumed>) = 262144 [pid 5415] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5415] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5414] <... ioctl resumed>) = 0 [pid 5414] close(3) = 0 [pid 5414] close(4 [pid 5415] <... openat resumed>) = 4 [pid 5414] <... close resumed>) = 0 [pid 5415] ioctl(4, LOOP_SET_FD, 3 [pid 5414] mkdir("./bus", 0777) = 0 [pid 5414] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5404] <... close resumed>) = 0 [pid 5415] <... ioctl resumed>) = 0 [pid 5415] close(3) = 0 [pid 5415] close(4 [pid 5410] <... write resumed>) = 20699119 [pid 5404] exit_group(0) = ? [pid 5404] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5404, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5410] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5402] <... close resumed>) = 0 [pid 5410] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5402] exit_group(0) = ? [pid 349] <... restart_syscall resumed>) = 0 [pid 5402] +++ exited with 0 +++ [pid 349] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5402, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 349] <... openat resumed>) = 3 [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./253/binderfs" [pid 5415] <... close resumed>) = 0 [pid 349] <... unlink resumed>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 5415] mkdir("./bus", 0777 [pid 349] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5415] <... mkdir resumed>) = 0 [pid 5415] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./251/binderfs") = 0 [pid 344] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5414] <... mount resumed>) = 0 [pid 5414] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5414] chdir("./bus") = 0 [pid 5414] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5410] <... openat resumed>) = 5 [pid 5410] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5410] ioctl(5, LOOP_CLR_FD) = 0 [pid 5410] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5410] close(5) = 0 [pid 5410] close(4 [pid 5415] <... mount resumed>) = 0 [pid 5415] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5415] chdir("./bus") = 0 [pid 5415] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5410] <... close resumed>) = 0 [pid 5410] exit_group(0) = ? [pid 5410] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5410, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] <... umount2 resumed>) = 0 [pid 342] newfstatat(3, "", [pid 349] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] getdents64(3, [pid 349] newfstatat(AT_FDCWD, "./253/bus", [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./249/binderfs", [pid 349] openat(AT_FDCWD, "./253/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... openat resumed>) = 4 [pid 342] unlink("./249/binderfs" [pid 349] newfstatat(4, "", [pid 342] <... unlink resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./253/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./253") = 0 [pid 349] mkdir("./254", 0777) = 0 [ 240.171238][ T5414] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/255/bus supports timestamps until (%ptR?) (0x7fffffff) [ 240.199458][ T5415] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/254/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5414] <... openat resumed>) = 4 [pid 5414] ioctl(4, LOOP_CLR_FD [pid 349] <... openat resumed>) = 3 [pid 5414] <... ioctl resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = 0 [pid 5414] close(4 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5422 [pid 344] newfstatat(AT_FDCWD, "./251/bus", ./strace-static-x86_64: Process 5422 attached [pid 5415] <... openat resumed>) = 4 [pid 5414] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5422] set_robust_list(0x555584fcf660, 24 [pid 5415] ioctl(4, LOOP_CLR_FD [pid 5414] memfd_create("syzkaller", 0 [pid 344] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5422] <... set_robust_list resumed>) = 0 [pid 5415] <... ioctl resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5422] chdir("./254" [pid 5415] close(4 [pid 344] openat(AT_FDCWD, "./251/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5422] <... chdir resumed>) = 0 [pid 5415] <... close resumed>) = 0 [pid 344] <... openat resumed>) = 4 [pid 5422] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5415] memfd_create("syzkaller", 0 [pid 344] newfstatat(4, "", [pid 5422] <... prctl resumed>) = 0 [pid 5415] <... memfd_create resumed>) = 4 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5422] setpgid(0, 0 [pid 5415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] getdents64(4, [pid 5422] <... setpgid resumed>) = 0 [pid 5415] <... mmap resumed>) = 0x7f7c475b3000 [pid 5414] <... memfd_create resumed>) = 4 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] getdents64(4, [pid 342] <... umount2 resumed>) = 0 [pid 5422] <... openat resumed>) = 3 [pid 5414] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5422] write(3, "1000", 4 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./249/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./249/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./249/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4 [pid 5422] <... write resumed>) = 4 [pid 344] close(4 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./249/bus" [pid 5422] close(3 [pid 344] <... close resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./249" [pid 5422] <... close resumed>) = 0 [pid 344] rmdir("./251/bus" [pid 342] <... rmdir resumed>) = 0 [pid 342] mkdir("./250", 0777 [pid 5422] symlink("/dev/binderfs", "./binderfs" [pid 344] <... rmdir resumed>) = 0 [pid 342] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3 [pid 5422] <... symlink resumed>) = 0 [pid 344] getdents64(3, [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5422] write(1, "executing program\n", 18 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5423 executing program [pid 5422] <... write resumed>) = 18 [pid 344] close(3 [pid 5422] memfd_create("syzkaller", 0 [pid 344] <... close resumed>) = 0 [pid 5422] <... memfd_create resumed>) = 3 [pid 344] rmdir("./251" [pid 5422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... rmdir resumed>) = 0 [pid 5422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 344] mkdir("./252", 0777) = 0 [pid 5422] <... write resumed>) = 262144 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5422] munmap(0x7f7c475b3000, 138412032 [pid 344] <... openat resumed>) = 3 [pid 5422] <... munmap resumed>) = 0 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5422] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 344] close(3 [pid 5422] ioctl(4, LOOP_SET_FD, 3 [pid 344] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5425 ./strace-static-x86_64: Process 5423 attached [pid 5423] set_robust_list(0x555584fcf660, 24) = 0 [pid 5423] chdir("./250") = 0 [pid 5423] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5423] setpgid(0, 0) = 0 [pid 5423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5423] write(3, "1000", 4) = 4 [pid 5423] close(3) = 0 [pid 5423] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5423] write(1, "executing program\n", 18executing program ) = 18 [pid 5423] memfd_create("syzkaller", 0) = 3 [pid 5423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5423] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5425 attached [pid 5425] set_robust_list(0x555584fcf660, 24) = 0 [pid 5425] chdir("./252") = 0 [pid 5423] <... write resumed>) = 262144 [pid 5422] <... ioctl resumed>) = 0 [pid 5423] munmap(0x7f7c475b3000, 138412032 [pid 5422] close(3) = 0 [pid 5422] close(4) = 0 [pid 5422] mkdir("./bus", 0777) = 0 [pid 5423] <... munmap resumed>) = 0 [pid 5422] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5423] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5423] ioctl(4, LOOP_SET_FD, 3 [pid 5425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5425] setpgid(0, 0) = 0 [pid 5425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5423] <... ioctl resumed>) = 0 [pid 5423] close(3) = 0 [pid 5423] close(4) = 0 [pid 5425] <... openat resumed>) = 3 [pid 5423] mkdir("./bus", 0777 [pid 5425] write(3, "1000", 4 [pid 5423] <... mkdir resumed>) = 0 [pid 5425] <... write resumed>) = 4 [pid 5423] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5425] close(3) = 0 executing program [pid 5425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5425] write(1, "executing program\n", 18) = 18 [pid 5425] memfd_create("syzkaller", 0) = 3 [pid 5425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5425] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5425] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5425] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5425] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5425] close(3) = 0 [pid 5425] close(4) = 0 [pid 5425] mkdir("./bus", 0777) = 0 [pid 5425] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5423] <... mount resumed>) = 0 [pid 5423] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5423] chdir("./bus") = 0 [pid 5423] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5423] ioctl(4, LOOP_CLR_FD) = 0 [pid 5423] close(4) = 0 [pid 5423] memfd_create("syzkaller", 0) = 4 [pid 5423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5422] <... mount resumed>) = 0 [pid 5422] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5422] chdir("./bus") = 0 [pid 5422] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5422] ioctl(4, LOOP_CLR_FD) = 0 [pid 5422] close(4 [pid 5415] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5422] <... close resumed>) = 0 [pid 5422] memfd_create("syzkaller", 0) = 4 [pid 5422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 240.448635][ T5423] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/250/bus supports timestamps until (%ptR?) (0x7fffffff) [ 240.462591][ T5422] ext4 filesystem being mounted at /root/syzkaller.53SCZU/254/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5425] <... mount resumed>) = 0 [pid 5425] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5425] chdir("./bus") = 0 [pid 5425] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5425] ioctl(4, LOOP_CLR_FD) = 0 [pid 5425] close(4) = 0 [pid 5425] memfd_create("syzkaller", 0) = 4 [pid 5425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 240.511705][ T5425] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/252/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5414] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5415] <... write resumed>) = 20699119 [pid 5415] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5415] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5415] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5415] ioctl(5, LOOP_CLR_FD) = 0 [pid 5415] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5415] close(5) = 0 [pid 5423] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5415] close(4 [pid 5422] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5415] <... close resumed>) = 0 [pid 5415] exit_group(0) = ? [pid 5415] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5415, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./254/binderfs") = 0 [pid 348] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5425] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5414] <... write resumed>) = 20699119 [pid 5414] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5414] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5422] <... write resumed>) = 20699119 [pid 5422] munmap(0x7f7c475b3000, 138412032 [pid 5414] <... openat resumed>) = 5 [pid 5414] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5414] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 5414] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5414] close(5) = 0 [pid 5414] close(4 [pid 5423] <... write resumed>) = 20699119 [pid 5422] <... munmap resumed>) = 0 [pid 348] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5423] munmap(0x7f7c475b3000, 138412032 [pid 5422] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] newfstatat(AT_FDCWD, "./254/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5422] <... openat resumed>) = 5 [pid 5422] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5422] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./254/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5422] ioctl(5, LOOP_CLR_FD [pid 348] <... openat resumed>) = 4 [pid 5422] <... ioctl resumed>) = 0 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5422] ioctl(5, LOOP_SET_FD, 4 [pid 348] close(4 [pid 5422] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... close resumed>) = 0 [pid 5422] close(5 [pid 348] rmdir("./254/bus" [pid 5422] <... close resumed>) = 0 [pid 5423] <... munmap resumed>) = 0 [pid 5422] close(4 [pid 348] <... rmdir resumed>) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./254") = 0 [pid 348] mkdir("./255", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 5423] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5423] <... openat resumed>) = 5 [pid 5423] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5434 [pid 5423] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5423] ioctl(5, LOOP_CLR_FD) = 0 [pid 5423] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5423] close(5) = 0 [pid 5423] close(4./strace-static-x86_64: Process 5434 attached [pid 5434] set_robust_list(0x555584fcf660, 24) = 0 [pid 5434] chdir("./255") = 0 [pid 5434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5434] setpgid(0, 0) = 0 [pid 5434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5434] write(3, "1000", 4) = 4 [pid 5434] close(3) = 0 [pid 5434] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5434] write(1, "executing program\n", 18executing program ) = 18 [pid 5434] memfd_create("syzkaller", 0) = 3 [pid 5434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5434] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5434] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5434] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5434] close(3) = 0 [pid 5434] close(4) = 0 [pid 5434] mkdir("./bus", 0777) = 0 [pid 5434] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5414] <... close resumed>) = 0 [pid 5414] exit_group(0) = ? [pid 5414] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5414, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5425] <... write resumed>) = 20699119 [pid 5425] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5425] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5434] <... mount resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 5425] <... openat resumed>) = 5 [pid 343] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5425] ioctl(5, LOOP_SET_FD, 4 [pid 343] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", [pid 5425] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5425] ioctl(5, LOOP_CLR_FD) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./255/binderfs") = 0 [pid 343] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5434] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5423] <... close resumed>) = 0 [pid 5422] <... close resumed>) = 0 [pid 5434] <... openat resumed>) = 3 [pid 5434] chdir("./bus") = 0 [pid 5434] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5425] ioctl(5, LOOP_SET_FD, 4 [pid 5422] exit_group(0) = ? [pid 5425] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5423] exit_group(0 [pid 5425] close(5 [pid 5423] <... exit_group resumed>) = ? [pid 5423] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5423, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5422] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5422, si_uid=0, si_status=0, si_utime=5, si_stime=10} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] <... restart_syscall resumed>) = 0 [pid 349] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", [pid 342] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] getdents64(3, [pid 342] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] newfstatat(3, "", [pid 349] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] getdents64(3, [pid 349] newfstatat(AT_FDCWD, "./254/binderfs", [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./254/binderfs" [pid 342] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... unlink resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./250/binderfs") = 0 [pid 342] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5434] <... openat resumed>) = 4 [pid 5425] <... close resumed>) = 0 [pid 5434] ioctl(4, LOOP_CLR_FD [pid 5425] close(4 [pid 5434] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5434] close(4 [pid 343] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./255/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./255/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./255/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./255") = 0 [pid 343] mkdir("./256", 0777) = 0 [ 240.963185][ T5434] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/255/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5425] <... close resumed>) = 0 [pid 5425] exit_group(0) = ? [pid 5425] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5425, si_uid=0, si_status=0, si_utime=9, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./252/binderfs") = 0 [pid 344] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5434] <... close resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 5434] memfd_create("syzkaller", 0 [pid 349] <... umount2 resumed>) = 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = 0 [pid 5434] <... memfd_create resumed>) = 4 [pid 349] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5434] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] newfstatat(AT_FDCWD, "./254/bus", [pid 342] newfstatat(AT_FDCWD, "./250/bus", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./254/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./254/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./254") = 0 [pid 349] mkdir("./255", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./250/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./250/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./250/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./250") = 0 [pid 342] mkdir("./251", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] close(3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 344] newfstatat(AT_FDCWD, "./252/bus", [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] close(3 [pid 349] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5438 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5439 [pid 344] openat(AT_FDCWD, "./252/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5440 [pid 344] <... openat resumed>) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./252/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./252") = 0 [pid 344] mkdir("./253", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5441 ./strace-static-x86_64: Process 5440 attached [pid 5440] set_robust_list(0x555584fcf660, 24) = 0 [pid 5440] chdir("./251") = 0 [pid 5440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5440] setpgid(0, 0) = 0 [pid 5440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5438 attached [pid 5438] set_robust_list(0x555584fcf660, 24) = 0 [pid 5438] chdir("./256" [pid 5440] <... openat resumed>) = 3 [pid 5438] <... chdir resumed>) = 0 [pid 5440] write(3, "1000", 4) = 4 [pid 5438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5440] close(3 [pid 5438] setpgid(0, 0 [pid 5440] <... close resumed>) = 0 [pid 5440] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5438] <... setpgid resumed>) = 0 [pid 5438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 5438] write(3, "1000", 4 [pid 5440] write(1, "executing program\n", 18 [pid 5438] <... write resumed>) = 4 [pid 5440] <... write resumed>) = 18 [pid 5438] close(3 [pid 5440] memfd_create("syzkaller", 0 [pid 5438] <... close resumed>) = 0 [pid 5438] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5440] <... memfd_create resumed>) = 3 executing program [pid 5440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5438] write(1, "executing program\n", 18) = 18 [pid 5438] memfd_create("syzkaller", 0) = 3 [pid 5438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5438] <... write resumed>) = 262144 [pid 5440] <... write resumed>) = 262144 [pid 5440] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5440] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5438] munmap(0x7f7c475b3000, 138412032 [pid 5440] ioctl(4, LOOP_SET_FD, 3 [pid 5438] <... munmap resumed>) = 0 [pid 5438] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5440] <... ioctl resumed>) = 0 [pid 5438] <... openat resumed>) = 4 [pid 5438] ioctl(4, LOOP_SET_FD, 3 [pid 5440] close(3./strace-static-x86_64: Process 5441 attached [pid 5441] set_robust_list(0x555584fcf660, 24./strace-static-x86_64: Process 5439 attached [pid 5440] <... close resumed>) = 0 [pid 5440] close(4 [pid 5438] <... ioctl resumed>) = 0 [pid 5438] close(3) = 0 [pid 5438] close(4 [pid 5441] <... set_robust_list resumed>) = 0 [pid 5441] chdir("./253") = 0 [pid 5441] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5434] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5439] set_robust_list(0x555584fcf660, 24) = 0 [pid 5441] <... prctl resumed>) = 0 [pid 5439] chdir("./255") = 0 [pid 5439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5439] setpgid(0, 0) = 0 [pid 5439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5439] write(3, "1000", 4) = 4 [pid 5439] close(3) = 0 [pid 5439] symlink("/dev/binderfs", "./binderfs" [pid 5441] setpgid(0, 0executing program ) = 0 [pid 5439] <... symlink resumed>) = 0 [pid 5439] write(1, "executing program\n", 18) = 18 [pid 5439] memfd_create("syzkaller", 0 [pid 5441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5439] <... memfd_create resumed>) = 3 [pid 5439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5441] write(3, "1000", 4 [pid 5439] <... mmap resumed>) = 0x7f7c475b3000 [pid 5441] <... write resumed>) = 4 [pid 5441] close(3) = 0 [pid 5441] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5441] write(1, "executing program\n", 18executing program ) = 18 [pid 5441] memfd_create("syzkaller", 0) = 3 [pid 5441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5439] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5441] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5441] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5439] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5439] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5440] <... close resumed>) = 0 [pid 5440] mkdir("./bus", 0777) = 0 [pid 5440] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5434] <... write resumed>) = 20699119 [pid 5434] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5434] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5438] <... close resumed>) = 0 [pid 5438] mkdir("./bus", 0777 [pid 5439] <... openat resumed>) = 4 [pid 5439] ioctl(4, LOOP_SET_FD, 3 [pid 5438] <... mkdir resumed>) = 0 [pid 5438] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5441] <... openat resumed>) = 4 [pid 5439] <... ioctl resumed>) = 0 [pid 5441] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5439] close(3 [pid 5441] close(3) = 0 [pid 5439] <... close resumed>) = 0 [pid 5441] close(4 [pid 5439] close(4 [pid 5434] <... openat resumed>) = 5 [pid 5434] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5434] ioctl(5, LOOP_CLR_FD [pid 5438] <... mount resumed>) = 0 [pid 5438] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5438] chdir("./bus") = 0 [pid 5438] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5440] <... mount resumed>) = 0 [pid 5440] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5440] chdir("./bus") = 0 [pid 5440] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5441] <... close resumed>) = 0 [pid 5441] mkdir("./bus", 0777) = 0 [pid 5441] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5439] <... close resumed>) = 0 [pid 5434] <... ioctl resumed>) = 0 [pid 5440] <... openat resumed>) = 4 [pid 5440] ioctl(4, LOOP_CLR_FD) = 0 [pid 5440] close(4) = 0 [pid 5440] memfd_create("syzkaller", 0 [pid 5439] mkdir("./bus", 0777 [pid 5440] <... memfd_create resumed>) = 4 [pid 5440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5439] <... mkdir resumed>) = 0 [pid 5439] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5434] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5434] close(5) = 0 [pid 5434] close(4 [pid 5438] <... openat resumed>) = 4 [pid 5438] ioctl(4, LOOP_CLR_FD) = 0 [pid 5438] close(4) = 0 [pid 5438] memfd_create("syzkaller", 0) = 4 [pid 5438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 241.289906][ T5438] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/256/bus supports timestamps until (%ptR?) (0x7fffffff) [ 241.293968][ T5440] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/251/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5439] <... mount resumed>) = 0 [pid 5439] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5439] chdir("./bus") = 0 [pid 5439] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5439] ioctl(4, LOOP_CLR_FD) = 0 [pid 5439] close(4) = 0 [pid 5439] memfd_create("syzkaller", 0) = 4 [pid 5439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5441] <... mount resumed>) = 0 [pid 5441] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5441] chdir("./bus") = 0 [pid 5441] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5441] ioctl(4, LOOP_CLR_FD) = 0 [pid 5441] close(4) = 0 [pid 5441] memfd_create("syzkaller", 0) = 4 [pid 5441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 241.390965][ T5439] ext4 filesystem being mounted at /root/syzkaller.53SCZU/255/bus supports timestamps until (%ptR?) (0x7fffffff) [ 241.407950][ T5441] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/253/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5434] <... close resumed>) = 0 [pid 5434] exit_group(0) = ? [pid 5434] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5434, si_uid=0, si_status=0, si_utime=6, si_stime=8} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./255/binderfs") = 0 [pid 348] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 348] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./255/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./255/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./255/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./255") = 0 [pid 348] mkdir("./256", 0777 [pid 5440] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5454 ./strace-static-x86_64: Process 5454 attached [pid 5454] set_robust_list(0x555584fcf660, 24) = 0 [pid 5454] chdir("./256") = 0 [pid 5454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5454] setpgid(0, 0) = 0 [pid 5454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5454] write(3, "1000", 4) = 4 [pid 5454] close(3) = 0 [pid 5454] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5454] write(1, "executing program\n", 18) = 18 [pid 5454] memfd_create("syzkaller", 0) = 3 [pid 5454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5454] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5454] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5454] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5454] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5454] close(3) = 0 [pid 5454] close(4) = 0 [pid 5454] mkdir("./bus", 0777) = 0 [pid 5454] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5438] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5439] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5441] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5440] <... write resumed>) = 20699119 [pid 5440] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5440] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5440] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5440] ioctl(5, LOOP_CLR_FD) = 0 [pid 5440] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5440] close(5) = 0 [pid 5440] close(4 [pid 5454] <... mount resumed>) = 0 [pid 5454] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5454] chdir("./bus") = 0 [pid 5454] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5454] ioctl(4, LOOP_CLR_FD) = 0 [pid 5454] close(4) = 0 [pid 5454] memfd_create("syzkaller", 0) = 4 [pid 5454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 241.698697][ T5454] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/256/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5438] <... write resumed>) = 20699119 [pid 5438] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5438] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5438] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5438] ioctl(5, LOOP_CLR_FD) = 0 [pid 5438] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5438] close(5) = 0 [pid 5440] <... close resumed>) = 0 [pid 5438] close(4 [pid 5440] exit_group(0) = ? [pid 5440] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5440, si_uid=0, si_status=0, si_utime=10, si_stime=13} --- [pid 342] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./251/binderfs") = 0 [pid 342] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5441] <... write resumed>) = 20699119 [pid 5439] <... write resumed>) = 20699119 [pid 5439] munmap(0x7f7c475b3000, 138412032 [pid 5441] munmap(0x7f7c475b3000, 138412032 [pid 5439] <... munmap resumed>) = 0 [pid 5439] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5441] <... munmap resumed>) = 0 [pid 5441] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5438] <... close resumed>) = 0 [pid 5439] <... openat resumed>) = 5 [pid 5438] exit_group(0 [pid 342] <... umount2 resumed>) = 0 [pid 5454] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5441] <... openat resumed>) = 5 [pid 5439] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 342] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5439] ioctl(5, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5439] <... ioctl resumed>) = 0 [pid 342] newfstatat(AT_FDCWD, "./251/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5441] ioctl(5, LOOP_SET_FD, 4 [pid 342] umount2("./251/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./251/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5441] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 5441] ioctl(5, LOOP_CLR_FD [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./251/bus" [pid 5441] <... ioctl resumed>) = 0 [pid 5438] <... exit_group resumed>) = ? [pid 342] <... rmdir resumed>) = 0 [pid 5439] ioctl(5, LOOP_SET_FD, 4 [pid 342] getdents64(3, [pid 5439] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5439] close(5 [pid 342] close(3 [pid 5439] <... close resumed>) = 0 [pid 5438] +++ exited with 0 +++ [pid 342] <... close resumed>) = 0 [pid 5439] close(4 [pid 342] rmdir("./251" [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5438, si_uid=0, si_status=0, si_utime=11, si_stime=12} --- [pid 342] <... rmdir resumed>) = 0 [pid 5441] ioctl(5, LOOP_SET_FD, 4 [pid 342] mkdir("./252", 0777 [pid 5441] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 342] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 5441] close(5 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5441] <... close resumed>) = 0 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5458 [pid 5441] close(4 [pid 343] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 5458 attached [pid 343] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5458] set_robust_list(0x555584fcf660, 24 [pid 343] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5458] <... set_robust_list resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5458] chdir("./252" [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5458] <... chdir resumed>) = 0 [pid 343] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5458] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5458] <... prctl resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./256/binderfs", [pid 5458] setpgid(0, 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5458] <... setpgid resumed>) = 0 [pid 343] unlink("./256/binderfs" [pid 5458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... unlink resumed>) = 0 [pid 343] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5458] <... openat resumed>) = 3 [pid 5458] write(3, "1000", 4) = 4 [pid 5458] close(3) = 0 [pid 5458] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5458] write(1, "executing program\n", 18executing program ) = 18 [pid 5458] memfd_create("syzkaller", 0) = 3 [pid 5458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5458] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5458] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5458] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5439] <... close resumed>) = 0 [pid 5439] exit_group(0) = ? [pid 5439] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5439, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5458] <... openat resumed>) = 4 [pid 349] <... restart_syscall resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5458] ioctl(4, LOOP_SET_FD, 3 [pid 349] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./256/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./256/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./256/bus") = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./256" [pid 349] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... rmdir resumed>) = 0 [pid 343] mkdir("./257", 0777 [pid 349] <... openat resumed>) = 3 [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./255/binderfs") = 0 [pid 349] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5458] <... ioctl resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 5458] close(3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 5458] <... close resumed>) = 0 [pid 5458] close(4 [pid 5441] <... close resumed>) = 0 [pid 5441] exit_group(0) = ? [pid 5441] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5441, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./253/binderfs") = 0 [pid 344] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5454] <... write resumed>) = 20699119 [pid 5454] munmap(0x7f7c475b3000, 138412032 [pid 349] <... umount2 resumed>) = 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5458] <... close resumed>) = 0 [pid 343] close(3 [pid 5458] mkdir("./bus", 0777) = 0 [pid 349] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5458] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5454] <... munmap resumed>) = 0 [pid 5454] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] newfstatat(AT_FDCWD, "./255/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./255/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./255/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./255") = 0 [pid 349] mkdir("./256", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5454] <... openat resumed>) = 5 [pid 349] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] close(3 [pid 344] newfstatat(AT_FDCWD, "./253/bus", [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5460 [pid 349] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5461 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./253/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./253/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./253") = 0 [pid 344] mkdir("./254", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5462 [pid 5454] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5454] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5461 attached [pid 5461] set_robust_list(0x555584fcf660, 24) = 0 [pid 5461] chdir("./256") = 0 [pid 5461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5461] setpgid(0, 0) = 0 [pid 5461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5454] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5454] close(5) = 0 [pid 5454] close(4 [pid 5461] <... openat resumed>) = 3 [pid 5461] write(3, "1000", 4) = 4 [pid 5461] close(3) = 0 [pid 5461] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5461] write(1, "executing program\n", 18) = 18 [pid 5461] memfd_create("syzkaller", 0) = 3 [pid 5461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5462 attached [pid 5462] set_robust_list(0x555584fcf660, 24./strace-static-x86_64: Process 5460 attached [pid 5460] set_robust_list(0x555584fcf660, 24) = 0 [pid 5460] chdir("./257" [pid 5462] <... set_robust_list resumed>) = 0 [pid 5460] <... chdir resumed>) = 0 [pid 5460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5460] setpgid(0, 0) = 0 [pid 5462] chdir("./254" [pid 5460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5462] <... chdir resumed>) = 0 [pid 5460] <... openat resumed>) = 3 [pid 5460] write(3, "1000", 4) = 4 [pid 5460] close(3) = 0 [pid 5460] symlink("/dev/binderfs", "./binderfs" [pid 5462] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5461] <... write resumed>) = 262144 [pid 5461] munmap(0x7f7c475b3000, 138412032 [pid 5462] <... prctl resumed>) = 0 [pid 5462] setpgid(0, 0executing program [pid 5461] <... munmap resumed>) = 0 [pid 5462] <... setpgid resumed>) = 0 [pid 5460] <... symlink resumed>) = 0 [pid 5461] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5460] write(1, "executing program\n", 18 [pid 5461] <... openat resumed>) = 4 [pid 5460] <... write resumed>) = 18 [pid 5461] ioctl(4, LOOP_SET_FD, 3 [pid 5460] memfd_create("syzkaller", 0) = 3 [pid 5460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5460] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5460] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5460] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5461] <... ioctl resumed>) = 0 [pid 5460] <... openat resumed>) = 4 [pid 5458] <... mount resumed>) = 0 [pid 5461] close(3 [pid 5460] ioctl(4, LOOP_SET_FD, 3 [pid 5461] <... close resumed>) = 0 [pid 5461] close(4 [pid 5462] <... openat resumed>) = 3 [pid 5462] write(3, "1000", 4) = 4 [pid 5462] close(3) = 0 [pid 5462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5462] write(1, "executing program\n", 18executing program ) = 18 [pid 5462] memfd_create("syzkaller", 0) = 3 [pid 5462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5462] munmap(0x7f7c475b3000, 138412032 [pid 5458] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5460] <... ioctl resumed>) = 0 [pid 5460] close(3) = 0 [pid 5460] close(4 [pid 5462] <... munmap resumed>) = 0 [pid 5462] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5458] <... openat resumed>) = 3 [pid 5458] chdir("./bus") = 0 [pid 5458] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5461] <... close resumed>) = 0 [pid 5461] mkdir("./bus", 0777) = 0 [pid 5454] <... close resumed>) = 0 [pid 5461] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5454] exit_group(0) = ? [pid 5454] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5454, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./256/binderfs") = 0 [pid 348] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5460] <... close resumed>) = 0 [pid 5462] <... openat resumed>) = 4 [pid 5460] mkdir("./bus", 0777 [pid 5458] <... openat resumed>) = 4 [pid 5462] ioctl(4, LOOP_SET_FD, 3 [pid 5460] <... mkdir resumed>) = 0 [pid 5460] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 242.125744][ T5458] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/252/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5458] ioctl(4, LOOP_CLR_FD [pid 5462] <... ioctl resumed>) = 0 [pid 5462] close(3 [pid 348] <... umount2 resumed>) = 0 [pid 5462] <... close resumed>) = 0 [pid 5462] close(4 [pid 5458] <... ioctl resumed>) = 0 [pid 5458] close(4 [pid 348] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./256/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./256/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./256/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./256") = 0 [pid 348] mkdir("./257", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5461] <... mount resumed>) = 0 [pid 5461] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5461] chdir("./bus") = 0 [pid 5461] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5462] <... close resumed>) = 0 [pid 5460] <... mount resumed>) = 0 [pid 5458] <... close resumed>) = 0 [pid 5462] mkdir("./bus", 0777 [pid 5461] <... openat resumed>) = 4 [pid 5460] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5458] memfd_create("syzkaller", 0 [pid 348] <... openat resumed>) = 3 [pid 5462] <... mkdir resumed>) = 0 [pid 5461] ioctl(4, LOOP_CLR_FD [pid 5462] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5461] <... ioctl resumed>) = 0 [pid 5460] <... openat resumed>) = 3 [pid 5458] <... memfd_create resumed>) = 4 [pid 348] ioctl(3, LOOP_CLR_FD [pid 5461] close(4 [pid 5460] chdir("./bus" [pid 5458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 5461] <... close resumed>) = 0 [pid 5458] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] <... close resumed>) = 0 [pid 5461] memfd_create("syzkaller", 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5472 [pid 5461] <... memfd_create resumed>) = 4 [pid 5461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5472 attached [pid 5472] set_robust_list(0x555584fcf660, 24) = 0 [pid 5472] chdir("./257") = 0 [pid 5472] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5472] setpgid(0, 0) = 0 [pid 5472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5472] write(3, "1000", 4) = 4 [pid 5472] close(3) = 0 [pid 5472] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5472] write(1, "executing program\n", 18 [pid 5460] <... chdir resumed>) = 0 executing program [pid 5472] <... write resumed>) = 18 [pid 5472] memfd_create("syzkaller", 0) = 3 [pid 5460] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5460] <... openat resumed>) = 4 [pid 5460] ioctl(4, LOOP_CLR_FD) = 0 [pid 5460] close(4) = 0 [pid 5460] memfd_create("syzkaller", 0) = 4 [pid 5460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5472] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5472] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5472] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5472] close(3) = 0 [pid 5472] close(4) = 0 [pid 5472] mkdir("./bus", 0777) = 0 [pid 5472] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5462] <... mount resumed>) = 0 [pid 5462] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5462] chdir("./bus") = 0 [ 242.291322][ T5461] ext4 filesystem being mounted at /root/syzkaller.53SCZU/256/bus supports timestamps until (%ptR?) (0x7fffffff) [ 242.305300][ T5460] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/257/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5462] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5462] ioctl(4, LOOP_CLR_FD) = 0 [pid 5462] close(4) = 0 [pid 5462] memfd_create("syzkaller", 0) = 4 [pid 5462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 242.368293][ T5462] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/254/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5472] <... mount resumed>) = 0 [pid 5472] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5472] chdir("./bus") = 0 [pid 5472] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5472] ioctl(4, LOOP_CLR_FD) = 0 [pid 5472] close(4) = 0 [pid 5472] memfd_create("syzkaller", 0) = 4 [pid 5472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5458] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 242.467750][ T5472] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/257/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5460] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5461] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5462] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5458] <... write resumed>) = 20699119 [pid 5458] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5458] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5458] ioctl(5, LOOP_CLR_FD) = 0 [pid 5458] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5458] close(5) = 0 [pid 5458] close(4 [pid 5460] <... write resumed>) = 20699119 [pid 5472] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5460] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5460] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5460] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5460] ioctl(5, LOOP_CLR_FD) = 0 [pid 5460] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5460] close(5) = 0 [pid 5460] close(4 [pid 5462] <... write resumed>) = 20699119 [pid 5462] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5462] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5462] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5462] ioctl(5, LOOP_CLR_FD) = 0 [pid 5462] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5462] close(5) = 0 [pid 5462] close(4 [pid 5461] <... write resumed>) = 20699119 [pid 5461] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5461] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5461] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5461] ioctl(5, LOOP_CLR_FD) = 0 [pid 5461] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5461] close(5) = 0 [pid 5461] close(4 [pid 5460] <... close resumed>) = 0 [pid 5460] exit_group(0) = ? [pid 5460] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5460, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5458] <... close resumed>) = 0 [pid 5458] exit_group(0) = ? [pid 5458] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5458, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 343] <... restart_syscall resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 343] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 343] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, [pid 342] getdents64(3, [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./257/binderfs", [pid 342] newfstatat(AT_FDCWD, "./252/binderfs", [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./257/binderfs" [pid 342] unlink("./252/binderfs" [pid 343] <... unlink resumed>) = 0 [pid 342] <... unlink resumed>) = 0 [pid 343] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5462] <... close resumed>) = 0 [pid 5462] exit_group(0) = ? [pid 5462] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5462, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5472] <... write resumed>) = 20699119 [pid 5472] munmap(0x7f7c475b3000, 138412032 [pid 344] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5472] <... munmap resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5472] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] newfstatat(AT_FDCWD, "./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./254/binderfs") = 0 [pid 344] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5461] <... close resumed>) = 0 [pid 5461] exit_group(0) = ? [pid 5461] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5461, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./256/binderfs") = 0 [pid 349] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./257/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./257/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./257/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./257") = 0 [pid 343] mkdir("./258", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5472] <... openat resumed>) = 5 [pid 5472] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5472] ioctl(5, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./252/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./252/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./252/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 349] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] getdents64(4, [pid 349] newfstatat(AT_FDCWD, "./256/bus", executing program [pid 344] newfstatat(AT_FDCWD, "./254/bus", [pid 343] close(3 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... close resumed>) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./252/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./252") = 0 [pid 342] mkdir("./253", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5478 ./strace-static-x86_64: Process 5478 attached [pid 5478] set_robust_list(0x555584fcf660, 24) = 0 [pid 5478] chdir("./253") = 0 [pid 5478] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5478] setpgid(0, 0) = 0 [pid 344] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5478] write(3, "1000", 4) = 4 [pid 5478] close(3) = 0 [pid 5478] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5478] write(1, "executing program\n", 18) = 18 [pid 5478] memfd_create("syzkaller", 0) = 3 [pid 5478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5479 [pid 349] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5478] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5478] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5478] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5479 attached [pid 344] openat(AT_FDCWD, "./254/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... openat resumed>) = 4 [pid 349] openat(AT_FDCWD, "./256/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] newfstatat(4, "", [pid 5479] set_robust_list(0x555584fcf660, 24 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... openat resumed>) = 4 [pid 344] getdents64(4, [pid 5479] <... set_robust_list resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] newfstatat(4, "", [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] close(4) = 0 [pid 349] getdents64(4, [pid 344] rmdir("./254/bus" [pid 5479] chdir("./258") = 0 [pid 5479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5479] setpgid(0, 0) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 5479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] getdents64(4, [pid 344] close(3 [pid 5479] <... openat resumed>) = 3 [pid 5479] write(3, "1000", 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] <... close resumed>) = 0 [pid 344] rmdir("./254" [pid 349] close(4 [pid 5479] <... write resumed>) = 4 [pid 5479] close(3) = 0 [pid 5479] symlink("/dev/binderfs", "./binderfs" [pid 344] <... rmdir resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5479] <... symlink resumed>) = 0 [pid 5479] write(1, "executing program\n", 18executing program ) = 18 [pid 5479] memfd_create("syzkaller", 0) = 3 [pid 5479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] rmdir("./256/bus" [pid 344] mkdir("./255", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 5478] <... ioctl resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5478] close(3 [pid 349] close(3 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5478] <... close resumed>) = 0 [pid 344] close(3 [pid 349] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 5478] close(4 [pid 349] rmdir("./256" [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5479] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] <... rmdir resumed>) = 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5481 [pid 349] mkdir("./257", 0777) = 0 [pid 5479] <... write resumed>) = 262144 [pid 5479] munmap(0x7f7c475b3000, 138412032) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5472] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5481 attached [pid 5479] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5481] set_robust_list(0x555584fcf660, 24) = 0 [pid 5481] chdir("./255") = 0 [pid 5481] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5481] setpgid(0, 0) = 0 [pid 5481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5481] write(3, "1000", 4) = 4 [pid 5481] close(3) = 0 [pid 5481] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5481] write(1, "executing program\n", 18) = 18 [pid 5481] memfd_create("syzkaller", 0) = 3 [pid 5481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5472] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5472] close(5 [pid 5481] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5481] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5481] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5478] <... close resumed>) = 0 [pid 5478] mkdir("./bus", 0777 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5479] <... openat resumed>) = 4 [pid 5478] <... mkdir resumed>) = 0 [pid 5478] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5479] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5482 [pid 5472] <... close resumed>) = 0 [pid 5472] close(4 [pid 5479] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5482 attached [pid 5479] close(3) = 0 [pid 5481] <... openat resumed>) = 4 [pid 5479] close(4 [pid 5481] ioctl(4, LOOP_SET_FD, 3 [pid 5482] set_robust_list(0x555584fcf660, 24) = 0 [pid 5482] chdir("./257") = 0 [pid 5482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5482] setpgid(0, 0) = 0 [pid 5482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5482] write(3, "1000", 4) = 4 [pid 5482] close(3) = 0 [pid 5482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5482] write(1, "executing program\n", 18executing program ) = 18 [pid 5482] memfd_create("syzkaller", 0) = 3 [pid 5482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5482] munmap(0x7f7c475b3000, 138412032 [pid 5478] <... mount resumed>) = 0 [pid 5482] <... munmap resumed>) = 0 [pid 5478] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5482] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5478] <... openat resumed>) = 3 [pid 5478] chdir("./bus") = 0 [pid 5478] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5479] <... close resumed>) = 0 [pid 5479] mkdir("./bus", 0777) = 0 [pid 5479] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5482] <... openat resumed>) = 4 [pid 5481] <... ioctl resumed>) = 0 [pid 5478] <... openat resumed>) = 4 [pid 5482] ioctl(4, LOOP_SET_FD, 3 [pid 5478] ioctl(4, LOOP_CLR_FD [pid 5481] close(3) = 0 [pid 5481] close(4 [pid 5482] <... ioctl resumed>) = 0 [pid 5478] <... ioctl resumed>) = 0 [pid 5478] close(4 [pid 5482] close(3) = 0 [pid 5482] close(4 [pid 5472] <... close resumed>) = 0 [pid 5472] exit_group(0) = ? [pid 5472] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5472, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./257/binderfs") = 0 [pid 348] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5479] <... mount resumed>) = 0 [pid 5479] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5479] chdir("./bus") = 0 [pid 5479] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5481] <... close resumed>) = 0 [pid 5478] <... close resumed>) = 0 [pid 5481] mkdir("./bus", 0777 [pid 5478] memfd_create("syzkaller", 0) = 4 [pid 5478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5481] <... mkdir resumed>) = 0 [ 243.064288][ T5478] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/253/bus supports timestamps until (%ptR?) (0x7fffffff) [ 243.099048][ T5479] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/258/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5481] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5478] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5479] <... openat resumed>) = 4 [pid 5479] ioctl(4, LOOP_CLR_FD [pid 5478] <... write resumed>) = 20699119 [pid 5478] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5478] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5482] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 5482] mkdir("./bus", 0777 [pid 348] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5482] <... mkdir resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5482] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] newfstatat(AT_FDCWD, "./257/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./257/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./257/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./257" [pid 5479] <... ioctl resumed>) = 0 [pid 5478] <... openat resumed>) = 5 [pid 348] <... rmdir resumed>) = 0 [pid 5478] ioctl(5, LOOP_SET_FD, 4 [pid 348] mkdir("./258", 0777 [pid 5478] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... mkdir resumed>) = 0 [pid 5478] ioctl(5, LOOP_CLR_FD [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5478] <... ioctl resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 5479] close(4 [pid 348] ioctl(3, LOOP_CLR_FD [pid 5479] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5479] memfd_create("syzkaller", 0 [pid 348] close(3 [pid 5479] <... memfd_create resumed>) = 4 [pid 5478] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... close resumed>) = 0 [pid 5479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5478] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5479] <... mmap resumed>) = 0x7f7c475b3000 [pid 5478] close(5) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5492 [pid 5478] close(4./strace-static-x86_64: Process 5492 attached [pid 5492] set_robust_list(0x555584fcf660, 24) = 0 [pid 5492] chdir("./258") = 0 [pid 5492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5492] setpgid(0, 0) = 0 [pid 5492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5492] write(3, "1000", 4) = 4 [pid 5492] close(3) = 0 [pid 5492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5492] write(1, "executing program\n", 18executing program ) = 18 [pid 5492] memfd_create("syzkaller", 0) = 3 [pid 5492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5492] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5492] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5492] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5492] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5492] close(3) = 0 [pid 5492] close(4) = 0 [pid 5492] mkdir("./bus", 0777) = 0 [pid 5492] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5481] <... mount resumed>) = 0 [pid 5482] <... mount resumed>) = 0 [pid 5481] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5482] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5481] <... openat resumed>) = 3 [pid 5482] <... openat resumed>) = 3 [pid 5481] chdir("./bus" [pid 5482] chdir("./bus" [pid 5481] <... chdir resumed>) = 0 [pid 5482] <... chdir resumed>) = 0 [pid 5481] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5482] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5481] <... openat resumed>) = 4 [pid 5482] ioctl(4, LOOP_CLR_FD [pid 5481] ioctl(4, LOOP_CLR_FD [pid 5482] <... ioctl resumed>) = 0 [pid 5481] <... ioctl resumed>) = 0 [pid 5482] close(4 [pid 5481] close(4 [pid 5482] <... close resumed>) = 0 [pid 5481] <... close resumed>) = 0 [pid 5478] <... close resumed>) = 0 [pid 5478] exit_group(0) = ? [pid 5481] memfd_create("syzkaller", 0 [pid 5482] memfd_create("syzkaller", 0 [pid 5481] <... memfd_create resumed>) = 4 [pid 5478] +++ exited with 0 +++ [pid 5482] <... memfd_create resumed>) = 4 [pid 5481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5478, si_uid=0, si_status=0, si_utime=4, si_stime=9} --- [pid 5482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5481] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5482] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./253/binderfs") = 0 [pid 342] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5492] <... mount resumed>) = 0 [pid 5492] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5492] chdir("./bus") = 0 [ 243.294509][ T5482] ext4 filesystem being mounted at /root/syzkaller.53SCZU/257/bus supports timestamps until (%ptR?) (0x7fffffff) [ 243.308528][ T5481] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/255/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5492] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 5492] ioctl(4, LOOP_CLR_FD) = 0 [pid 5492] close(4) = 0 [pid 5492] memfd_create("syzkaller", 0) = 4 [pid 5492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./253/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./253/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./253/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./253/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./253") = 0 [pid 342] mkdir("./254", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5498 [ 243.336476][ T5492] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/258/bus supports timestamps until (%ptR?) (0x7fffffff) ./strace-static-x86_64: Process 5498 attached [pid 5498] set_robust_list(0x555584fcf660, 24) = 0 [pid 5498] chdir("./254") = 0 [pid 5498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5498] setpgid(0, 0) = 0 [pid 5498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5498] write(3, "1000", 4) = 4 [pid 5498] close(3) = 0 [pid 5498] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5498] write(1, "executing program\n", 18) = 18 [pid 5498] memfd_create("syzkaller", 0) = 3 [pid 5498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5498] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5498] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5498] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5498] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5498] close(3) = 0 [pid 5498] close(4) = 0 [pid 5498] mkdir("./bus", 0777) = 0 [pid 5498] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5481] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5479] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5498] <... mount resumed>) = 0 [pid 5498] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5498] chdir("./bus") = 0 [pid 5498] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5498] ioctl(4, LOOP_CLR_FD) = 0 [pid 5498] close(4) = 0 [pid 5498] memfd_create("syzkaller", 0) = 4 [pid 5498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5482] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 243.547885][ T5498] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/254/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5492] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5481] <... write resumed>) = 20699119 [pid 5481] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5481] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5481] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5481] ioctl(5, LOOP_CLR_FD) = 0 [pid 5481] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5481] close(5) = 0 [pid 5481] close(4 [pid 5479] <... write resumed>) = 20699119 [pid 5479] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5479] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5479] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5479] ioctl(5, LOOP_CLR_FD) = 0 [pid 5479] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5479] close(5) = 0 [pid 5479] close(4 [pid 5482] <... write resumed>) = 20699119 [pid 5481] <... close resumed>) = 0 [pid 5498] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5482] munmap(0x7f7c475b3000, 138412032 [pid 5481] exit_group(0) = ? [pid 5482] <... munmap resumed>) = 0 [pid 5482] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5482] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5482] ioctl(5, LOOP_CLR_FD) = 0 [pid 5481] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5481, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5482] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 344] <... restart_syscall resumed>) = 0 [pid 5482] close(5) = 0 [pid 5482] close(4 [pid 344] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./255/binderfs") = 0 [pid 344] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5479] <... close resumed>) = 0 [pid 5479] exit_group(0) = ? [pid 5479] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5479, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5492] <... write resumed>) = 20699119 [pid 5492] munmap(0x7f7c475b3000, 138412032 [pid 343] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./258/binderfs") = 0 [pid 5492] <... munmap resumed>) = 0 [pid 343] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5492] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 5492] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5492] ioctl(5, LOOP_CLR_FD [pid 344] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./255/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./255/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./255/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./255") = 0 [pid 344] mkdir("./256", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5482] <... close resumed>) = 0 [pid 5482] exit_group(0) = ? [pid 5482] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5482, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./257/binderfs") = 0 [pid 349] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 5492] <... ioctl resumed>) = 0 [pid 343] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] close(3 [pid 343] newfstatat(AT_FDCWD, "./258/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5492] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 343] openat(AT_FDCWD, "./258/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5492] close(5 [pid 343] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./258/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./258") = 0 [pid 343] mkdir("./259", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5498] <... write resumed>) = 20699119 [pid 5498] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5498] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5492] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 5492] close(4 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5502 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5503 ./strace-static-x86_64: Process 5503 attached [pid 5503] set_robust_list(0x555584fcf660, 24) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 5498] <... openat resumed>) = 5 [pid 349] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./257/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5503] chdir("./256") = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./257/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5503] setpgid(0, 0) = 0 [pid 5503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5503] write(3, "1000", 4) = 4 [pid 5503] close(3) = 0 [pid 5503] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 349] <... openat resumed>) = 4 [pid 5498] ioctl(5, LOOP_SET_FD, 4./strace-static-x86_64: Process 5502 attached [pid 5503] write(1, "executing program\n", 18) = 18 [pid 5502] set_robust_list(0x555584fcf660, 24 [pid 5503] memfd_create("syzkaller", 0 [pid 5502] <... set_robust_list resumed>) = 0 [pid 349] newfstatat(4, "", [pid 5503] <... memfd_create resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5502] chdir("./259" [pid 5503] <... mmap resumed>) = 0x7f7c475b3000 [pid 5502] <... chdir resumed>) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./257/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./257") = 0 [pid 349] mkdir("./258", 0777 [pid 5503] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5502] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... mkdir resumed>) = 0 [pid 5503] <... write resumed>) = 262144 [pid 5502] <... prctl resumed>) = 0 [pid 5503] munmap(0x7f7c475b3000, 138412032 [pid 5502] setpgid(0, 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5503] <... munmap resumed>) = 0 [pid 5502] <... setpgid resumed>) = 0 [pid 5498] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5492] <... close resumed>) = 0 [pid 5503] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5503] <... openat resumed>) = 4 [pid 5502] <... openat resumed>) = 3 [pid 5503] ioctl(4, LOOP_SET_FD, 3 [pid 5502] write(3, "1000", 4) = 4 [pid 5498] ioctl(5, LOOP_CLR_FD [pid 5502] close(3) = 0 [pid 5502] symlink("/dev/binderfs", "./binderfs" [pid 5492] exit_group(0) = ? [pid 5502] <... symlink resumed>) = 0 [pid 5502] write(1, "executing program\n", 18executing program ) = 18 [pid 5502] memfd_create("syzkaller", 0) = 3 [pid 5502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5492] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5492, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5503] <... ioctl resumed>) = 0 [pid 5503] close(3) = 0 [pid 5503] close(4 [pid 5502] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5502] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5502] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./258/binderfs") = 0 [pid 348] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5503] <... close resumed>) = 0 [pid 5503] mkdir("./bus", 0777 [pid 5498] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 5502] <... openat resumed>) = 4 [pid 5502] ioctl(4, LOOP_SET_FD, 3 [pid 5503] <... mkdir resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 5503] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5502] <... ioctl resumed>) = 0 [pid 5502] close(3) = 0 [pid 5502] close(4 [pid 5498] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5498] close(5 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5506 ./strace-static-x86_64: Process 5506 attached [pid 5506] set_robust_list(0x555584fcf660, 24) = 0 [pid 5506] chdir("./258") = 0 [pid 5506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5506] setpgid(0, 0) = 0 [pid 5506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5506] write(3, "1000", 4) = 4 [pid 5506] close(3) = 0 [pid 5506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5506] write(1, "executing program\n", 18executing program ) = 18 [pid 5506] memfd_create("syzkaller", 0) = 3 [pid 5506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5506] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5506] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5502] <... close resumed>) = 0 [pid 5498] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 5498] close(4 [pid 5502] mkdir("./bus", 0777 [pid 348] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5502] <... mkdir resumed>) = 0 [pid 5502] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./258/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./258/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./258/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./258") = 0 [pid 348] mkdir("./259", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5503] <... mount resumed>) = 0 [pid 5503] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5503] chdir("./bus") = 0 [pid 5503] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5498] <... close resumed>) = 0 [pid 5498] exit_group(0) = ? [pid 5498] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5498, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5506] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./254/binderfs") = 0 [pid 342] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5506] ioctl(4, LOOP_SET_FD, 3 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 5506] <... ioctl resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5506] close(3) = 0 [pid 348] close(3 [pid 5506] close(4 [pid 348] <... close resumed>) = 0 [pid 5506] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5506] mkdir("./bus", 0777) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5512 [pid 5506] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"./strace-static-x86_64: Process 5512 attached [pid 5503] <... openat resumed>) = 4 [pid 5503] ioctl(4, LOOP_CLR_FDexecuting program [pid 5512] set_robust_list(0x555584fcf660, 24) = 0 [pid 5512] chdir("./259") = 0 [pid 5512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5512] setpgid(0, 0) = 0 [pid 5512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5512] write(3, "1000", 4) = 4 [pid 5512] close(3) = 0 [pid 5512] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5512] write(1, "executing program\n", 18) = 18 [pid 5512] memfd_create("syzkaller", 0) = 3 [pid 5512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5512] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5512] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5512] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5502] <... mount resumed>) = 0 [pid 5502] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5502] chdir("./bus") = 0 [pid 5502] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5506] <... mount resumed>) = 0 [pid 5506] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5506] chdir("./bus") = 0 [pid 5506] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... umount2 resumed>) = 0 [pid 5512] <... openat resumed>) = 4 [pid 5512] ioctl(4, LOOP_SET_FD, 3 [pid 342] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./254/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5512] <... ioctl resumed>) = 0 [pid 5503] <... ioctl resumed>) = 0 [pid 5502] <... openat resumed>) = 4 [pid 342] umount2("./254/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5512] close(3 [pid 5503] close(4 [pid 5502] ioctl(4, LOOP_CLR_FD [pid 342] openat(AT_FDCWD, "./254/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5512] <... close resumed>) = 0 [pid 5503] <... close resumed>) = 0 [pid 5512] close(4 [pid 5506] <... openat resumed>) = 4 [pid 5503] memfd_create("syzkaller", 0 [pid 5502] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 4 [ 244.072761][ T5503] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/256/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5503] <... memfd_create resumed>) = 4 [pid 342] newfstatat(4, "", [pid 5503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5506] ioctl(4, LOOP_CLR_FD [pid 5502] close(4 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./254/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./254") = 0 [pid 342] mkdir("./255", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5512] <... close resumed>) = 0 [pid 5512] mkdir("./bus", 0777) = 0 [pid 5512] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 244.117817][ T5502] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/259/bus supports timestamps until (%ptR?) (0x7fffffff) [ 244.128289][ T5506] ext4 filesystem being mounted at /root/syzkaller.53SCZU/258/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5503] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5506] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5506] close(4 [pid 5502] <... close resumed>) = 0 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5517 [pid 5506] <... close resumed>) = 0 [pid 5502] memfd_create("syzkaller", 0 [pid 5506] memfd_create("syzkaller", 0 [pid 5502] <... memfd_create resumed>) = 4 [pid 5506] <... memfd_create resumed>) = 4 [pid 5502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5502] <... mmap resumed>) = 0x7f7c475b3000 [pid 5506] <... mmap resumed>) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5517 attached [pid 5517] set_robust_list(0x555584fcf660, 24) = 0 [pid 5517] chdir("./255") = 0 [pid 5517] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5517] setpgid(0, 0) = 0 [pid 5517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5517] write(3, "1000", 4) = 4 [pid 5517] close(3) = 0 [pid 5517] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5517] write(1, "executing program\n", 18executing program ) = 18 [pid 5517] memfd_create("syzkaller", 0) = 3 [pid 5517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5517] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5517] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5517] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5517] ioctl(4, LOOP_SET_FD, 3 [pid 5503] <... write resumed>) = 20699119 [pid 5503] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5517] <... ioctl resumed>) = 0 [pid 5517] close(3) = 0 [pid 5517] close(4) = 0 [pid 5517] mkdir("./bus", 0777) = 0 [pid 5503] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5517] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5503] <... openat resumed>) = 5 [pid 5503] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5503] ioctl(5, LOOP_CLR_FD) = 0 [pid 5503] ioctl(5, LOOP_SET_FD, 4 [pid 5512] <... mount resumed>) = 0 [pid 5503] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5512] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5512] chdir("./bus") = 0 [pid 5503] close(5) = 0 [pid 5512] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5503] close(4 [pid 5512] ioctl(4, LOOP_CLR_FD) = 0 [pid 5512] close(4) = 0 [pid 5512] memfd_create("syzkaller", 0) = 4 [pid 5512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5517] <... mount resumed>) = 0 [ 244.277963][ T5512] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/259/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5517] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5517] chdir("./bus") = 0 [pid 5517] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5517] ioctl(4, LOOP_CLR_FD) = 0 [pid 5517] close(4) = 0 [pid 5517] memfd_create("syzkaller", 0) = 4 [pid 5517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5503] <... close resumed>) = 0 [ 244.323596][ T5517] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/255/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5503] exit_group(0) = ? [pid 5503] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5503, si_uid=0, si_status=0, si_utime=2, si_stime=13} --- [pid 344] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./256/binderfs") = 0 [pid 344] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5506] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./256/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./256/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./256/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./256") = 0 [pid 344] mkdir("./257", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5522 ./strace-static-x86_64: Process 5522 attached [pid 5522] set_robust_list(0x555584fcf660, 24) = 0 [pid 5522] chdir("./257") = 0 [pid 5522] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5522] setpgid(0, 0) = 0 [pid 5522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5522] write(3, "1000", 4) = 4 [pid 5522] close(3) = 0 [pid 5522] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5522] write(1, "executing program\n", 18) = 18 [pid 5522] memfd_create("syzkaller", 0) = 3 [pid 5522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5522] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5502] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5522] <... write resumed>) = 262144 [pid 5522] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5522] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5522] ioctl(4, LOOP_SET_FD, 3 [pid 5512] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5522] <... ioctl resumed>) = 0 [pid 5522] close(3) = 0 [pid 5522] close(4) = 0 [pid 5522] mkdir("./bus", 0777) = 0 [pid 5522] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 5522] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5522] chdir("./bus") = 0 [pid 5522] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5522] ioctl(4, LOOP_CLR_FD) = 0 [pid 5522] close(4) = 0 [pid 5522] memfd_create("syzkaller", 0) = 4 [pid 5522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5506] <... write resumed>) = 20699119 [pid 5506] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5506] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5506] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5506] ioctl(5, LOOP_CLR_FD) = 0 [pid 5506] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5506] close(5) = 0 [pid 5506] close(4 [ 244.547982][ T5522] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/257/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5517] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5502] <... write resumed>) = 20699119 [pid 5502] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5502] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5502] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5502] ioctl(5, LOOP_CLR_FD) = 0 [pid 5502] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5502] close(5) = 0 [pid 5502] close(4 [pid 5512] <... write resumed>) = 20699119 [pid 5512] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5512] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5512] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5512] ioctl(5, LOOP_CLR_FD) = 0 [pid 5512] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5512] close(5) = 0 [pid 5512] close(4 [pid 5506] <... close resumed>) = 0 [pid 5506] exit_group(0) = ? [pid 5506] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5506, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 349] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./258/binderfs") = 0 [pid 349] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5512] <... close resumed>) = 0 [pid 5512] exit_group(0) = ? [pid 5512] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5512, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... umount2 resumed>) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./258/bus", [pid 348] newfstatat(AT_FDCWD, "./259/binderfs", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] unlink("./259/binderfs" [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... unlink resumed>) = 0 [pid 349] openat(AT_FDCWD, "./258/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./258/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./258") = 0 [pid 349] mkdir("./259", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5522] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5517] <... write resumed>) = 20699119 [pid 5517] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5502] <... close resumed>) = 0 [pid 5502] exit_group(0 [pid 5517] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5502] <... exit_group resumed>) = ? [pid 5502] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5502, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5517] <... openat resumed>) = 5 [pid 349] <... openat resumed>) = 3 [pid 348] <... umount2 resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 5517] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5517] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5526 [pid 348] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5517] ioctl(5, LOOP_CLR_FD [pid 343] <... restart_syscall resumed>) = 0 [pid 5517] <... ioctl resumed>) = 0 [pid 343] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./259/bus", [pid 343] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... openat resumed>) = 3 [pid 348] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] newfstatat(3, "", [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] openat(AT_FDCWD, "./259/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] getdents64(3, [pid 348] <... openat resumed>) = 4 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5517] ioctl(5, LOOP_SET_FD, 4 [pid 348] newfstatat(4, "", [pid 343] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5517] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] getdents64(4, [pid 343] newfstatat(AT_FDCWD, "./259/binderfs", [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5517] close(5 [pid 348] getdents64(4, [pid 343] unlink("./259/binderfs" [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... unlink resumed>) = 0 [pid 5517] <... close resumed>) = 0 [pid 348] close(4 [pid 343] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5517] close(4 [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./259/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./259") = 0 [pid 348] mkdir("./260", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5527 ./strace-static-x86_64: Process 5526 attached [pid 5526] set_robust_list(0x555584fcf660, 24) = 0 [pid 5526] chdir("./259") = 0 [pid 5526] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5526] setpgid(0, 0) = 0 [pid 5526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5526] write(3, "1000", 4) = 4 [pid 5526] close(3) = 0 [pid 5526] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5526] write(1, "executing program\n", 18executing program ) = 18 [pid 5526] memfd_create("syzkaller", 0) = 3 [pid 5526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5526] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5526] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5527 attached [pid 5527] set_robust_list(0x555584fcf660, 24) = 0 [pid 5527] chdir("./260") = 0 [pid 5527] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5527] setpgid(0, 0) = 0 [pid 5527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5527] write(3, "1000", 4) = 4 [pid 5527] close(3) = 0 [pid 5527] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5527] write(1, "executing program\n", 18) = 18 [pid 5527] memfd_create("syzkaller", 0) = 3 [pid 5527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5527] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5527] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5527] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5526] <... openat resumed>) = 4 [pid 343] <... umount2 resumed>) = 0 [pid 5527] ioctl(4, LOOP_SET_FD, 3 [pid 5526] ioctl(4, LOOP_SET_FD, 3 [pid 343] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./259/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./259/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./259/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./259") = 0 [pid 343] mkdir("./260", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5527] <... ioctl resumed>) = 0 [pid 5527] close(3) = 0 [pid 5527] close(4 [pid 5522] <... write resumed>) = 20699119 [pid 5526] <... ioctl resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 5527] <... close resumed>) = 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 5527] mkdir("./bus", 0777 [pid 5526] close(3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5527] <... mkdir resumed>) = 0 [pid 343] close(3 [pid 5526] <... close resumed>) = 0 [pid 5527] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] <... close resumed>) = 0 [pid 5526] close(4 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5530 ./strace-static-x86_64: Process 5530 attached [pid 5530] set_robust_list(0x555584fcf660, 24 [pid 5522] munmap(0x7f7c475b3000, 138412032 [pid 5530] <... set_robust_list resumed>) = 0 [pid 5530] chdir("./260") = 0 [pid 5530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5530] setpgid(0, 0 [pid 5522] <... munmap resumed>) = 0 [pid 5530] <... setpgid resumed>) = 0 [pid 5530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5530] write(3, "1000", 4) = 4 [pid 5530] close(3) = 0 [pid 5530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5530] write(1, "executing program\n", 18executing program ) = 18 [pid 5530] memfd_create("syzkaller", 0) = 3 [pid 5530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5530] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5517] <... close resumed>) = 0 [pid 5522] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5517] exit_group(0) = ? [pid 5530] <... write resumed>) = 262144 [pid 5530] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5530] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5517] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5517, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5526] <... close resumed>) = 0 [pid 5526] mkdir("./bus", 0777) = 0 [pid 5526] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5530] <... openat resumed>) = 4 [pid 5530] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5530] close(3) = 0 [pid 5530] close(4 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./255/binderfs") = 0 [pid 342] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5526] <... mount resumed>) = 0 [pid 5526] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5526] chdir("./bus") = 0 [pid 5526] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5527] <... mount resumed>) = 0 [pid 5527] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5527] chdir("./bus") = 0 [pid 5527] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5530] <... close resumed>) = 0 [pid 5522] <... openat resumed>) = 5 [pid 5530] mkdir("./bus", 0777) = 0 [pid 5522] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5530] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5522] ioctl(5, LOOP_CLR_FD [pid 5526] <... openat resumed>) = 4 [ 244.929914][ T5526] ext4 filesystem being mounted at /root/syzkaller.53SCZU/259/bus supports timestamps until (%ptR?) (0x7fffffff) [ 244.937090][ T5527] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/260/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5526] ioctl(4, LOOP_CLR_FD [pid 5522] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5527] <... openat resumed>) = 4 [pid 5527] ioctl(4, LOOP_CLR_FD) = 0 [pid 5527] close(4) = 0 [pid 5527] memfd_create("syzkaller", 0) = 4 [pid 5527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./255/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./255/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./255/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 5522] ioctl(5, LOOP_SET_FD, 4 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5522] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] getdents64(4, [pid 5522] close(5 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5522] <... close resumed>) = 0 [pid 5522] close(4 [pid 342] close(4) = 0 [pid 342] rmdir("./255/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3 [pid 5526] <... ioctl resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 5526] close(4 [pid 342] rmdir("./255" [pid 5526] <... close resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 5526] memfd_create("syzkaller", 0 [pid 5530] <... mount resumed>) = 0 [pid 5526] <... memfd_create resumed>) = 4 [pid 5526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] mkdir("./256", 0777 [pid 5526] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... mkdir resumed>) = 0 [pid 5530] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5530] chdir("./bus") = 0 [pid 5530] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5530] ioctl(4, LOOP_CLR_FD) = 0 [pid 5530] close(4) = 0 [pid 5530] memfd_create("syzkaller", 0) = 4 [pid 5530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5538 ./strace-static-x86_64: Process 5538 attached [pid 5538] set_robust_list(0x555584fcf660, 24) = 0 [pid 5538] chdir("./256") = 0 [pid 5538] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5538] setpgid(0, 0) = 0 [pid 5538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5538] write(3, "1000", 4) = 4 [pid 5538] close(3) = 0 [pid 5538] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5538] write(1, "executing program\n", 18) = 18 [pid 5538] memfd_create("syzkaller", 0) = 3 [pid 5538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5538] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5538] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5538] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5538] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5538] close(3) = 0 [pid 5538] close(4 [pid 5522] <... close resumed>) = 0 [pid 5538] <... close resumed>) = 0 [pid 5538] mkdir("./bus", 0777) = 0 [ 245.088685][ T5530] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/260/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5538] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5522] exit_group(0) = ? [pid 5522] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5522, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./257/binderfs") = 0 [pid 344] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5530] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5527] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5538] <... mount resumed>) = 0 [pid 5538] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5538] chdir("./bus") = 0 [pid 5538] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 5538] <... openat resumed>) = 4 [pid 5538] ioctl(4, LOOP_CLR_FD) = 0 [pid 5538] close(4) = 0 [pid 5538] memfd_create("syzkaller", 0) = 4 [pid 5538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./257/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./257/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./257/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./257") = 0 [pid 344] mkdir("./258", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5542 [pid 5526] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 5542 attached [pid 5542] set_robust_list(0x555584fcf660, 24) = 0 [pid 5542] chdir("./258") = 0 [pid 5542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5542] setpgid(0, 0) = 0 [pid 5542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5542] write(3, "1000", 4) = 4 [pid 5542] close(3) = 0 [pid 5542] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5542] write(1, "executing program\n", 18) = 18 [pid 5542] memfd_create("syzkaller", 0) = 3 [pid 5542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5542] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5542] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5542] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5542] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5542] close(3) = 0 [ 245.266600][ T5538] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/256/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5542] close(4 [pid 5527] <... write resumed>) = 20699119 [pid 5527] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5527] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5542] <... close resumed>) = 0 [pid 5527] <... openat resumed>) = 5 [pid 5542] mkdir("./bus", 0777) = 0 [pid 5527] ioctl(5, LOOP_SET_FD, 4 [pid 5542] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5527] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5527] ioctl(5, LOOP_CLR_FD [pid 5530] <... write resumed>) = 20699119 [pid 5530] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5530] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5538] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5526] <... write resumed>) = 20699119 [pid 5526] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5526] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5526] ioctl(5, LOOP_SET_FD, 4 [pid 5527] <... ioctl resumed>) = 0 [pid 5530] <... openat resumed>) = 5 [pid 5530] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5530] ioctl(5, LOOP_CLR_FD) = 0 [pid 5526] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5526] ioctl(5, LOOP_CLR_FD) = 0 [pid 5530] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5530] close(5) = 0 [pid 5530] close(4 [pid 5527] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5527] close(5) = 0 [pid 5527] close(4 [pid 5526] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5526] close(5) = 0 [pid 5526] close(4 [pid 5530] <... close resumed>) = 0 [pid 5530] exit_group(0) = ? [pid 5530] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5530, si_uid=0, si_status=0, si_utime=8, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5526] <... close resumed>) = 0 [pid 5526] exit_group(0 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./260/binderfs") = 0 [pid 343] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5526] <... exit_group resumed>) = ? [pid 5526] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5526, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./259/binderfs") = 0 [pid 349] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5542] <... mount resumed>) = 0 [pid 5542] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5542] chdir("./bus") = 0 [pid 5542] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5527] <... close resumed>) = 0 [pid 5527] exit_group(0) = ? [pid 5527] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5527, si_uid=0, si_status=0, si_utime=8, si_stime=13} --- [ 245.487867][ T5542] EXT4-fs mount: 114 callbacks suppressed [ 245.487881][ T5542] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./260/binderfs") = 0 [pid 348] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5542] <... openat resumed>) = 4 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5542] ioctl(4, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./260/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./260/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./260/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./260") = 0 [pid 343] mkdir("./261", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5538] <... write resumed>) = 20699119 [pid 5538] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5538] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5542] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./259/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./259/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 5542] close(4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./259/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./259") = 0 [pid 349] mkdir("./260", 0777) = 0 [ 245.539855][ T5542] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/258/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5538] <... openat resumed>) = 5 [pid 5542] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 348] <... umount2 resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 348] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 348] newfstatat(AT_FDCWD, "./260/bus", [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5546 [pid 348] openat(AT_FDCWD, "./260/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5547 [pid 348] <... openat resumed>) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./260/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./260") = 0 [pid 348] mkdir("./261", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5548 ./strace-static-x86_64: Process 5546 attached [pid 5542] memfd_create("syzkaller", 0 [pid 5546] set_robust_list(0x555584fcf660, 24) = 0 [pid 5546] chdir("./260"./strace-static-x86_64: Process 5548 attached [pid 5548] set_robust_list(0x555584fcf660, 24 [pid 5546] <... chdir resumed>) = 0 [pid 5548] <... set_robust_list resumed>) = 0 [pid 5548] chdir("./261" [pid 5546] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5542] <... memfd_create resumed>) = 4 [pid 5546] setpgid(0, 0) = 0 executing program executing program [pid 5542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5548] <... chdir resumed>) = 0 [pid 5546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5548] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5548] setpgid(0, 0 [pid 5546] <... openat resumed>) = 3 [pid 5548] <... setpgid resumed>) = 0 [pid 5548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5546] write(3, "1000", 4) = 4 [pid 5546] close(3) = 0 [pid 5546] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5548] write(3, "1000", 4) = 4 [pid 5548] close(3) = 0 [pid 5548] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5546] write(1, "executing program\n", 18) = 18 [pid 5548] write(1, "executing program\n", 18 [pid 5546] memfd_create("syzkaller", 0 [pid 5548] <... write resumed>) = 18 [pid 5548] memfd_create("syzkaller", 0 [pid 5546] <... memfd_create resumed>) = 3 [pid 5548] <... memfd_create resumed>) = 3 [pid 5546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5546] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5548] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5546] <... write resumed>) = 262144 [pid 5546] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5548] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5548] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5546] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5548] <... openat resumed>) = 4 [pid 5546] <... openat resumed>) = 4 [pid 5546] ioctl(4, LOOP_SET_FD, 3 [pid 5548] ioctl(4, LOOP_SET_FD, 3 [pid 5538] ioctl(5, LOOP_SET_FD, 4./strace-static-x86_64: Process 5547 attached ) = -1 EBUSY (Device or resource busy) [pid 5538] ioctl(5, LOOP_CLR_FD [pid 5547] set_robust_list(0x555584fcf660, 24) = 0 [pid 5547] chdir("./261") = 0 [pid 5547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5547] setpgid(0, 0) = 0 [pid 5547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5547] write(3, "1000", 4) = 4 [pid 5546] <... ioctl resumed>) = 0 [pid 5547] close(3 [pid 5546] close(3) = 0 [pid 5546] close(4 [pid 5547] <... close resumed>) = 0 [pid 5547] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5548] <... ioctl resumed>) = 0 [pid 5548] close(3) = 0 [pid 5548] close(4) = 0 [pid 5548] mkdir("./bus", 0777) = 0 [pid 5548] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5538] <... ioctl resumed>) = 0 executing program [pid 5547] write(1, "executing program\n", 18) = 18 [pid 5547] memfd_create("syzkaller", 0) = 3 [pid 5547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5538] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5538] close(5 [pid 5547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5547] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5547] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5548] <... mount resumed>) = 0 [pid 5548] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5548] chdir("./bus") = 0 [pid 5548] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5546] <... close resumed>) = 0 [pid 5546] mkdir("./bus", 0777) = 0 [pid 5546] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5542] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5547] <... openat resumed>) = 4 [pid 5538] <... close resumed>) = 0 [pid 5547] ioctl(4, LOOP_SET_FD, 3 [pid 5538] close(4 [pid 5547] <... ioctl resumed>) = 0 [pid 5547] close(3) = 0 [pid 5547] close(4) = 0 [pid 5547] mkdir("./bus", 0777) = 0 [pid 5547] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5548] <... openat resumed>) = 4 [pid 5548] ioctl(4, LOOP_CLR_FD) = 0 [pid 5548] close(4) = 0 [pid 5548] memfd_create("syzkaller", 0) = 4 [pid 5548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 245.690140][ T5548] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 245.704784][ T5548] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/261/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5542] <... write resumed>) = 20699119 [pid 5542] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5547] <... mount resumed>) = 0 [pid 5542] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5547] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5542] <... openat resumed>) = 5 [pid 5547] <... openat resumed>) = 3 [pid 5542] ioctl(5, LOOP_SET_FD, 4 [pid 5547] chdir("./bus" [pid 5542] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5547] <... chdir resumed>) = 0 [pid 5542] ioctl(5, LOOP_CLR_FD [pid 5547] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5542] <... ioctl resumed>) = 0 [pid 5547] <... openat resumed>) = 4 [pid 5547] ioctl(4, LOOP_CLR_FD) = 0 [pid 5547] close(4) = 0 [pid 5547] memfd_create("syzkaller", 0 [pid 5542] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5547] <... memfd_create resumed>) = 4 [pid 5542] close(5) = 0 [pid 5547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5542] close(4 [pid 5547] <... mmap resumed>) = 0x7f7c475b3000 [pid 5538] <... close resumed>) = 0 [pid 5546] <... mount resumed>) = 0 [pid 5546] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5546] chdir("./bus") = 0 [pid 5546] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5546] ioctl(4, LOOP_CLR_FD) = 0 [pid 5546] close(4) = 0 [pid 5546] memfd_create("syzkaller", 0) = 4 [pid 5546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 245.797900][ T5547] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 245.815322][ T5546] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5538] exit_group(0) = ? [pid 5538] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5538, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./256/binderfs") = 0 [ 245.839124][ T5547] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/261/bus supports timestamps until (%ptR?) (0x7fffffff) [ 245.850629][ T5546] ext4 filesystem being mounted at /root/syzkaller.53SCZU/260/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 342] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./256/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./256/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./256/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./256/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./256") = 0 [pid 342] mkdir("./257", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5558 ./strace-static-x86_64: Process 5558 attached [pid 5558] set_robust_list(0x555584fcf660, 24) = 0 [pid 5558] chdir("./257") = 0 [pid 5558] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5558] setpgid(0, 0) = 0 [pid 5558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5558] write(3, "1000", 4) = 4 [pid 5558] close(3) = 0 [pid 5558] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5558] write(1, "executing program\n", 18) = 18 [pid 5558] memfd_create("syzkaller", 0) = 3 [pid 5558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5558] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5558] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5558] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5558] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5558] close(3) = 0 [pid 5558] close(4 [pid 5542] <... close resumed>) = 0 [pid 5542] exit_group(0) = ? [pid 5542] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5542, si_uid=0, si_status=0, si_utime=1, si_stime=17} --- [pid 5548] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./258/binderfs") = 0 [pid 344] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5546] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5558] <... close resumed>) = 0 [pid 5558] mkdir("./bus", 0777) = 0 [pid 5558] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./258/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./258/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./258/bus" [pid 5547] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./258") = 0 [pid 344] mkdir("./259", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5546] <... write resumed>) = 20699119 [pid 5546] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5546] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5548] <... write resumed>) = 20699119 [pid 5548] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5548] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5546] <... openat resumed>) = 5 [pid 344] <... openat resumed>) = 3 [pid 5546] ioctl(5, LOOP_SET_FD, 4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5546] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5546] ioctl(5, LOOP_CLR_FD [pid 344] close(3 [pid 5546] <... ioctl resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5560 [pid 5548] <... openat resumed>) = 5 [pid 5548] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5548] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5560 attached [pid 5560] set_robust_list(0x555584fcf660, 24) = 0 [pid 5546] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5546] close(5) = 0 [pid 5546] close(4 [pid 5548] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5548] close(5) = 0 [pid 5548] close(4 [pid 5560] chdir("./259") = 0 [pid 5560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5560] setpgid(0, 0) = 0 [pid 5560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5560] write(3, "1000", 4) = 4 [pid 5560] close(3) = 0 [pid 5560] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5560] write(1, "executing program\n", 18executing program ) = 18 [pid 5560] memfd_create("syzkaller", 0) = 3 [pid 5560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5560] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5560] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5560] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5560] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5560] close(3) = 0 [pid 5560] close(4) = 0 [pid 5560] mkdir("./bus", 0777) = 0 [pid 5560] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5547] <... write resumed>) = 20699119 [pid 5547] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5547] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5547] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5547] ioctl(5, LOOP_CLR_FD) = 0 [pid 5547] ioctl(5, LOOP_SET_FD, 4 [pid 5558] <... mount resumed>) = 0 [pid 5558] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5558] chdir("./bus") = 0 [pid 5558] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5558] ioctl(4, LOOP_CLR_FD) = 0 [pid 5558] close(4 [pid 5547] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5558] <... close resumed>) = 0 [pid 5558] memfd_create("syzkaller", 0) = 4 [pid 5558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5547] close(5) = 0 [pid 5547] close(4 [pid 5548] <... close resumed>) = 0 [pid 5548] exit_group(0) = ? [pid 5548] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5548, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [ 246.180953][ T5558] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 246.207355][ T5560] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5560] <... mount resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./261/binderfs" [pid 5560] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 348] <... unlink resumed>) = 0 [pid 348] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5560] <... openat resumed>) = 3 [pid 5560] chdir("./bus") = 0 [pid 5560] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5546] <... close resumed>) = 0 [pid 5546] exit_group(0) = ? [pid 5546] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5546, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./260/binderfs") = 0 [pid 349] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5547] <... close resumed>) = 0 [pid 5547] exit_group(0) = ? [pid 5547] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5547, si_uid=0, si_status=0, si_utime=9, si_stime=13} --- [ 246.216954][ T5558] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/257/bus supports timestamps until (%ptR?) (0x7fffffff) [ 246.233768][ T5560] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/259/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... umount2 resumed>) = 0 [pid 5560] <... openat resumed>) = 4 [pid 5560] ioctl(4, LOOP_CLR_FD [pid 343] <... restart_syscall resumed>) = 0 [pid 348] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./261/bus", [pid 343] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... openat resumed>) = 3 [pid 348] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] newfstatat(3, "", [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] openat(AT_FDCWD, "./261/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] getdents64(3, [pid 348] <... openat resumed>) = 4 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] newfstatat(4, "", [pid 343] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] getdents64(4, [pid 343] newfstatat(AT_FDCWD, "./261/binderfs", [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] getdents64(4, [pid 343] unlink("./261/binderfs") = 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4 [pid 343] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./261/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./261") = 0 [pid 348] mkdir("./262", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5558] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5560] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 5560] close(4) = 0 [pid 5560] memfd_create("syzkaller", 0) = 4 [pid 5560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./260/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./260/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./260/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./260") = 0 [pid 349] mkdir("./261", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5558] <... write resumed>) = 20699119 [pid 5558] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5558] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 349] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = 0 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] close(3) = 0 [pid 5558] <... openat resumed>) = 5 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] close(3 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... close resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./261/bus", [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5566 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5567 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./261/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./261/bus"./strace-static-x86_64: Process 5567 attached [pid 5567] set_robust_list(0x555584fcf660, 24) = 0 [pid 5567] chdir("./262" [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, [pid 5567] <... chdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5567] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5567] setpgid(0, 0 [pid 343] close(3 [pid 5567] <... setpgid resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 5567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] rmdir("./261" [pid 5567] <... openat resumed>) = 3 [pid 343] <... rmdir resumed>) = 0 [pid 5567] write(3, "1000", 4 [pid 343] mkdir("./262", 0777 [pid 5567] <... write resumed>) = 4 [pid 5567] close(3) = 0 [pid 5567] symlink("/dev/binderfs", "./binderfs") = 0 [pid 343] <... mkdir resumed>) = 0 executing program [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5567] write(1, "executing program\n", 18) = 18 [pid 5567] memfd_create("syzkaller", 0 [pid 343] <... openat resumed>) = 3 [pid 5558] ioctl(5, LOOP_SET_FD, 4 [pid 343] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5566 attached ) = -1 ENXIO (No such device or address) [pid 5558] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] close(3 [pid 5558] ioctl(5, LOOP_CLR_FD [pid 5567] <... memfd_create resumed>) = 3 [pid 5566] set_robust_list(0x555584fcf660, 24 [pid 5558] <... ioctl resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5568 [pid 5567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5566] <... set_robust_list resumed>) = 0 [pid 5567] <... mmap resumed>) = 0x7f7c475b3000 [pid 5566] chdir("./261" [pid 5558] ioctl(5, LOOP_SET_FD, 4 [pid 5566] <... chdir resumed>) = 0 [pid 5558] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5566] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5558] close(5 [pid 5566] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5568 attached [pid 5567] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5566] setpgid(0, 0 [pid 5558] <... close resumed>) = 0 [pid 5558] close(4 [pid 5566] <... setpgid resumed>) = 0 [pid 5566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5566] write(3, "1000", 4) = 4 [pid 5566] close(3) = 0 [pid 5566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5566] write(1, "executing program\n", 18executing program ) = 18 [pid 5566] memfd_create("syzkaller", 0) = 3 [pid 5566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5567] <... write resumed>) = 262144 [pid 5568] set_robust_list(0x555584fcf660, 24 [pid 5567] munmap(0x7f7c475b3000, 138412032 [pid 5568] <... set_robust_list resumed>) = 0 [pid 5568] chdir("./262") = 0 [pid 5568] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5568] setpgid(0, 0 [pid 5567] <... munmap resumed>) = 0 [pid 5568] <... setpgid resumed>) = 0 [pid 5567] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5567] <... openat resumed>) = 4 [pid 5568] write(3, "1000", 4) = 4 [pid 5567] ioctl(4, LOOP_SET_FD, 3 [pid 5568] close(3) = 0 [pid 5568] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5566] <... write resumed>) = 262144 [pid 5568] write(1, "executing program\n", 18executing program ) = 18 [pid 5566] munmap(0x7f7c475b3000, 138412032 [pid 5568] memfd_create("syzkaller", 0) = 3 [pid 5568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5567] <... ioctl resumed>) = 0 [pid 5567] close(3) = 0 [pid 5567] close(4 [pid 5568] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5567] <... close resumed>) = 0 [pid 5567] mkdir("./bus", 0777 [pid 5566] <... munmap resumed>) = 0 [pid 5567] <... mkdir resumed>) = 0 [pid 5567] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5566] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5568] <... write resumed>) = 262144 [pid 5568] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5568] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5566] <... openat resumed>) = 4 [pid 5568] <... openat resumed>) = 4 [pid 5568] ioctl(4, LOOP_SET_FD, 3 [pid 5566] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5566] close(3) = 0 [pid 5566] close(4 [pid 5568] <... ioctl resumed>) = 0 [pid 5558] <... close resumed>) = 0 [pid 5568] close(3 [pid 5566] <... close resumed>) = 0 [pid 5558] exit_group(0) = ? [pid 5566] mkdir("./bus", 0777 [pid 5558] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5558, si_uid=0, si_status=0, si_utime=1, si_stime=15} --- [pid 342] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5566] <... mkdir resumed>) = 0 [pid 5568] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5568] close(4 [pid 5566] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./257/binderfs") = 0 [pid 342] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5568] <... close resumed>) = 0 [pid 5568] mkdir("./bus", 0777 [pid 5560] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5568] <... mkdir resumed>) = 0 [pid 5568] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5567] <... mount resumed>) = 0 [pid 5567] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5567] chdir("./bus") = 0 [pid 5567] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5566] <... mount resumed>) = 0 [pid 5566] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5566] chdir("./bus") = 0 [pid 5566] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5560] <... write resumed>) = 20699119 [pid 5560] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5560] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5567] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 5566] <... openat resumed>) = 4 [pid 5566] ioctl(4, LOOP_CLR_FD) = 0 [pid 5566] close(4) = 0 [pid 5566] memfd_create("syzkaller", 0 [pid 5567] ioctl(4, LOOP_CLR_FD [pid 5566] <... memfd_create resumed>) = 4 [pid 5566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5567] <... ioctl resumed>) = 0 [pid 342] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5567] close(4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5567] <... close resumed>) = 0 [ 246.508986][ T5567] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 246.524171][ T5567] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/262/bus supports timestamps until (%ptR?) (0x7fffffff) [ 246.539620][ T5566] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 342] newfstatat(AT_FDCWD, "./257/bus", [pid 5567] memfd_create("syzkaller", 0) = 4 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 342] umount2("./257/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./257/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./257/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./257") = 0 [pid 342] mkdir("./258", 0777 [pid 5560] <... openat resumed>) = 5 [pid 342] <... mkdir resumed>) = 0 [pid 5560] ioctl(5, LOOP_SET_FD, 4 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5560] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] <... openat resumed>) = 3 [pid 5560] ioctl(5, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 5560] <... ioctl resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5560] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5578 [pid 5560] close(5) = 0 [pid 5560] close(4./strace-static-x86_64: Process 5578 attached [pid 5578] set_robust_list(0x555584fcf660, 24) = 0 [pid 5578] chdir("./258") = 0 [pid 5578] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5578] setpgid(0, 0) = 0 [pid 5578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5578] write(3, "1000", 4) = 4 [pid 5578] close(3) = 0 [pid 5578] symlink("/dev/binderfs", "./binderfs") = 0 [ 246.555523][ T5566] ext4 filesystem being mounted at /root/syzkaller.53SCZU/261/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5578] write(1, "executing program\n", 18executing program ) = 18 [pid 5578] memfd_create("syzkaller", 0) = 3 [pid 5578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5578] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5578] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5578] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5578] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5578] close(3) = 0 [pid 5578] close(4 [pid 5568] <... mount resumed>) = 0 [pid 5568] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5568] chdir("./bus") = 0 [pid 5568] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5578] <... close resumed>) = 0 [pid 5568] <... openat resumed>) = 4 [pid 5578] mkdir("./bus", 0777 [pid 5568] ioctl(4, LOOP_CLR_FD [pid 5578] <... mkdir resumed>) = 0 [pid 5568] <... ioctl resumed>) = 0 [pid 5568] close(4) = 0 [pid 5568] memfd_create("syzkaller", 0) = 4 [pid 5568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 246.608211][ T5568] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 246.640220][ T5568] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/262/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5578] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5560] <... close resumed>) = 0 [pid 5560] exit_group(0) = ? [pid 5560] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5560, si_uid=0, si_status=0, si_utime=4, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./259/binderfs") = 0 [pid 344] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5566] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5578] <... mount resumed>) = 0 [pid 5578] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5578] chdir("./bus") = 0 [pid 5578] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5567] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5578] <... openat resumed>) = 4 [pid 344] <... umount2 resumed>) = 0 [pid 5578] ioctl(4, LOOP_CLR_FD) = 0 [pid 5578] close(4) = 0 [pid 5578] memfd_create("syzkaller", 0) = 4 [pid 5578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./259/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./259/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./259/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./259") = 0 [pid 344] mkdir("./260", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5582 ./strace-static-x86_64: Process 5582 attached [pid 5582] set_robust_list(0x555584fcf660, 24) = 0 [pid 5582] chdir("./260") = 0 [pid 5582] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5582] setpgid(0, 0) = 0 [pid 5582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5582] write(3, "1000", 4) = 4 [pid 5582] close(3) = 0 [pid 5582] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5582] write(1, "executing program\n", 18) = 18 [pid 5582] memfd_create("syzkaller", 0) = 3 [pid 5582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5582] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5582] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5582] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 246.727748][ T5578] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 246.755852][ T5578] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/258/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5582] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5582] close(3) = 0 [pid 5582] close(4 [pid 5568] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5582] <... close resumed>) = 0 [pid 5582] mkdir("./bus", 0777) = 0 [pid 5582] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5566] <... write resumed>) = 20699119 [pid 5566] munmap(0x7f7c475b3000, 138412032 [pid 5567] <... write resumed>) = 20699119 [pid 5566] <... munmap resumed>) = 0 [pid 5567] munmap(0x7f7c475b3000, 138412032 [pid 5566] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5567] <... munmap resumed>) = 0 [pid 5567] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5566] <... openat resumed>) = 5 [pid 5567] <... openat resumed>) = 5 [pid 5567] ioctl(5, LOOP_SET_FD, 4 [pid 5566] ioctl(5, LOOP_SET_FD, 4 [pid 5567] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5566] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5567] ioctl(5, LOOP_CLR_FD [pid 5566] ioctl(5, LOOP_CLR_FD [pid 5567] <... ioctl resumed>) = 0 [pid 5566] <... ioctl resumed>) = 0 [pid 5567] ioctl(5, LOOP_SET_FD, 4 [pid 5566] ioctl(5, LOOP_SET_FD, 4 [pid 5567] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5566] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5567] close(5 [pid 5566] close(5) = 0 [pid 5567] <... close resumed>) = 0 [pid 5566] close(4 [pid 5567] close(4 [pid 5568] <... write resumed>) = 20699119 [pid 5568] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5568] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5568] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5568] ioctl(5, LOOP_CLR_FD) = 0 [pid 5582] <... mount resumed>) = 0 [pid 5582] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5582] chdir("./bus") = 0 [pid 5582] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5582] ioctl(4, LOOP_CLR_FD) = 0 [pid 5582] close(4) = 0 [pid 5582] memfd_create("syzkaller", 0 [pid 5568] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5568] close(5) = 0 [pid 5568] close(4 [pid 5582] <... memfd_create resumed>) = 4 [pid 5582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5578] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5566] <... close resumed>) = 0 [ 246.968104][ T5582] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 246.993507][ T5582] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/260/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5566] exit_group(0) = ? [pid 5566] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5566, si_uid=0, si_status=0, si_utime=8, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5567] <... close resumed>) = 0 [pid 5567] exit_group(0) = ? [pid 349] <... restart_syscall resumed>) = 0 [pid 5567] +++ exited with 0 +++ [pid 349] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5567, si_uid=0, si_status=0, si_utime=9, si_stime=13} --- [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... openat resumed>) = 3 [pid 348] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] newfstatat(3, "", [pid 348] <... openat resumed>) = 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] newfstatat(3, "", [pid 349] getdents64(3, [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] getdents64(3, [pid 349] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] newfstatat(AT_FDCWD, "./261/binderfs", [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] newfstatat(AT_FDCWD, "./262/binderfs", [pid 349] unlink("./261/binderfs" [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... unlink resumed>) = 0 [pid 348] unlink("./262/binderfs" [pid 349] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... unlink resumed>) = 0 [pid 348] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5568] <... close resumed>) = 0 [pid 5568] exit_group(0) = ? [pid 5568] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5568, si_uid=0, si_status=0, si_utime=3, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5578] <... write resumed>) = 20699119 [pid 5578] munmap(0x7f7c475b3000, 138412032 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./262/binderfs") = 0 [pid 343] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5578] <... munmap resumed>) = 0 [pid 5578] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./261/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./261/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./261/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./261") = 0 [pid 349] mkdir("./262", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5582] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5578] <... openat resumed>) = 5 [pid 5578] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5578] ioctl(5, LOOP_CLR_FD [pid 5582] <... write resumed>) = 20699119 [pid 5582] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5582] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5578] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./262/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./262/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./262/bus") = 0 [pid 5578] ioctl(5, LOOP_SET_FD, 4 [pid 348] getdents64(3, [pid 5578] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5578] close(5 [pid 348] close(3 [pid 5578] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 5578] close(4 [pid 349] <... openat resumed>) = 3 [pid 348] rmdir("./262" [pid 349] ioctl(3, LOOP_CLR_FD [pid 348] <... rmdir resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] mkdir("./263", 0777 [pid 349] close(3 [pid 348] <... mkdir resumed>) = 0 [pid 343] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... close resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... openat resumed>) = 3 [pid 5582] <... openat resumed>) = 5 [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5586 attached [pid 5582] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5586 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] newfstatat(AT_FDCWD, "./262/bus", [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5586] set_robust_list(0x555584fcf660, 24 [pid 5582] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5587 [pid 343] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5582] ioctl(5, LOOP_CLR_FD [pid 5586] <... set_robust_list resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5582] <... ioctl resumed>) = 0 [pid 343] openat(AT_FDCWD, "./262/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5586] chdir("./262" [pid 343] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", [pid 5586] <... chdir resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5586] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5586] setpgid(0, 0 [pid 343] getdents64(4, [pid 5582] ioctl(5, LOOP_SET_FD, 4 [pid 5586] <... setpgid resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5582] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] close(4 [pid 5582] close(5 [pid 343] <... close resumed>) = 0 [pid 5582] <... close resumed>) = 0 [pid 343] rmdir("./262/bus" [pid 5582] close(4 [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./262") = 0 [pid 343] mkdir("./263", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5588 [pid 5586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5586] write(3, "1000", 4) = 4 [pid 5586] close(3) = 0 ./strace-static-x86_64: Process 5588 attached [pid 5586] symlink("/dev/binderfs", "./binderfs" [pid 5588] set_robust_list(0x555584fcf660, 24) = 0 [pid 5588] chdir("./263" [pid 5586] <... symlink resumed>) = 0 [pid 5588] <... chdir resumed>) = 0 [pid 5588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5588] setpgid(0, 0) = 0 [pid 5586] write(1, "executing program\n", 18executing program [pid 5588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5586] <... write resumed>) = 18 [pid 5588] <... openat resumed>) = 3 [pid 5586] memfd_create("syzkaller", 0) = 3 [pid 5588] write(3, "1000", 4) = 4 [pid 5588] close(3) = 0 [pid 5588] symlink("/dev/binderfs", "./binderfs" [pid 5586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 executing program [pid 5588] <... symlink resumed>) = 0 [pid 5588] write(1, "executing program\n", 18) = 18 [pid 5588] memfd_create("syzkaller", 0) = 3 [pid 5588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5588] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5586] <... write resumed>) = 262144 [pid 5586] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5586] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5588] <... write resumed>) = 262144 [pid 5588] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5588] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5588] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5587 attached [pid 5587] set_robust_list(0x555584fcf660, 24) = 0 [pid 5587] chdir("./263") = 0 [pid 5587] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5587] setpgid(0, 0) = 0 [pid 5587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5587] write(3, "1000", 4) = 4 [pid 5587] close(3) = 0 [pid 5587] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5587] write(1, "executing program\n", 18executing program ) = 18 [pid 5587] memfd_create("syzkaller", 0) = 3 [pid 5587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5588] <... ioctl resumed>) = 0 [pid 5586] <... openat resumed>) = 4 [pid 5586] ioctl(4, LOOP_SET_FD, 3 [pid 5588] close(3) = 0 [pid 5588] close(4 [pid 5587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5587] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5587] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5586] <... ioctl resumed>) = 0 [pid 5586] close(3) = 0 [pid 5588] <... close resumed>) = 0 [pid 5586] close(4 [pid 5588] mkdir("./bus", 0777 [pid 5586] <... close resumed>) = 0 [pid 5586] mkdir("./bus", 0777 [pid 5588] <... mkdir resumed>) = 0 [pid 5588] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5586] <... mkdir resumed>) = 0 [pid 5586] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5587] <... openat resumed>) = 4 [pid 5587] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5587] close(3) = 0 [pid 5587] close(4) = 0 [pid 5587] mkdir("./bus", 0777) = 0 [pid 5587] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5582] <... close resumed>) = 0 [pid 5582] exit_group(0) = ? [pid 5582] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5582, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 344] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5586] <... mount resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 247.315485][ T5586] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 247.340251][ T5586] ext4 filesystem being mounted at /root/syzkaller.53SCZU/262/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] newfstatat(3, "", [pid 5586] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5578] <... close resumed>) = 0 [pid 5578] exit_group(0) = ? [pid 5578] +++ exited with 0 +++ [pid 5588] <... mount resumed>) = 0 [pid 5588] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5588] chdir("./bus") = 0 [pid 5588] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5588] ioctl(4, LOOP_CLR_FD) = 0 [pid 5588] close(4) = 0 [pid 5588] memfd_create("syzkaller", 0) = 4 [pid 5588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5586] <... openat resumed>) = 3 [pid 344] getdents64(3, [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5578, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5586] chdir("./bus" [pid 344] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5586] <... chdir resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5586] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5587] <... mount resumed>) = 0 [pid 344] newfstatat(AT_FDCWD, "./260/binderfs", [pid 5586] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5586] ioctl(4, LOOP_CLR_FD [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] unlink("./260/binderfs" [pid 5587] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5586] <... ioctl resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 342] newfstatat(3, "", [pid 5586] close(4 [pid 5587] <... openat resumed>) = 3 [pid 5586] <... close resumed>) = 0 [pid 344] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5586] memfd_create("syzkaller", 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5586] <... memfd_create resumed>) = 4 [pid 5586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5586] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./258/binderfs") = 0 [pid 342] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5587] chdir("./bus") = 0 [pid 5587] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./260/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./260/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./260/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./260") = 0 [pid 344] mkdir("./261", 0777) = 0 [ 247.354405][ T5588] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 247.354590][ T5587] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 247.379307][ T5588] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/263/bus supports timestamps until (%ptR?) (0x7fffffff) [ 247.382913][ T5587] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/263/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5588] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5586] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5587] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 5587] ioctl(4, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 342] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5587] <... ioctl resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3 [pid 5587] close(4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5587] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 342] newfstatat(AT_FDCWD, "./258/bus", [pid 5587] memfd_create("syzkaller", 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5587] <... memfd_create resumed>) = 4 [pid 342] umount2("./258/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5598 [pid 342] openat(AT_FDCWD, "./258/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5587] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./258/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./258") = 0 [pid 342] mkdir("./259", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5599 ./strace-static-x86_64: Process 5598 attached [pid 5598] set_robust_list(0x555584fcf660, 24) = 0 [pid 5598] chdir("./261") = 0 [pid 5598] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5599 attached ) = 0 [pid 5599] set_robust_list(0x555584fcf660, 24) = 0 [pid 5598] setpgid(0, 0 [pid 5599] chdir("./259" [pid 5598] <... setpgid resumed>) = 0 [pid 5599] <... chdir resumed>) = 0 [pid 5599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5599] setpgid(0, 0) = 0 [pid 5599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5599] <... openat resumed>) = 3 [pid 5599] write(3, "1000", 4 [pid 5598] <... openat resumed>) = 3 [pid 5599] <... write resumed>) = 4 [pid 5599] close(3) = 0 [pid 5599] symlink("/dev/binderfs", "./binderfs" [pid 5598] write(3, "1000", 4) = 4 [pid 5599] <... symlink resumed>) = 0 executing program [pid 5599] write(1, "executing program\n", 18) = 18 [pid 5599] memfd_create("syzkaller", 0 [pid 5598] close(3 [pid 5599] <... memfd_create resumed>) = 3 [pid 5598] <... close resumed>) = 0 [pid 5599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5598] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5598] write(1, "executing program\n", 18) = 18 [pid 5598] memfd_create("syzkaller", 0) = 3 [pid 5598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5599] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5599] <... write resumed>) = 262144 [pid 5599] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5599] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5598] <... write resumed>) = 262144 [pid 5599] ioctl(4, LOOP_SET_FD, 3 [pid 5598] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5598] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5599] <... ioctl resumed>) = 0 [pid 5598] <... openat resumed>) = 4 [pid 5599] close(3) = 0 [pid 5599] close(4) = 0 [pid 5599] mkdir("./bus", 0777) = 0 [pid 5598] ioctl(4, LOOP_SET_FD, 3 [pid 5599] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5598] <... ioctl resumed>) = 0 [pid 5598] close(3) = 0 [pid 5598] close(4) = 0 [pid 5598] mkdir("./bus", 0777) = 0 [pid 5598] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5588] <... write resumed>) = 20699119 [pid 5588] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5588] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5588] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5588] ioctl(5, LOOP_CLR_FD) = 0 [pid 5586] <... write resumed>) = 20699119 [pid 5588] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5588] close(5) = 0 [pid 5586] munmap(0x7f7c475b3000, 138412032 [pid 5588] close(4 [pid 5586] <... munmap resumed>) = 0 [pid 5586] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5598] <... mount resumed>) = 0 [pid 5586] <... openat resumed>) = 5 [pid 5586] ioctl(5, LOOP_SET_FD, 4 [pid 5598] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5586] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5586] ioctl(5, LOOP_CLR_FD [pid 5598] chdir("./bus" [pid 5586] <... ioctl resumed>) = 0 [pid 5598] <... chdir resumed>) = 0 [pid 5598] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5598] ioctl(4, LOOP_CLR_FD) = 0 [pid 5598] close(4) = 0 [pid 5598] memfd_create("syzkaller", 0 [pid 5586] ioctl(5, LOOP_SET_FD, 4 [pid 5598] <... memfd_create resumed>) = 4 [pid 5586] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5586] close(5 [pid 5598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5586] <... close resumed>) = 0 [pid 5598] <... mmap resumed>) = 0x7f7c475b3000 [ 247.618094][ T5598] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 247.635933][ T5599] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 247.646869][ T5598] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/261/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5586] close(4 [pid 5599] <... mount resumed>) = 0 [pid 5599] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5599] chdir("./bus") = 0 [pid 5599] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5599] ioctl(4, LOOP_CLR_FD) = 0 [pid 5599] close(4) = 0 [pid 5599] memfd_create("syzkaller", 0) = 4 [pid 5599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 247.651466][ T5599] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/259/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5587] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5586] <... close resumed>) = 0 [pid 5586] exit_group(0) = ? [pid 5586] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5586, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5588] <... close resumed>) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./262/binderfs") = 0 [pid 349] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5588] exit_group(0) = ? [pid 5588] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5588, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./263/binderfs") = 0 [pid 343] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./262/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./262/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./262/bus") = 0 [pid 349] getdents64(3, [pid 5598] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./262") = 0 [pid 349] mkdir("./263", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5599] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5587] <... write resumed>) = 20699119 [pid 5587] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5587] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 349] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 5587] ioctl(5, LOOP_SET_FD, 4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5587] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5587] ioctl(5, LOOP_CLR_FD [pid 349] close(3 [pid 5587] <... ioctl resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./263/bus", [pid 349] <... close resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./263/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5587] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5606 [pid 5587] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] newfstatat(4, "", [pid 5587] close(5) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5587] close(4 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./263/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./263") = 0 [pid 343] mkdir("./264", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5607 ./strace-static-x86_64: Process 5607 attached [pid 5607] set_robust_list(0x555584fcf660, 24) = 0 [pid 5607] chdir("./264") = 0 [pid 5607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5607] setpgid(0, 0) = 0 [pid 5607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5606 attached [pid 5607] write(3, "1000", 4) = 4 [pid 5607] close(3) = 0 [pid 5607] symlink("/dev/binderfs", "./binderfs" [pid 5606] set_robust_list(0x555584fcf660, 24) = 0 [pid 5606] chdir("./263" [pid 5607] <... symlink resumed>) = 0 executing program [pid 5607] write(1, "executing program\n", 18) = 18 [pid 5606] <... chdir resumed>) = 0 [pid 5607] memfd_create("syzkaller", 0) = 3 [pid 5606] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5606] <... prctl resumed>) = 0 [pid 5606] setpgid(0, 0) = 0 [pid 5606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5606] write(3, "1000", 4) = 4 [pid 5606] close(3) = 0 [pid 5606] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5606] write(1, "executing program\n", 18executing program ) = 18 [pid 5607] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5606] memfd_create("syzkaller", 0) = 3 [pid 5606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5606] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5607] <... write resumed>) = 262144 [pid 5607] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5607] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5607] ioctl(4, LOOP_SET_FD, 3 [pid 5606] <... write resumed>) = 262144 [pid 5606] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5606] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5607] <... ioctl resumed>) = 0 [pid 5606] <... openat resumed>) = 4 [pid 5607] close(3) = 0 [pid 5607] close(4) = 0 [pid 5607] mkdir("./bus", 0777) = 0 [pid 5606] ioctl(4, LOOP_SET_FD, 3 [pid 5607] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5606] <... ioctl resumed>) = 0 [pid 5606] close(3 [pid 5598] <... write resumed>) = 20699119 [pid 5606] <... close resumed>) = 0 [pid 5598] munmap(0x7f7c475b3000, 138412032 [pid 5606] close(4) = 0 [pid 5606] mkdir("./bus", 0777) = 0 [pid 5606] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5598] <... munmap resumed>) = 0 [pid 5598] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5598] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5598] ioctl(5, LOOP_CLR_FD) = 0 [pid 5598] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5598] close(5) = 0 [pid 5598] close(4 [pid 5587] <... close resumed>) = 0 [pid 5606] <... mount resumed>) = 0 [pid 5587] exit_group(0) = ? [pid 5606] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5606] chdir("./bus") = 0 [pid 5587] +++ exited with 0 +++ [pid 5606] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5587, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5606] <... openat resumed>) = 4 [pid 5606] ioctl(4, LOOP_CLR_FD) = 0 [pid 5606] close(4) = 0 [pid 5606] memfd_create("syzkaller", 0) = 4 [pid 5606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./263/binderfs") = 0 [pid 348] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5599] <... write resumed>) = 20699119 [pid 5599] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5599] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5599] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5599] ioctl(5, LOOP_CLR_FD) = 0 [pid 5598] <... close resumed>) = 0 [pid 5598] exit_group(0) = ? [pid 5599] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5598] +++ exited with 0 +++ [pid 5599] close(5 [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5598, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 5599] <... close resumed>) = 0 [pid 5599] close(4 [pid 344] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./261/binderfs") = 0 [pid 344] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5607] <... mount resumed>) = 0 [pid 5607] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5607] chdir("./bus") = 0 [ 248.018165][ T5606] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 248.036944][ T5606] ext4 filesystem being mounted at /root/syzkaller.53SCZU/263/bus supports timestamps until (%ptR?) (0x7fffffff) [ 248.038309][ T5607] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5607] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... umount2 resumed>) = 0 [pid 5606] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./263/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./263/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./263/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./263") = 0 [pid 348] mkdir("./264", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5599] <... close resumed>) = 0 [pid 5599] exit_group(0) = ? [pid 5599] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5599, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./259/binderfs") = 0 [ 248.085828][ T5607] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/264/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5607] <... openat resumed>) = 4 [pid 5607] ioctl(4, LOOP_CLR_FD) = 0 [pid 5607] close(4) = 0 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 5607] memfd_create("syzkaller", 0 [pid 348] <... close resumed>) = 0 [pid 5607] <... memfd_create resumed>) = 4 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5614 ./strace-static-x86_64: Process 5614 attached [pid 5614] set_robust_list(0x555584fcf660, 24) = 0 [pid 5614] chdir("./264") = 0 [pid 5614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5614] setpgid(0, 0) = 0 [pid 5614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5614] write(3, "1000", 4) = 4 [pid 5614] close(3) = 0 [pid 5614] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5614] write(1, "executing program\n", 18executing program ) = 18 [pid 5614] memfd_create("syzkaller", 0) = 3 [pid 5614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5614] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5614] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5614] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 5614] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 5614] ioctl(4, LOOP_SET_FD, 3 [pid 344] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] newfstatat(AT_FDCWD, "./261/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] newfstatat(AT_FDCWD, "./259/bus", [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] openat(AT_FDCWD, "./261/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] umount2("./259/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(4, "", [pid 342] openat(AT_FDCWD, "./259/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... openat resumed>) = 4 [pid 344] getdents64(4, [pid 342] newfstatat(4, "", [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, [pid 342] getdents64(4, [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] close(4 [pid 342] getdents64(4, [pid 344] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] rmdir("./261/bus" [pid 342] close(4 [pid 344] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 344] getdents64(3, [pid 342] rmdir("./259/bus" [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 344] close(3 [pid 342] getdents64(3, [pid 344] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] rmdir("./261" [pid 342] close(3 [pid 344] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 344] mkdir("./262", 0777 [pid 342] rmdir("./259" [pid 344] <... mkdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 342] mkdir("./260", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5606] <... write resumed>) = 20699119 [pid 5614] <... ioctl resumed>) = 0 [pid 5606] munmap(0x7f7c475b3000, 138412032 [pid 344] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 5614] close(3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 5614] <... close resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5614] close(4 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5614] <... close resumed>) = 0 [pid 344] close(3 [pid 342] close(3 [pid 5614] mkdir("./bus", 0777) = 0 [pid 5614] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5606] <... munmap resumed>) = 0 [pid 5606] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 344] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5616 [pid 5606] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5617 [pid 5606] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5606] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5616 attached ./strace-static-x86_64: Process 5617 attached [pid 5617] set_robust_list(0x555584fcf660, 24 [pid 5616] set_robust_list(0x555584fcf660, 24) = 0 [pid 5617] <... set_robust_list resumed>) = 0 [pid 5617] chdir("./262" [pid 5606] ioctl(5, LOOP_SET_FD, 4 [pid 5616] chdir("./260" [pid 5606] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5616] <... chdir resumed>) = 0 [pid 5617] <... chdir resumed>) = 0 [pid 5616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5617] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5616] setpgid(0, 0 [pid 5617] <... prctl resumed>) = 0 [pid 5617] setpgid(0, 0 [pid 5616] <... setpgid resumed>) = 0 [pid 5617] <... setpgid resumed>) = 0 [pid 5616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5606] close(5 [pid 5616] <... openat resumed>) = 3 [pid 5616] write(3, "1000", 4 [pid 5617] write(3, "1000", 4 [pid 5616] <... write resumed>) = 4 [pid 5617] <... write resumed>) = 4 [pid 5616] close(3 [pid 5617] close(3 [pid 5616] <... close resumed>) = 0 [pid 5617] <... close resumed>) = 0 [pid 5616] symlink("/dev/binderfs", "./binderfs" [pid 5617] symlink("/dev/binderfs", "./binderfs" [pid 5606] <... close resumed>) = 0 [pid 5606] close(4 [pid 5617] <... symlink resumed>) = 0 [pid 5616] <... symlink resumed>) = 0 [pid 5616] write(1, "executing program\n", 18executing program executing program [pid 5617] write(1, "executing program\n", 18 [pid 5616] <... write resumed>) = 18 [pid 5617] <... write resumed>) = 18 [pid 5617] memfd_create("syzkaller", 0 [pid 5616] memfd_create("syzkaller", 0) = 3 [pid 5617] <... memfd_create resumed>) = 3 [pid 5616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5616] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5617] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5616] <... write resumed>) = 262144 [pid 5616] munmap(0x7f7c475b3000, 138412032 [pid 5617] munmap(0x7f7c475b3000, 138412032 [pid 5616] <... munmap resumed>) = 0 [pid 5617] <... munmap resumed>) = 0 [pid 5617] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5616] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5617] <... openat resumed>) = 4 [pid 5616] <... openat resumed>) = 4 [pid 5616] ioctl(4, LOOP_SET_FD, 3 [pid 5617] ioctl(4, LOOP_SET_FD, 3 [pid 5616] <... ioctl resumed>) = 0 [pid 5616] close(3) = 0 [pid 5616] close(4 [pid 5607] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5617] <... ioctl resumed>) = 0 [pid 5617] close(3) = 0 [pid 5617] close(4) = 0 [pid 5616] <... close resumed>) = 0 [pid 5617] mkdir("./bus", 0777 [pid 5616] mkdir("./bus", 0777 [pid 5617] <... mkdir resumed>) = 0 [pid 5616] <... mkdir resumed>) = 0 [pid 5616] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5617] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5614] <... mount resumed>) = 0 [pid 5614] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5614] chdir("./bus") = 0 [pid 5614] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5614] ioctl(4, LOOP_CLR_FD) = 0 [pid 5614] close(4) = 0 [pid 5614] memfd_create("syzkaller", 0) = 4 [pid 5614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 248.297154][ T5614] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 248.324087][ T5614] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/264/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5617] <... mount resumed>) = 0 [pid 5606] <... close resumed>) = 0 [pid 5606] exit_group(0 [pid 5617] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5606] <... exit_group resumed>) = ? [pid 5606] +++ exited with 0 +++ [pid 5617] <... openat resumed>) = 3 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5606, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5617] chdir("./bus") = 0 [pid 5617] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5617] ioctl(4, LOOP_CLR_FD) = 0 [pid 5617] close(4) = 0 [pid 5617] memfd_create("syzkaller", 0) = 4 [pid 5617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] <... restart_syscall resumed>) = 0 [pid 5616] <... mount resumed>) = 0 [pid 5616] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5616] chdir("./bus") = 0 [pid 5616] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5616] ioctl(4, LOOP_CLR_FD) = 0 [pid 5616] close(4 [pid 349] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5616] <... close resumed>) = 0 [pid 5616] memfd_create("syzkaller", 0 [pid 349] newfstatat(3, "", [pid 5616] <... memfd_create resumed>) = 4 [pid 5616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./263/binderfs") = 0 [ 248.342081][ T5617] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 248.366680][ T5617] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/262/bus supports timestamps until (%ptR?) (0x7fffffff) [ 248.368100][ T5616] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 349] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 349] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./263/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./263/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./263/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./263") = 0 [pid 349] mkdir("./264", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5626 ./strace-static-x86_64: Process 5626 attached [pid 5626] set_robust_list(0x555584fcf660, 24) = 0 [pid 5626] chdir("./264") = 0 [pid 5626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5626] setpgid(0, 0) = 0 [ 248.397522][ T5616] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/260/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5626] write(3, "1000", 4) = 4 [pid 5626] close(3) = 0 [pid 5626] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5626] write(1, "executing program\n", 18) = 18 [pid 5626] memfd_create("syzkaller", 0) = 3 [pid 5626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5626] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5626] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5626] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5626] close(3) = 0 [pid 5626] close(4) = 0 [pid 5626] mkdir("./bus", 0777) = 0 [pid 5626] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5607] <... write resumed>) = 20699119 [pid 5607] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5607] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5607] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5607] ioctl(5, LOOP_CLR_FD) = 0 [pid 5607] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5607] close(5) = 0 [pid 5607] close(4 [pid 5616] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5614] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5626] <... mount resumed>) = 0 [pid 5626] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5626] chdir("./bus") = 0 [pid 5626] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5626] ioctl(4, LOOP_CLR_FD) = 0 [pid 5626] close(4 [pid 5607] <... close resumed>) = 0 [pid 5607] exit_group(0) = ? [pid 5626] <... close resumed>) = 0 [pid 5626] memfd_create("syzkaller", 0) = 4 [pid 5626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5607] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5607, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./264/binderfs") = 0 [ 248.538989][ T5626] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 248.576888][ T5626] ext4 filesystem being mounted at /root/syzkaller.53SCZU/264/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5617] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./264/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./264/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./264/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./264") = 0 [pid 343] mkdir("./265", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5630 ./strace-static-x86_64: Process 5630 attached [pid 5630] set_robust_list(0x555584fcf660, 24) = 0 [pid 5630] chdir("./265") = 0 [pid 5630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5630] setpgid(0, 0) = 0 [pid 5630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5630] write(3, "1000", 4) = 4 [pid 5630] close(3) = 0 [pid 5630] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5630] write(1, "executing program\n", 18) = 18 [pid 5630] memfd_create("syzkaller", 0) = 3 [pid 5630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5630] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5630] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5630] close(3) = 0 [pid 5630] close(4) = 0 [pid 5630] mkdir("./bus", 0777) = 0 [pid 5630] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5614] <... write resumed>) = 20699119 [pid 5614] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5614] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5614] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5614] ioctl(5, LOOP_CLR_FD) = 0 [pid 5616] <... write resumed>) = 20699119 [pid 5614] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5614] close(5 [pid 5616] munmap(0x7f7c475b3000, 138412032 [pid 5614] <... close resumed>) = 0 [pid 5614] close(4 [pid 5616] <... munmap resumed>) = 0 [pid 5616] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5616] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5616] ioctl(5, LOOP_CLR_FD) = 0 [pid 5630] <... mount resumed>) = 0 [pid 5630] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5630] chdir("./bus") = 0 [pid 5616] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5630] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5616] close(5 [pid 5630] <... openat resumed>) = 4 [pid 5616] <... close resumed>) = 0 [pid 5616] close(4 [pid 5630] ioctl(4, LOOP_CLR_FD) = 0 [pid 5630] close(4) = 0 [pid 5630] memfd_create("syzkaller", 0) = 4 [pid 5630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5617] <... write resumed>) = 20699119 [pid 5626] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5617] munmap(0x7f7c475b3000, 138412032) = 0 [ 248.748111][ T5630] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 248.780781][ T5630] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/265/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5617] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5617] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5617] ioctl(5, LOOP_CLR_FD) = 0 [pid 5617] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5617] close(5) = 0 [pid 5617] close(4 [pid 5616] <... close resumed>) = 0 [pid 5614] <... close resumed>) = 0 [pid 5614] exit_group(0) = ? [pid 5616] exit_group(0 [pid 5614] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5614, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 5616] <... exit_group resumed>) = ? [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5616] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5616, si_uid=0, si_status=0, si_utime=8, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 348] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 342] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./260/binderfs", [pid 348] newfstatat(AT_FDCWD, "./264/binderfs", [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./260/binderfs" [pid 348] unlink("./264/binderfs") = 0 [pid 342] <... unlink resumed>) = 0 [pid 348] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5617] <... close resumed>) = 0 [pid 5617] exit_group(0) = ? [pid 5617] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5617, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./262/binderfs") = 0 [pid 344] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5630] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5626] <... write resumed>) = 20699119 [pid 5626] munmap(0x7f7c475b3000, 138412032 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./260/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./260/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./260/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./260/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./260") = 0 [pid 342] mkdir("./261", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5626] <... munmap resumed>) = 0 [pid 5626] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5630] <... write resumed>) = 20699119 [pid 5630] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5630] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5626] <... openat resumed>) = 5 [pid 5630] <... openat resumed>) = 5 [pid 5626] ioctl(5, LOOP_SET_FD, 4 [pid 5630] ioctl(5, LOOP_SET_FD, 4 [pid 5626] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5630] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5630] ioctl(5, LOOP_CLR_FD [pid 5626] ioctl(5, LOOP_CLR_FD) = 0 [pid 5630] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5634 [pid 5626] ioctl(5, LOOP_SET_FD, 4 [pid 5630] ioctl(5, LOOP_SET_FD, 4 [pid 5626] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5630] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5626] close(5 [pid 5630] close(5 [pid 348] <... umount2 resumed>) = 0 [pid 5630] <... close resumed>) = 0 [pid 5626] <... close resumed>) = 0 [pid 348] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] newfstatat(AT_FDCWD, "./264/bus", [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] newfstatat(AT_FDCWD, "./262/bus", ./strace-static-x86_64: Process 5634 attached [pid 348] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5634] set_robust_list(0x555584fcf660, 24 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5634] <... set_robust_list resumed>) = 0 [pid 348] openat(AT_FDCWD, "./264/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5634] chdir("./261" [pid 348] <... openat resumed>) = 4 [pid 344] openat(AT_FDCWD, "./262/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5634] <... chdir resumed>) = 0 [pid 348] newfstatat(4, "", [pid 344] <... openat resumed>) = 4 [pid 5634] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] newfstatat(4, "", [pid 5634] <... prctl resumed>) = 0 [pid 348] getdents64(4, [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5634] setpgid(0, 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, [pid 5634] <... setpgid resumed>) = 0 [pid 348] getdents64(4, [pid 5634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5630] close(4 [pid 5626] close(4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] close(4 [pid 344] getdents64(4, [pid 348] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] rmdir("./264/bus" [pid 344] close(4 [pid 348] <... rmdir resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] getdents64(3, [pid 344] rmdir("./262/bus" [pid 5634] <... openat resumed>) = 3 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5634] write(3, "1000", 4) = 4 [pid 5634] close(3 [pid 344] <... rmdir resumed>) = 0 [pid 348] close(3 [pid 344] getdents64(3, [pid 348] <... close resumed>) = 0 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] rmdir("./264" [pid 344] close(3 [pid 5634] <... close resumed>) = 0 [pid 5634] symlink("/dev/binderfs", "./binderfs") = 0 [pid 348] <... rmdir resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] mkdir("./265", 0777executing program [pid 344] rmdir("./262" [pid 5634] write(1, "executing program\n", 18) = 18 [pid 5634] memfd_create("syzkaller", 0) = 3 [pid 348] <... mkdir resumed>) = 0 [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5634] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... rmdir resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] mkdir("./263", 0777 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5634] <... write resumed>) = 262144 [pid 348] close(3 [pid 344] <... mkdir resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... openat resumed>) = 3 [pid 5634] munmap(0x7f7c475b3000, 138412032) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5634] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5635 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5634] <... openat resumed>) = 4 [pid 344] close(3 [pid 5634] ioctl(4, LOOP_SET_FD, 3 [pid 344] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5635 attached [pid 5635] set_robust_list(0x555584fcf660, 24) = 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5636 [pid 5635] chdir("./265") = 0 [pid 5635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5635] setpgid(0, 0) = 0 executing program [pid 5635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5635] write(3, "1000", 4) = 4 [pid 5635] close(3) = 0 [pid 5635] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5635] write(1, "executing program\n", 18) = 18 [pid 5635] memfd_create("syzkaller", 0) = 3 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5634] <... ioctl resumed>) = 0 [pid 5634] close(3) = 0 [pid 5634] close(4 [pid 5635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5635] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5636 attached [pid 5636] set_robust_list(0x555584fcf660, 24) = 0 [pid 5636] chdir("./263") = 0 [pid 5636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5636] setpgid(0, 0) = 0 [pid 5636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5636] write(3, "1000", 4) = 4 [pid 5636] close(3) = 0 [pid 5636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5636] write(1, "executing program\n", 18executing program ) = 18 [pid 5636] memfd_create("syzkaller", 0) = 3 [pid 5636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5636] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5636] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5634] <... close resumed>) = 0 [pid 5636] <... openat resumed>) = 4 [pid 5635] <... openat resumed>) = 4 [pid 5634] mkdir("./bus", 0777 [pid 5636] ioctl(4, LOOP_SET_FD, 3 [pid 5635] ioctl(4, LOOP_SET_FD, 3 [pid 5634] <... mkdir resumed>) = 0 [pid 5634] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5635] <... ioctl resumed>) = 0 [pid 5635] close(3) = 0 [pid 5635] close(4 [pid 5636] <... ioctl resumed>) = 0 [pid 5636] close(3) = 0 [pid 5636] close(4 [pid 5630] <... close resumed>) = 0 [pid 5630] exit_group(0) = ? [pid 5630] +++ exited with 0 +++ [pid 5626] <... close resumed>) = 0 [pid 5626] exit_group(0) = ? [pid 5626] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5626, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5630, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 343] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./265/binderfs") = 0 [pid 343] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./264/binderfs") = 0 [pid 349] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5635] <... close resumed>) = 0 [pid 5635] mkdir("./bus", 0777) = 0 [pid 5635] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5634] <... mount resumed>) = 0 [pid 5634] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5634] chdir("./bus") = 0 [pid 5634] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5636] <... close resumed>) = 0 [pid 5636] mkdir("./bus", 0777) = 0 [ 249.164324][ T5634] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 249.183384][ T5634] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/261/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5636] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5635] <... mount resumed>) = 0 [pid 5635] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5635] chdir("./bus") = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5634] <... openat resumed>) = 4 [pid 5634] ioctl(4, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5634] <... ioctl resumed>) = 0 [pid 349] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5634] close(4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5634] <... close resumed>) = 0 [pid 349] newfstatat(AT_FDCWD, "./264/bus", [pid 343] newfstatat(AT_FDCWD, "./265/bus", [pid 5634] memfd_create("syzkaller", 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./265/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5634] <... memfd_create resumed>) = 4 [pid 349] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./265/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./265" [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... rmdir resumed>) = 0 [pid 5634] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] openat(AT_FDCWD, "./264/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] mkdir("./266", 0777 [pid 349] <... openat resumed>) = 4 [pid 343] <... mkdir resumed>) = 0 [pid 349] newfstatat(4, "", [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 343] <... openat resumed>) = 3 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] getdents64(4, [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 349] close(4 [pid 343] <... close resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] rmdir("./264/bus" [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5645 [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 5635] <... openat resumed>) = 4 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5635] ioctl(4, LOOP_CLR_FD [pid 349] close(3 [pid 5635] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 5635] close(4 [pid 349] rmdir("./264" [pid 5635] <... close resumed>) = 0 [pid 5635] memfd_create("syzkaller", 0) = 4 [pid 349] <... rmdir resumed>) = 0 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] mkdir("./265", 0777 [pid 5635] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5645 attached [pid 5645] set_robust_list(0x555584fcf660, 24) = 0 [pid 5645] chdir("./266") = 0 [pid 5645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5645] setpgid(0, 0) = 0 [pid 5645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5647 executing program [pid 5645] <... openat resumed>) = 3 [pid 5645] write(3, "1000", 4) = 4 [pid 5645] close(3) = 0 [pid 5645] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5645] write(1, "executing program\n", 18) = 18 [pid 5645] memfd_create("syzkaller", 0) = 3 [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5647 attached [pid 5647] set_robust_list(0x555584fcf660, 24) = 0 [pid 5647] chdir("./265") = 0 [pid 5647] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5647] setpgid(0, 0) = 0 [pid 5647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5647] write(3, "1000", 4) = 4 [pid 5647] close(3) = 0 [pid 5647] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5647] write(1, "executing program\n", 18) = 18 [pid 5647] memfd_create("syzkaller", 0 [pid 5645] <... write resumed>) = 262144 [pid 5647] <... memfd_create resumed>) = 3 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 249.328411][ T5635] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 249.342433][ T5635] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/265/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5647] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5645] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5645] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5645] ioctl(4, LOOP_SET_FD, 3 [pid 5647] <... write resumed>) = 262144 [pid 5647] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5645] <... ioctl resumed>) = 0 [pid 5647] ioctl(4, LOOP_SET_FD, 3 [pid 5645] close(3) = 0 [pid 5645] close(4 [pid 5647] <... ioctl resumed>) = 0 [pid 5647] close(3) = 0 [pid 5647] close(4 [pid 5645] <... close resumed>) = 0 [pid 5636] <... mount resumed>) = 0 [pid 5645] mkdir("./bus", 0777) = 0 [pid 5636] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5645] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5636] <... openat resumed>) = 3 [pid 5636] chdir("./bus") = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5635] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 249.450875][ T5636] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 249.475275][ T5636] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/263/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5634] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5647] <... close resumed>) = 0 [pid 5636] <... openat resumed>) = 4 [pid 5647] mkdir("./bus", 0777) = 0 [pid 5647] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5636] ioctl(4, LOOP_CLR_FD) = 0 [pid 5636] close(4) = 0 [pid 5636] memfd_create("syzkaller", 0) = 4 [pid 5636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5634] <... write resumed>) = 20699119 [pid 5635] <... write resumed>) = 20699119 [pid 5635] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5635] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5635] ioctl(5, LOOP_CLR_FD) = 0 [pid 5647] <... mount resumed>) = 0 [pid 5647] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5647] chdir("./bus") = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5647] ioctl(4, LOOP_CLR_FD) = 0 [pid 5647] close(4 [pid 5635] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5635] close(5) = 0 [pid 5635] close(4 [pid 5634] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5647] <... close resumed>) = 0 [pid 5647] memfd_create("syzkaller", 0) = 4 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5634] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5634] ioctl(5, LOOP_CLR_FD) = 0 [ 249.612563][ T5647] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 249.647730][ T5647] ext4 filesystem being mounted at /root/syzkaller.53SCZU/265/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5634] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5634] close(5) = 0 [pid 5634] close(4 [pid 5645] <... mount resumed>) = 0 [pid 5645] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5645] chdir("./bus") = 0 [pid 5645] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5645] ioctl(4, LOOP_CLR_FD) = 0 [pid 5645] close(4) = 0 [pid 5645] memfd_create("syzkaller", 0) = 4 [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 249.661225][ T5645] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 249.688181][ T5645] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/266/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5635] <... close resumed>) = 0 [pid 5635] exit_group(0) = ? [pid 5635] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5635, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5636] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./265/binderfs") = 0 [pid 348] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5634] <... close resumed>) = 0 [pid 5634] exit_group(0) = ? [pid 5634] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5634, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./261/binderfs") = 0 [pid 342] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./265/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./265/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./265/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./265") = 0 [pid 348] mkdir("./266", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5647] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5645] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5654 [pid 342] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./261/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./261/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./261/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./261/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./261") = 0 [pid 342] mkdir("./262", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5655 ./strace-static-x86_64: Process 5654 attached ./strace-static-x86_64: Process 5655 attached [pid 5654] set_robust_list(0x555584fcf660, 24 [pid 5655] set_robust_list(0x555584fcf660, 24 [pid 5654] <... set_robust_list resumed>) = 0 [pid 5655] <... set_robust_list resumed>) = 0 [pid 5654] chdir("./266" [pid 5655] chdir("./262" [pid 5654] <... chdir resumed>) = 0 [pid 5655] <... chdir resumed>) = 0 [pid 5654] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5655] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5654] <... prctl resumed>) = 0 [pid 5655] <... prctl resumed>) = 0 [pid 5654] setpgid(0, 0 [pid 5655] setpgid(0, 0 [pid 5654] <... setpgid resumed>) = 0 [pid 5655] <... setpgid resumed>) = 0 [pid 5654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5654] <... openat resumed>) = 3 [pid 5654] write(3, "1000", 4 [pid 5655] <... openat resumed>) = 3 [pid 5654] <... write resumed>) = 4 [pid 5654] close(3 [pid 5655] write(3, "1000", 4 [pid 5654] <... close resumed>) = 0 [pid 5655] <... write resumed>) = 4 [pid 5654] symlink("/dev/binderfs", "./binderfs" [pid 5655] close(3 [pid 5654] <... symlink resumed>) = 0 [pid 5655] <... close resumed>) = 0 [pid 5654] write(1, "executing program\n", 18 [pid 5655] symlink("/dev/binderfs", "./binderfs"executing program [pid 5654] <... write resumed>) = 18 [pid 5655] <... symlink resumed>) = 0 [pid 5654] memfd_create("syzkaller", 0 [pid 5655] write(1, "executing program\n", 18executing program [pid 5654] <... memfd_create resumed>) = 3 [pid 5655] <... write resumed>) = 18 [pid 5654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5655] memfd_create("syzkaller", 0 [pid 5654] <... mmap resumed>) = 0x7f7c475b3000 [pid 5654] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5655] <... memfd_create resumed>) = 3 [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5654] <... write resumed>) = 262144 [pid 5654] munmap(0x7f7c475b3000, 138412032 [pid 5655] munmap(0x7f7c475b3000, 138412032 [pid 5654] <... munmap resumed>) = 0 [pid 5655] <... munmap resumed>) = 0 [pid 5654] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5655] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5654] <... openat resumed>) = 4 [pid 5655] <... openat resumed>) = 4 [pid 5654] ioctl(4, LOOP_SET_FD, 3 [pid 5655] ioctl(4, LOOP_SET_FD, 3 [pid 5654] <... ioctl resumed>) = 0 [pid 5654] close(3) = 0 [pid 5654] close(4 [pid 5655] <... ioctl resumed>) = 0 [pid 5654] <... close resumed>) = 0 [pid 5655] close(3 [pid 5654] mkdir("./bus", 0777 [pid 5655] <... close resumed>) = 0 [pid 5654] <... mkdir resumed>) = 0 [pid 5655] close(4 [pid 5654] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5655] <... close resumed>) = 0 [pid 5655] mkdir("./bus", 0777) = 0 [pid 5655] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5636] <... write resumed>) = 20699119 [pid 5636] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5636] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5636] ioctl(5, LOOP_CLR_FD) = 0 [pid 5636] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5636] close(5) = 0 [pid 5636] close(4 [pid 5647] <... write resumed>) = 20699119 [pid 5647] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5647] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5654] <... mount resumed>) = 0 [pid 5647] ioctl(5, LOOP_CLR_FD [pid 5654] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5647] <... ioctl resumed>) = 0 [pid 5654] chdir("./bus") = 0 [pid 5654] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5655] <... mount resumed>) = 0 [pid 5654] <... openat resumed>) = 4 [pid 5655] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5654] ioctl(4, LOOP_CLR_FD) = 0 [pid 5655] <... openat resumed>) = 3 [pid 5647] ioctl(5, LOOP_SET_FD, 4 [pid 5654] close(4 [pid 5655] chdir("./bus" [pid 5654] <... close resumed>) = 0 [pid 5647] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5655] <... chdir resumed>) = 0 [pid 5654] memfd_create("syzkaller", 0 [pid 5647] close(5 [pid 5654] <... memfd_create resumed>) = 4 [pid 5647] <... close resumed>) = 0 [pid 5655] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5647] close(4 [pid 5655] <... openat resumed>) = 4 [ 249.982312][ T5654] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 250.011094][ T5655] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5655] ioctl(4, LOOP_CLR_FD [pid 5654] <... mmap resumed>) = 0x7f7c475b3000 [pid 5636] <... close resumed>) = 0 [pid 5636] exit_group(0) = ? [pid 5655] <... ioctl resumed>) = 0 [pid 5655] close(4) = 0 [pid 5655] memfd_create("syzkaller", 0) = 4 [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5636] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5636, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./263/binderfs") = 0 [pid 344] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5645] <... write resumed>) = 20699119 [pid 5645] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5645] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5647] <... close resumed>) = 0 [pid 5647] exit_group(0) = ? [pid 5647] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5647, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [ 250.027696][ T5654] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/266/bus supports timestamps until (%ptR?) (0x7fffffff) [ 250.039953][ T5655] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/262/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./265/binderfs") = 0 [pid 349] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5645] <... openat resumed>) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 5645] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5645] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./263/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./263/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./263/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./263" [pid 5645] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... rmdir resumed>) = 0 [pid 344] mkdir("./264", 0777 [pid 5645] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... mkdir resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5645] close(5) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 5645] close(4 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5662 [pid 349] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./265/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./265/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./265/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./265") = 0 [pid 349] mkdir("./266", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5663 ./strace-static-x86_64: Process 5662 attached [pid 5662] set_robust_list(0x555584fcf660, 24) = 0 [pid 5662] chdir("./264") = 0 [pid 5662] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5663 attached [pid 5663] set_robust_list(0x555584fcf660, 24) = 0 [pid 5663] chdir("./266") = 0 [pid 5663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5662] <... prctl resumed>) = 0 [pid 5663] setpgid(0, 0) = 0 [pid 5663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5663] write(3, "1000", 4) = 4 [pid 5663] close(3) = 0 [pid 5663] symlink("/dev/binderfs", "./binderfs"executing program [pid 5662] setpgid(0, 0 [pid 5663] <... symlink resumed>) = 0 [pid 5663] write(1, "executing program\n", 18) = 18 [pid 5663] memfd_create("syzkaller", 0) = 3 [pid 5663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5662] <... setpgid resumed>) = 0 [pid 5662] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5662] write(3, "1000", 4) = 4 [pid 5662] close(3) = 0 [pid 5663] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5662] symlink("/dev/binderfs", "./binderfs" [pid 5663] <... write resumed>) = 262144 [pid 5662] <... symlink resumed>) = 0 [pid 5663] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5662] write(1, "executing program\n", 18 [pid 5663] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5663] ioctl(4, LOOP_SET_FD, 3executing program [pid 5662] <... write resumed>) = 18 [pid 5662] memfd_create("syzkaller", 0) = 3 [pid 5662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5662] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5662] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5663] <... ioctl resumed>) = 0 [pid 5662] <... openat resumed>) = 4 [pid 5662] ioctl(4, LOOP_SET_FD, 3 [pid 5663] close(3) = 0 [pid 5663] close(4) = 0 [pid 5663] mkdir("./bus", 0777) = 0 [pid 5663] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5654] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5662] <... ioctl resumed>) = 0 [pid 5662] close(3) = 0 [pid 5662] close(4) = 0 [pid 5662] mkdir("./bus", 0777) = 0 [pid 5662] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5655] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5645] <... close resumed>) = 0 [pid 5645] exit_group(0) = ? [pid 5645] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5645, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./266/binderfs") = 0 [pid 343] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5654] <... write resumed>) = 20699119 [pid 5654] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5662] <... mount resumed>) = 0 [pid 5662] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5662] chdir("./bus") = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5654] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5663] <... mount resumed>) = 0 [pid 5663] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5663] chdir("./bus") = 0 [pid 5663] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5655] <... write resumed>) = 20699119 [pid 5655] munmap(0x7f7c475b3000, 138412032) = 0 [ 250.278006][ T5663] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 250.297877][ T5662] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 250.298754][ T5663] ext4 filesystem being mounted at /root/syzkaller.53SCZU/266/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5655] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5663] <... openat resumed>) = 4 [pid 5662] <... openat resumed>) = 4 [pid 5654] <... openat resumed>) = 5 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./266/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./266/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./266/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./266") = 0 [pid 343] mkdir("./267", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3 [pid 5663] ioctl(4, LOOP_CLR_FD [pid 5662] ioctl(4, LOOP_CLR_FD [pid 5655] <... openat resumed>) = 5 [pid 5654] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... close resumed>) = 0 [pid 5662] <... ioctl resumed>) = 0 [pid 5662] close(4) = 0 [pid 5662] memfd_create("syzkaller", 0) = 4 [pid 5662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5654] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5654] ioctl(5, LOOP_CLR_FD) = 0 [pid 5655] ioctl(5, LOOP_SET_FD, 4 [pid 5663] <... ioctl resumed>) = 0 [pid 5655] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5663] close(4 [pid 5655] ioctl(5, LOOP_CLR_FD [pid 5654] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5654] close(5 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5654] <... close resumed>) = 0 [pid 5654] close(4 [pid 5663] <... close resumed>) = 0 [pid 5655] <... ioctl resumed>) = 0 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5670 [pid 5663] memfd_create("syzkaller", 0) = 4 [pid 5663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5655] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5655] close(5) = 0 [pid 5655] close(4./strace-static-x86_64: Process 5670 attached [pid 5670] set_robust_list(0x555584fcf660, 24) = 0 [pid 5670] chdir("./267") = 0 [pid 5670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5670] setpgid(0, 0) = 0 [pid 5670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5670] write(3, "1000", 4) = 4 [pid 5670] close(3) = 0 [pid 5670] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5670] write(1, "executing program\n", 18) = 18 [pid 5670] memfd_create("syzkaller", 0) = 3 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 250.323263][ T5662] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/264/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5670] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5670] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5670] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5670] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5670] close(3) = 0 [pid 5670] close(4) = 0 [pid 5670] mkdir("./bus", 0777) = 0 [pid 5670] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5654] <... close resumed>) = 0 [pid 5654] exit_group(0) = ? [pid 5654] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5654, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./266/binderfs") = 0 [pid 348] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 348] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./266/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5655] <... close resumed>) = 0 [pid 348] openat(AT_FDCWD, "./266/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5655] exit_group(0 [pid 348] <... openat resumed>) = 4 [pid 5655] <... exit_group resumed>) = ? [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 5655] +++ exited with 0 +++ [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5655, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 348] rmdir("./266/bus" [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... rmdir resumed>) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./266") = 0 [pid 348] mkdir("./267", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] <... restart_syscall resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 342] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./262/binderfs") = 0 [pid 342] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5674 ./strace-static-x86_64: Process 5674 attached [pid 5674] set_robust_list(0x555584fcf660, 24) = 0 [pid 5674] chdir("./267") = 0 [pid 5674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5674] setpgid(0, 0) = 0 [pid 5674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5674] write(3, "1000", 4) = 4 [pid 5674] close(3) = 0 [pid 5674] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5674] write(1, "executing program\n", 18executing program ) = 18 [pid 5674] memfd_create("syzkaller", 0) = 3 [pid 5674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5674] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5674] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5674] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5670] <... mount resumed>) = 0 [pid 5670] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5670] chdir("./bus") = 0 [pid 5670] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5663] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 250.516686][ T5670] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5662] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5674] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 5674] ioctl(4, LOOP_SET_FD, 3 [pid 342] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./262/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./262/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./262/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./262/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./262") = 0 [pid 342] mkdir("./263", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5674] <... ioctl resumed>) = 0 [pid 5674] close(3) = 0 [pid 5674] close(4 [pid 5670] <... openat resumed>) = 4 [pid 5670] ioctl(4, LOOP_CLR_FD [pid 5663] <... write resumed>) = 20699119 [pid 5663] munmap(0x7f7c475b3000, 138412032) = 0 [ 250.557219][ T5670] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/267/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5663] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5674] <... close resumed>) = 0 [pid 5670] <... ioctl resumed>) = 0 [pid 5662] <... write resumed>) = 20699119 [pid 342] <... openat resumed>) = 3 [pid 5670] close(4) = 0 [pid 5670] memfd_create("syzkaller", 0) = 4 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5674] mkdir("./bus", 0777 [pid 342] ioctl(3, LOOP_CLR_FD [pid 5674] <... mkdir resumed>) = 0 [pid 5674] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5662] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5676 [pid 5663] <... openat resumed>) = 5 [pid 5663] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5663] ioctl(5, LOOP_CLR_FD) = 0 [pid 5663] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5663] close(5) = 0 [pid 5663] close(4 [pid 5662] <... openat resumed>) = 5 [pid 5662] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5662] ioctl(5, LOOP_CLR_FD) = 0 [pid 5662] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5662] close(5) = 0 [pid 5662] close(4./strace-static-x86_64: Process 5676 attached [pid 5676] set_robust_list(0x555584fcf660, 24) = 0 [pid 5676] chdir("./263") = 0 [pid 5676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5676] setpgid(0, 0) = 0 [pid 5676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5676] write(3, "1000", 4) = 4 [pid 5676] close(3) = 0 [pid 5676] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5676] write(1, "executing program\n", 18executing program ) = 18 [pid 5676] memfd_create("syzkaller", 0) = 3 [pid 5676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5676] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5676] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5676] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5676] close(3) = 0 [pid 5676] close(4 [pid 5670] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5674] <... mount resumed>) = 0 [pid 5674] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5674] chdir("./bus") = 0 [pid 5674] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5662] <... close resumed>) = 0 [pid 5662] exit_group(0) = ? [pid 5676] <... close resumed>) = 0 [pid 5676] mkdir("./bus", 0777) = 0 [pid 5676] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5662] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5662, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./264/binderfs" [pid 5674] <... openat resumed>) = 4 [pid 5674] ioctl(4, LOOP_CLR_FD [pid 344] <... unlink resumed>) = 0 [pid 5674] <... ioctl resumed>) = 0 [pid 5674] close(4 [pid 344] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5674] <... close resumed>) = 0 [pid 5674] memfd_create("syzkaller", 0) = 4 [pid 5674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5663] <... close resumed>) = 0 [pid 5663] exit_group(0) = ? [pid 5663] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5663, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./266/binderfs") = 0 [ 250.746108][ T5674] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 250.761069][ T5674] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/267/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./264/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./264/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./264/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./264") = 0 [pid 344] mkdir("./265", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5676] <... mount resumed>) = 0 [pid 5676] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5676] chdir("./bus") = 0 [pid 5676] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 5676] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 5676] ioctl(4, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 5676] <... ioctl resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5676] close(4 [pid 344] close(3 [pid 5676] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 5676] memfd_create("syzkaller", 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5676] <... memfd_create resumed>) = 4 [pid 5676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5682 [pid 5676] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./266/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./266/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./266/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./266") = 0 [pid 349] mkdir("./267", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5683 ./strace-static-x86_64: Process 5682 attached [pid 5682] set_robust_list(0x555584fcf660, 24) = 0 [pid 5682] chdir("./265") = 0 [pid 5682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5682] setpgid(0, 0) = 0 [pid 5682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5682] write(3, "1000", 4) = 4 [pid 5682] close(3) = 0 [pid 5682] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5682] write(1, "executing program\n", 18) = 18 [pid 5682] memfd_create("syzkaller", 0) = 3 [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 250.822741][ T5676] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 250.856891][ T5676] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/263/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5682] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5683 attached [pid 5683] set_robust_list(0x555584fcf660, 24) = 0 [pid 5683] chdir("./267" [pid 5682] <... write resumed>) = 262144 [pid 5682] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5682] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5682] ioctl(4, LOOP_SET_FD, 3 [pid 5683] <... chdir resumed>) = 0 [pid 5674] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5682] <... ioctl resumed>) = 0 [pid 5670] <... write resumed>) = 20699119 [pid 5683] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5683] setpgid(0, 0) = 0 [pid 5683] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5670] munmap(0x7f7c475b3000, 138412032 [pid 5682] close(3) = 0 [pid 5683] <... openat resumed>) = 3 [pid 5683] write(3, "1000", 4) = 4 [pid 5682] close(4) = 0 [pid 5682] mkdir("./bus", 0777 [pid 5683] close(3) = 0 [pid 5682] <... mkdir resumed>) = 0 [pid 5682] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5683] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5670] <... munmap resumed>) = 0 executing program [pid 5683] write(1, "executing program\n", 18) = 18 [pid 5683] memfd_create("syzkaller", 0) = 3 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5670] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5670] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5670] ioctl(5, LOOP_CLR_FD) = 0 [pid 5683] <... write resumed>) = 262144 [pid 5670] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5670] close(5) = 0 [pid 5670] close(4 [pid 5683] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5683] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5683] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5683] close(3) = 0 [pid 5683] close(4) = 0 [pid 5683] mkdir("./bus", 0777) = 0 [pid 5683] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5682] <... mount resumed>) = 0 [pid 5682] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5682] chdir("./bus") = 0 [pid 5682] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5682] ioctl(4, LOOP_CLR_FD) = 0 [pid 5682] close(4) = 0 [pid 5682] memfd_create("syzkaller", 0) = 4 [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5674] <... write resumed>) = 20699119 [pid 5674] munmap(0x7f7c475b3000, 138412032) = 0 [ 250.978302][ T5682] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 251.000964][ T5682] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/265/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5670] <... close resumed>) = 0 [pid 5674] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5674] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5674] ioctl(5, LOOP_CLR_FD) = 0 [pid 5670] exit_group(0) = ? [pid 5674] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5674] close(5) = 0 [pid 5674] close(4 [pid 5670] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5670, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5683] <... mount resumed>) = 0 [pid 5683] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5683] chdir("./bus") = 0 [pid 5683] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./267/binderfs") = 0 [pid 343] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [ 251.041743][ T5683] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5683] ioctl(4, LOOP_CLR_FD [pid 5676] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5683] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5683] close(4) = 0 [pid 5683] memfd_create("syzkaller", 0) = 4 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./267/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./267/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./267/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./267") = 0 [pid 343] mkdir("./268", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5690 ./strace-static-x86_64: Process 5690 attached [pid 5690] set_robust_list(0x555584fcf660, 24) = 0 [pid 5690] chdir("./268") = 0 [pid 5690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5690] setpgid(0, 0) = 0 [pid 5690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5690] write(3, "1000", 4) = 4 [pid 5690] close(3) = 0 [pid 5690] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5690] write(1, "executing program\n", 18executing program ) = 18 [pid 5690] memfd_create("syzkaller", 0) = 3 [pid 5690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5690] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [ 251.084030][ T5683] ext4 filesystem being mounted at /root/syzkaller.53SCZU/267/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5690] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5690] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5690] ioctl(4, LOOP_SET_FD, 3 [pid 5674] <... close resumed>) = 0 [pid 5674] exit_group(0) = ? [pid 5690] <... ioctl resumed>) = 0 [pid 5690] close(3 [pid 5674] +++ exited with 0 +++ [pid 5690] <... close resumed>) = 0 [pid 5690] close(4) = 0 [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5674, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 5690] mkdir("./bus", 0777 [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5690] <... mkdir resumed>) = 0 [pid 5690] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./267/binderfs") = 0 [pid 348] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5682] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./267/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./267/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./267/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./267") = 0 [pid 348] mkdir("./268", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5694 attached [pid 5694] set_robust_list(0x555584fcf660, 24) = 0 [pid 5694] chdir("./268") = 0 [pid 5694] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5694] setpgid(0, 0) = 0 [pid 5694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5694] write(3, "1000", 4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5694 [pid 5694] <... write resumed>) = 4 [pid 5694] close(3) = 0 [pid 5694] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5694] write(1, "executing program\n", 18executing program ) = 18 [pid 5694] memfd_create("syzkaller", 0) = 3 [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5694] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5694] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5694] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5694] ioctl(4, LOOP_SET_FD, 3 [pid 5690] <... mount resumed>) = 0 [pid 5690] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5690] chdir("./bus") = 0 [pid 5694] <... ioctl resumed>) = 0 [pid 5690] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5694] close(3 [pid 5690] ioctl(4, LOOP_CLR_FD [pid 5694] <... close resumed>) = 0 [pid 5690] <... ioctl resumed>) = 0 [pid 5694] close(4 [pid 5690] close(4 [pid 5694] <... close resumed>) = 0 [pid 5690] <... close resumed>) = 0 [ 251.230909][ T5690] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5694] mkdir("./bus", 0777) = 0 [pid 5690] memfd_create("syzkaller", 0) = 4 [pid 5694] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5676] <... write resumed>) = 20699119 [pid 5676] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5683] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5676] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5676] ioctl(5, LOOP_CLR_FD) = 0 [pid 5676] ioctl(5, LOOP_SET_FD, 4 [pid 5682] <... write resumed>) = 20699119 [pid 5676] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [ 251.272762][ T5690] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/268/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5676] close(5 [pid 5694] <... mount resumed>) = 0 [pid 5682] munmap(0x7f7c475b3000, 138412032 [pid 5676] <... close resumed>) = 0 [pid 5694] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5682] <... munmap resumed>) = 0 [pid 5676] close(4 [pid 5694] <... openat resumed>) = 3 [pid 5694] chdir("./bus" [pid 5682] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5694] <... chdir resumed>) = 0 [pid 5682] <... openat resumed>) = 5 [pid 5694] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5682] ioctl(5, LOOP_SET_FD, 4 [pid 5694] <... openat resumed>) = 4 [pid 5682] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5694] ioctl(4, LOOP_CLR_FD [pid 5682] ioctl(5, LOOP_CLR_FD [pid 5694] <... ioctl resumed>) = 0 [pid 5682] <... ioctl resumed>) = 0 [pid 5694] close(4) = 0 [pid 5694] memfd_create("syzkaller", 0 [pid 5682] ioctl(5, LOOP_SET_FD, 4 [pid 5694] <... memfd_create resumed>) = 4 [pid 5682] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5682] close(5 [pid 5694] <... mmap resumed>) = 0x7f7c475b3000 [pid 5682] <... close resumed>) = 0 [ 251.338110][ T5694] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 251.364862][ T5694] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/268/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5682] close(4 [pid 5690] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5683] <... write resumed>) = 20699119 [pid 5683] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5683] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5683] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5683] ioctl(5, LOOP_CLR_FD) = 0 [pid 5683] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5676] <... close resumed>) = 0 [pid 5683] close(5) = 0 [pid 5676] exit_group(0) = ? [pid 5683] close(4 [pid 5676] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5676, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./263/binderfs") = 0 [pid 342] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5682] <... close resumed>) = 0 [pid 5682] exit_group(0) = ? [pid 5682] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5682, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./265/binderfs") = 0 [pid 344] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./263/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./263/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./263/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./263/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./263") = 0 [pid 342] mkdir("./264", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 344] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] ioctl(3, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] newfstatat(AT_FDCWD, "./265/bus", [pid 342] close(3 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... close resumed>) = 0 [pid 344] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./265/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5698 [pid 344] <... openat resumed>) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./265/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./265") = 0 [pid 344] mkdir("./266", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 5694] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5683] <... close resumed>) = 0 [pid 5683] exit_group(0) = ? [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5699 [pid 5683] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5683, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5699 attached [pid 5699] set_robust_list(0x555584fcf660, 24) = 0 [pid 5699] chdir("./266") = 0 [pid 5699] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5699] setpgid(0, 0) = 0 [pid 5699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5690] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 5698 attached [pid 5699] <... openat resumed>) = 3 [pid 5698] set_robust_list(0x555584fcf660, 24 [pid 5690] munmap(0x7f7c475b3000, 138412032 [pid 5698] <... set_robust_list resumed>) = 0 [pid 5699] write(3, "1000", 4 [pid 5698] chdir("./264" [pid 5699] <... write resumed>) = 4 [pid 5699] close(3 [pid 5698] <... chdir resumed>) = 0 [pid 5699] <... close resumed>) = 0 [pid 5698] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5699] symlink("/dev/binderfs", "./binderfs" [pid 349] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5698] <... prctl resumed>) = 0 [pid 349] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./267/binderfs" [pid 5699] <... symlink resumed>) = 0 [pid 5698] setpgid(0, 0 [pid 349] <... unlink resumed>) = 0 [pid 349] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5699] write(1, "executing program\n", 18 [pid 5698] <... setpgid resumed>) = 0 [pid 5690] <... munmap resumed>) = 0 [pid 5690] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5690] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5690] ioctl(5, LOOP_CLR_FD) = 0 [pid 5698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5699] <... write resumed>) = 18 [pid 5698] <... openat resumed>) = 3 [pid 5699] memfd_create("syzkaller", 0 [pid 5698] write(3, "1000", 4) = 4 [pid 5699] <... memfd_create resumed>) = 3 [pid 5698] close(3) = 0 [pid 5699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5698] symlink("/dev/binderfs", "./binderfs" [pid 5699] <... mmap resumed>) = 0x7f7c475b3000 [pid 5698] <... symlink resumed>) = 0 [pid 5699] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5698] write(1, "executing program\n", 18executing program ) = 18 [pid 5699] <... write resumed>) = 262144 [pid 5698] memfd_create("syzkaller", 0) = 3 [pid 5699] munmap(0x7f7c475b3000, 138412032 [pid 5690] ioctl(5, LOOP_SET_FD, 4 [pid 5698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5699] <... munmap resumed>) = 0 [pid 5698] <... mmap resumed>) = 0x7f7c475b3000 [pid 5698] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5699] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5690] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5698] <... write resumed>) = 262144 [pid 5698] munmap(0x7f7c475b3000, 138412032 [pid 5690] close(5 [pid 5698] <... munmap resumed>) = 0 [pid 5698] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 5694] <... write resumed>) = 20699119 [pid 5694] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5694] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5694] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5694] ioctl(5, LOOP_CLR_FD) = 0 [pid 5699] <... openat resumed>) = 4 [pid 5699] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5699] close(3) = 0 [pid 5699] close(4 [pid 349] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5694] ioctl(5, LOOP_SET_FD, 4 [pid 349] newfstatat(AT_FDCWD, "./267/bus", [pid 5694] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5694] close(5 [pid 349] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./267/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./267/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./267") = 0 [pid 349] mkdir("./268", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5699] <... close resumed>) = 0 [pid 5698] <... openat resumed>) = 4 [pid 5690] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5701 [pid 5690] close(4 [pid 5699] mkdir("./bus", 0777 [pid 5694] <... close resumed>) = 0 [pid 5698] ioctl(4, LOOP_SET_FD, 3 [pid 5699] <... mkdir resumed>) = 0 [pid 5694] close(4executing program [pid 5699] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"./strace-static-x86_64: Process 5701 attached [pid 5701] set_robust_list(0x555584fcf660, 24) = 0 [pid 5701] chdir("./268") = 0 [pid 5701] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5701] setpgid(0, 0) = 0 [pid 5701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5701] write(3, "1000", 4) = 4 [pid 5701] close(3) = 0 [pid 5701] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5701] write(1, "executing program\n", 18) = 18 [pid 5701] memfd_create("syzkaller", 0) = 3 [pid 5701] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5701] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5701] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5701] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5694] <... close resumed>) = 0 [pid 5701] <... openat resumed>) = 4 [pid 5698] <... ioctl resumed>) = 0 [pid 5701] ioctl(4, LOOP_SET_FD, 3 [pid 5698] close(3) = 0 [pid 5701] <... ioctl resumed>) = 0 [pid 5698] close(4 [pid 5694] exit_group(0 [pid 5701] close(3) = 0 [pid 5701] close(4 [pid 5690] <... close resumed>) = 0 [pid 5690] exit_group(0) = ? [pid 5690] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5690, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5694] <... exit_group resumed>) = ? [pid 5694] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5694, si_uid=0, si_status=0, si_utime=5, si_stime=10} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./268/binderfs") = 0 [pid 343] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... restart_syscall resumed>) = 0 [pid 5698] <... close resumed>) = 0 [pid 5698] mkdir("./bus", 0777) = 0 [pid 5698] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./268/binderfs") = 0 [pid 348] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5699] <... mount resumed>) = 0 [pid 5699] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5699] chdir("./bus") = 0 [pid 5699] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5701] <... close resumed>) = 0 [pid 5701] mkdir("./bus", 0777) = 0 [ 251.798399][ T5699] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 251.812757][ T5699] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/266/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5701] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5698] <... mount resumed>) = 0 [pid 5698] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5698] chdir("./bus") = 0 [pid 5698] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5699] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 348] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./268/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./268/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 5699] ioctl(4, LOOP_CLR_FD [pid 5698] <... openat resumed>) = 4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] newfstatat(AT_FDCWD, "./268/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./268/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] getdents64(4, [pid 343] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./268/bus") = 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] getdents64(3, [pid 5699] <... ioctl resumed>) = 0 [pid 5698] ioctl(4, LOOP_CLR_FD [pid 348] close(4 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5699] close(4 [pid 5698] <... ioctl resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 343] close(3 [pid 5699] <... close resumed>) = 0 [pid 5698] close(4 [pid 348] rmdir("./268/bus" [pid 343] <... close resumed>) = 0 [pid 5699] memfd_create("syzkaller", 0 [pid 5698] <... close resumed>) = 0 [pid 343] rmdir("./268" [pid 5699] <... memfd_create resumed>) = 4 [pid 5698] memfd_create("syzkaller", 0 [pid 348] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 5699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5698] <... memfd_create resumed>) = 4 [pid 348] getdents64(3, [pid 343] mkdir("./269", 0777 [pid 5699] <... mmap resumed>) = 0x7f7c475b3000 [pid 5698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5710 [pid 5698] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] close(3 [pid 5701] <... mount resumed>) = 0 [pid 5701] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5701] chdir("./bus") = 0 [pid 5701] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5701] ioctl(4, LOOP_CLR_FD) = 0 [pid 5701] close(4) = 0 [pid 5701] memfd_create("syzkaller", 0) = 4 [pid 5701] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 251.978388][ T5698] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 251.992388][ T5698] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/264/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./268") = 0 [pid 348] mkdir("./269", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5711 ./strace-static-x86_64: Process 5710 attached [pid 5710] set_robust_list(0x555584fcf660, 24) = 0 [pid 5710] chdir("./269") = 0 ./strace-static-x86_64: Process 5711 attached [pid 5711] set_robust_list(0x555584fcf660, 24) = 0 [pid 5711] chdir("./269") = 0 [pid 5711] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5711] setpgid(0, 0) = 0 [pid 5710] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5710] setpgid(0, 0) = 0 [pid 5710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5710] write(3, "1000", 4) = 4 [pid 5710] close(3) = 0 [pid 5710] symlink("/dev/binderfs", "./binderfs" [pid 5711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 5710] <... symlink resumed>) = 0 [pid 5710] write(1, "executing program\n", 18) = 18 [pid 5710] memfd_create("syzkaller", 0) = 3 [pid 5710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5711] <... openat resumed>) = 3 [pid 5711] write(3, "1000", 4) = 4 [pid 5711] close(3) = 0 [pid 5710] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5711] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5710] <... write resumed>) = 262144 [pid 5711] write(1, "executing program\n", 18executing program ) = 18 [pid 5711] memfd_create("syzkaller", 0) = 3 [pid 5710] munmap(0x7f7c475b3000, 138412032 [pid 5711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5710] <... munmap resumed>) = 0 [pid 5711] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5710] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5711] <... write resumed>) = 262144 [pid 5711] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5711] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5711] ioctl(4, LOOP_SET_FD, 3 [pid 5710] ioctl(4, LOOP_SET_FD, 3 [pid 5711] <... ioctl resumed>) = 0 [pid 5711] close(3) = 0 [pid 5711] close(4) = 0 [pid 5711] mkdir("./bus", 0777) = 0 [pid 5711] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5710] <... ioctl resumed>) = 0 [pid 5710] close(3) = 0 [pid 5710] close(4) = 0 [pid 5710] mkdir("./bus", 0777) = 0 [ 252.034980][ T5701] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 252.053888][ T5701] ext4 filesystem being mounted at /root/syzkaller.53SCZU/268/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5710] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5711] <... mount resumed>) = 0 [pid 5711] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5711] chdir("./bus") = 0 [pid 5711] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5711] ioctl(4, LOOP_CLR_FD) = 0 [pid 5711] close(4) = 0 [pid 5701] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5711] memfd_create("syzkaller", 0) = 4 [pid 5711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 252.140720][ T5711] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 252.165093][ T5711] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/269/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5710] <... mount resumed>) = 0 [pid 5710] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5710] chdir("./bus") = 0 [pid 5710] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5710] ioctl(4, LOOP_CLR_FD) = 0 [pid 5710] close(4) = 0 [pid 5710] memfd_create("syzkaller", 0) = 4 [pid 5710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5699] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 252.197833][ T5710] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 252.216675][ T5710] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/269/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5698] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5701] <... write resumed>) = 20699119 [pid 5701] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5701] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5701] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5701] ioctl(5, LOOP_CLR_FD) = 0 [pid 5701] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5701] close(5) = 0 [pid 5701] close(4 [pid 5711] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5699] <... write resumed>) = 20699119 [pid 5698] <... write resumed>) = 20699119 [pid 5699] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5699] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5699] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5699] ioctl(5, LOOP_CLR_FD) = 0 [pid 5698] munmap(0x7f7c475b3000, 138412032 [pid 5699] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5699] close(5) = 0 [pid 5698] <... munmap resumed>) = 0 [pid 5699] close(4 [pid 5698] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5698] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5698] ioctl(5, LOOP_CLR_FD) = 0 [pid 5698] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5698] close(5) = 0 [pid 5698] close(4 [pid 5701] <... close resumed>) = 0 [pid 5701] exit_group(0) = ? [pid 5701] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5701, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./268/binderfs") = 0 [pid 349] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5710] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5699] <... close resumed>) = 0 [pid 5699] exit_group(0) = ? [pid 5699] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5699, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./266/binderfs") = 0 [pid 344] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./268/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./268/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./268/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./268") = 0 [pid 349] mkdir("./269", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5698] <... close resumed>) = 0 [pid 5698] exit_group(0) = ? [pid 5698] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5698, si_uid=0, si_status=0, si_utime=9, si_stime=16} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./264/binderfs") = 0 [pid 342] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./266/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./266/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./266/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./266") = 0 [pid 344] mkdir("./267", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5711] <... write resumed>) = 20699119 [pid 5711] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5711] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5710] <... write resumed>) = 20699119 [pid 5710] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5710] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... umount2 resumed>) = 0 [pid 349] close(3 [pid 342] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./264/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./264/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./264/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... close resumed>) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./264/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./264") = 0 [pid 342] mkdir("./265", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5718 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... openat resumed>) = 3 [pid 5711] <... openat resumed>) = 5 [pid 344] ioctl(3, LOOP_CLR_FD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5719 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5711] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5711] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5719 attached [pid 5719] set_robust_list(0x555584fcf660, 24) = 0 [pid 5719] chdir("./269" [pid 5711] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5711] close(5) = 0 [pid 5711] close(4 [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5720 [pid 5719] <... chdir resumed>) = 0 [pid 5719] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5719] setpgid(0, 0) = 0 [pid 5719] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5719] write(3, "1000", 4) = 4 [pid 5719] close(3) = 0 ./strace-static-x86_64: Process 5718 attached [pid 5710] <... openat resumed>) = 5 [pid 5718] set_robust_list(0x555584fcf660, 24 [pid 5710] ioctl(5, LOOP_SET_FD, 4 [pid 5718] <... set_robust_list resumed>) = 0 [pid 5710] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5719] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5719] write(1, "executing program\n", 18executing program [pid 5710] ioctl(5, LOOP_CLR_FD [pid 5718] chdir("./265" [pid 5710] <... ioctl resumed>) = 0 [pid 5718] <... chdir resumed>) = 0 [pid 5718] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5720 attached ) = 0 [pid 5720] set_robust_list(0x555584fcf660, 24 [pid 5718] setpgid(0, 0) = 0 [pid 5720] <... set_robust_list resumed>) = 0 [pid 5718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5720] chdir("./267" [pid 5718] <... openat resumed>) = 3 [pid 5718] write(3, "1000", 4 [pid 5720] <... chdir resumed>) = 0 [pid 5718] <... write resumed>) = 4 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5718] close(3 [pid 5720] <... prctl resumed>) = 0 [pid 5718] <... close resumed>) = 0 [pid 5710] ioctl(5, LOOP_SET_FD, 4 [pid 5718] symlink("/dev/binderfs", "./binderfs" [pid 5720] setpgid(0, 0 [pid 5710] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5720] <... setpgid resumed>) = 0 [pid 5718] <... symlink resumed>) = 0 [pid 5710] close(5 [pid 5718] write(1, "executing program\n", 18 [pid 5710] <... close resumed>) = 0 [pid 5719] <... write resumed>) = 18 [pid 5719] memfd_create("syzkaller", 0) = 3 [pid 5719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5719] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5719] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5719] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program ) = 4 [pid 5718] <... write resumed>) = 18 [pid 5710] close(4 [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5718] memfd_create("syzkaller", 0 [pid 5719] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5719] close(3) = 0 [pid 5719] close(4 [pid 5718] <... memfd_create resumed>) = 3 [pid 5718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5718] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5720] <... openat resumed>) = 3 [pid 5718] munmap(0x7f7c475b3000, 138412032 [pid 5720] write(3, "1000", 4 [pid 5718] <... munmap resumed>) = 0 [pid 5720] <... write resumed>) = 4 [pid 5718] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5720] close(3executing program ) = 0 [pid 5720] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5720] write(1, "executing program\n", 18) = 18 [pid 5720] memfd_create("syzkaller", 0) = 3 [pid 5720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5720] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5720] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5720] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5719] <... close resumed>) = 0 [pid 5718] <... openat resumed>) = 4 [pid 5719] mkdir("./bus", 0777) = 0 [pid 5718] ioctl(4, LOOP_SET_FD, 3 [pid 5719] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5711] <... close resumed>) = 0 [pid 5711] exit_group(0) = ? [pid 5710] <... close resumed>) = 0 [pid 5710] exit_group(0) = ? [pid 5711] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5711, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5720] <... openat resumed>) = 4 [pid 5720] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5720] close(3) = 0 [pid 5720] close(4 [pid 5710] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5710, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 348] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 343] <... openat resumed>) = 3 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 343] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./269/binderfs", [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] newfstatat(AT_FDCWD, "./269/binderfs", [pid 348] unlink("./269/binderfs" [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./269/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 348] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... unlink resumed>) = 0 [pid 343] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5720] <... close resumed>) = 0 [pid 5720] mkdir("./bus", 0777 [pid 5718] <... ioctl resumed>) = 0 [pid 5718] close(3) = 0 [pid 5720] <... mkdir resumed>) = 0 [pid 5718] close(4 [pid 5720] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5718] <... close resumed>) = 0 [pid 5718] mkdir("./bus", 0777) = 0 [pid 5718] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"executing program [pid 348] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./269/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./269/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./269/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./269") = 0 [pid 343] mkdir("./270", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5728 ./strace-static-x86_64: Process 5728 attached [pid 5728] set_robust_list(0x555584fcf660, 24) = 0 [pid 5728] chdir("./270") = 0 [pid 5728] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5728] setpgid(0, 0) = 0 [pid 5728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5728] write(3, "1000", 4) = 4 [pid 5728] close(3) = 0 [pid 5728] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5728] write(1, "executing program\n", 18) = 18 [pid 5728] memfd_create("syzkaller", 0) = 3 [pid 5728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5728] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5728] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5728] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5728] ioctl(4, LOOP_SET_FD, 3 [pid 348] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5728] <... ioctl resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./269/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5728] close(3) = 0 [pid 5728] close(4) = 0 [pid 5728] mkdir("./bus", 0777) = 0 [pid 5728] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] openat(AT_FDCWD, "./269/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./269/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 5719] <... mount resumed>) = 0 [pid 5719] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5719] chdir("./bus") = 0 [pid 5719] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5719] ioctl(4, LOOP_CLR_FD) = 0 [pid 5719] close(4 [pid 348] rmdir("./269") = 0 [pid 5719] <... close resumed>) = 0 [pid 5719] memfd_create("syzkaller", 0) = 4 [pid 348] mkdir("./270", 0777 [pid 5719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 252.873064][ T5719] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 252.890930][ T5720] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 348] close(3 [pid 5720] <... mount resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 5720] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5718] <... mount resumed>) = 0 [pid 5720] <... openat resumed>) = 3 [pid 5720] chdir("./bus" [pid 5718] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5720] <... chdir resumed>) = 0 [pid 5718] <... openat resumed>) = 3 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5734 [pid 5720] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5718] chdir("./bus" [pid 5720] <... openat resumed>) = 4 [pid 5718] <... chdir resumed>) = 0 [pid 5720] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 5734 attached [pid 5734] set_robust_list(0x555584fcf660, 24) = 0 [pid 5734] chdir("./270" [pid 5718] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5720] <... ioctl resumed>) = 0 [pid 5734] <... chdir resumed>) = 0 [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5734] setpgid(0, 0) = 0 [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5734] write(3, "1000", 4) = 4 [pid 5734] close(3) = 0 [pid 5734] symlink("/dev/binderfs", "./binderfs" [pid 5718] <... openat resumed>) = 4 [pid 5720] close(4 [pid 5734] <... symlink resumed>) = 0 [pid 5734] write(1, "executing program\n", 18executing program ) = 18 [pid 5734] memfd_create("syzkaller", 0) = 3 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5718] ioctl(4, LOOP_CLR_FD [pid 5720] <... close resumed>) = 0 [pid 5718] <... ioctl resumed>) = 0 [pid 5720] memfd_create("syzkaller", 0 [pid 5718] close(4 [pid 5720] <... memfd_create resumed>) = 4 [pid 5718] <... close resumed>) = 0 [pid 5718] memfd_create("syzkaller", 0 [pid 5720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5718] <... memfd_create resumed>) = 4 [pid 5718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5734] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5734] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 252.910810][ T5719] ext4 filesystem being mounted at /root/syzkaller.53SCZU/269/bus supports timestamps until (%ptR?) (0x7fffffff) [ 252.913125][ T5718] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 252.940333][ T5720] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/267/bus supports timestamps until (%ptR?) (0x7fffffff) [ 252.953427][ T5718] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/265/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5734] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5734] close(3) = 0 [pid 5734] close(4) = 0 [pid 5734] mkdir("./bus", 0777) = 0 [pid 5734] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5728] <... mount resumed>) = 0 [pid 5728] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5728] chdir("./bus") = 0 [pid 5728] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5728] ioctl(4, LOOP_CLR_FD) = 0 [pid 5728] close(4) = 0 [pid 5728] memfd_create("syzkaller", 0) = 4 [pid 5728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 252.967038][ T5728] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 253.000501][ T5728] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/270/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5734] <... mount resumed>) = 0 [pid 5734] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5734] chdir("./bus") = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5734] ioctl(4, LOOP_CLR_FD) = 0 [pid 5734] close(4) = 0 [pid 5734] memfd_create("syzkaller", 0) = 4 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 253.052141][ T5734] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 253.077196][ T5734] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/270/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5719] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5718] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5720] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5728] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5719] <... write resumed>) = 20699119 [pid 5719] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5719] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5719] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5719] ioctl(5, LOOP_CLR_FD) = 0 [pid 5719] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5719] close(5) = 0 [pid 5719] close(4 [pid 5720] <... write resumed>) = 20699119 [pid 5720] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5720] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5720] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5720] ioctl(5, LOOP_CLR_FD) = 0 [pid 5718] <... write resumed>) = 20699119 [pid 5718] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5734] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5718] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5718] ioctl(5, LOOP_CLR_FD) = 0 [pid 5720] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5720] close(5) = 0 [pid 5720] close(4 [pid 5718] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5718] close(5) = 0 [pid 5718] close(4 [pid 5728] <... write resumed>) = 20699119 [pid 5728] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5728] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5728] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5728] ioctl(5, LOOP_CLR_FD) = 0 [pid 5728] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5728] close(5) = 0 [pid 5728] close(4 [pid 5719] <... close resumed>) = 0 [pid 5719] exit_group(0) = ? [pid 5719] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5719, si_uid=0, si_status=0, si_utime=4, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./269/binderfs") = 0 [pid 349] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5720] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./269/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./269/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./269/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./269") = 0 [pid 349] mkdir("./270", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5738 [pid 5720] exit_group(0) = ? ./strace-static-x86_64: Process 5738 attached [pid 5738] set_robust_list(0x555584fcf660, 24) = 0 [pid 5738] chdir("./270") = 0 [pid 5738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5738] setpgid(0, 0) = 0 [pid 5738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5720] +++ exited with 0 +++ [pid 5738] <... openat resumed>) = 3 [pid 5738] write(3, "1000", 4) = 4 [pid 5738] close(3) = 0 [pid 5738] symlink("/dev/binderfs", "./binderfs" [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5720, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- executing program [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5738] <... symlink resumed>) = 0 [pid 5738] write(1, "executing program\n", 18) = 18 [pid 5738] memfd_create("syzkaller", 0) = 3 [pid 5738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5738] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5738] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5738] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5738] ioctl(4, LOOP_SET_FD, 3 [pid 5718] <... close resumed>) = 0 [pid 5718] exit_group(0) = ? [pid 344] <... restart_syscall resumed>) = 0 [pid 5738] <... ioctl resumed>) = 0 [pid 5738] close(3) = 0 [pid 5738] close(4) = 0 [pid 5738] mkdir("./bus", 0777 [pid 344] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5738] <... mkdir resumed>) = 0 [pid 344] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5738] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./267/binderfs") = 0 [pid 344] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5718] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5718, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5728] <... close resumed>) = 0 [pid 5728] exit_group(0 [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./265/binderfs") = 0 [pid 342] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5728] <... exit_group resumed>) = ? [pid 5728] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5728, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5734] <... write resumed>) = 20699119 [pid 5734] munmap(0x7f7c475b3000, 138412032 [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./270/binderfs") = 0 [pid 343] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5734] <... munmap resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5738] <... mount resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5738] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 344] newfstatat(AT_FDCWD, "./267/bus", [pid 5738] <... openat resumed>) = 3 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5738] chdir("./bus" [pid 344] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5738] <... chdir resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5738] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] openat(AT_FDCWD, "./267/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./267/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./267") = 0 [pid 344] mkdir("./268", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5734] <... openat resumed>) = 5 [pid 5734] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5734] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5738] <... openat resumed>) = 4 [pid 5734] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5734] close(5 [pid 5738] ioctl(4, LOOP_CLR_FD [pid 5734] <... close resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 342] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5734] close(4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./265/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./265/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./265/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./265/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./265") = 0 [pid 342] mkdir("./266", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5734] <... close resumed>) = 0 [pid 5734] exit_group(0) = ? [pid 5734] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./270/binderfs") = 0 [pid 348] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5738] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 5738] close(4 [pid 348] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] close(3 [pid 343] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] ioctl(3, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] newfstatat(AT_FDCWD, "./270/bus", [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] close(3 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5742 [pid 348] openat(AT_FDCWD, "./270/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5742 attached [pid 348] getdents64(4, [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5742] set_robust_list(0x555584fcf660, 24 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] newfstatat(AT_FDCWD, "./270/bus", [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5742] <... set_robust_list resumed>) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./270/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./270") = 0 [pid 348] mkdir("./271", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5742] chdir("./268") = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5742] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] openat(AT_FDCWD, "./270/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5742] <... prctl resumed>) = 0 [pid 343] <... openat resumed>) = 4 [pid 343] newfstatat(4, "", [pid 5742] setpgid(0, 0) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 5742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, [pid 5742] <... openat resumed>) = 3 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5742] write(3, "1000", 4 [pid 343] close(4 [pid 5742] <... write resumed>) = 4 [pid 343] <... close resumed>) = 0 [pid 5742] close(3 [pid 343] rmdir("./270/bus" [pid 5742] <... close resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 5742] symlink("/dev/binderfs", "./binderfs" [pid 343] getdents64(3, [pid 5742] <... symlink resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 executing program [pid 5742] write(1, "executing program\n", 18 [pid 343] close(3 [pid 5742] <... write resumed>) = 18 [pid 343] <... close resumed>) = 0 [pid 5742] memfd_create("syzkaller", 0 [pid 343] rmdir("./270") = 0 [pid 5742] <... memfd_create resumed>) = 3 [pid 343] mkdir("./271", 0777 [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] <... mkdir resumed>) = 0 [ 253.538347][ T5738] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 253.555100][ T5738] ext4 filesystem being mounted at /root/syzkaller.53SCZU/270/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5742] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5742] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5742] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 5742] <... openat resumed>) = 4 [pid 5738] <... close resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... openat resumed>) = 3 [pid 342] <... close resumed>) = 0 [pid 5742] ioctl(4, LOOP_SET_FD, 3 [pid 5738] memfd_create("syzkaller", 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5738] <... memfd_create resumed>) = 4 [pid 348] close(3 [pid 5738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5744 [pid 5738] <... mmap resumed>) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5744 attached [pid 5742] <... ioctl resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 5744] set_robust_list(0x555584fcf660, 24 [pid 5742] close(3 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5744] <... set_robust_list resumed>) = 0 [pid 5742] <... close resumed>) = 0 [pid 5744] chdir("./266" [pid 5742] close(4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5745 [pid 5744] <... chdir resumed>) = 0 [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5744] setpgid(0, 0) = 0 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5744] write(3, "1000", 4) = 4 [pid 5744] close(3) = 0 [pid 5744] symlink("/dev/binderfs", "./binderfs" [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5744] <... symlink resumed>) = 0 [pid 343] close(3 [pid 5744] write(1, "executing program\n", 18executing program ) = 18 [pid 5744] memfd_create("syzkaller", 0) = 3 [pid 5744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5744] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5744] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5744] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5745 attached [pid 5745] set_robust_list(0x555584fcf660, 24) = 0 [pid 5745] chdir("./271") = 0 [pid 5745] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5745] setpgid(0, 0) = 0 [pid 5745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5745] write(3, "1000", 4) = 4 [pid 5745] close(3) = 0 [pid 5745] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5745] write(1, "executing program\n", 18executing program ) = 18 [pid 5745] memfd_create("syzkaller", 0) = 3 [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5745] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5745] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5745] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5744] <... openat resumed>) = 4 [pid 5742] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 5744] ioctl(4, LOOP_SET_FD, 3 [pid 5742] mkdir("./bus", 0777) = 0 [pid 5742] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5744] <... ioctl resumed>) = 0 [pid 5744] close(3) = 0 [pid 5744] close(4 [pid 5745] <... openat resumed>) = 4 [pid 5745] ioctl(4, LOOP_SET_FD, 3 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5747 ./strace-static-x86_64: Process 5747 attached [pid 5747] set_robust_list(0x555584fcf660, 24 [pid 5738] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5747] <... set_robust_list resumed>) = 0 [pid 5747] chdir("./271") = 0 [pid 5747] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5747] setpgid(0, 0) = 0 [pid 5747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5747] write(3, "1000", 4) = 4 [pid 5747] close(3) = 0 [pid 5747] symlink("/dev/binderfs", "./binderfs" [pid 5744] <... close resumed>) = 0 [pid 5744] mkdir("./bus", 0777) = 0 [pid 5744] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5747] <... symlink resumed>) = 0 executing program [pid 5747] write(1, "executing program\n", 18) = 18 [pid 5742] <... mount resumed>) = 0 [pid 5742] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5742] chdir("./bus") = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5745] <... ioctl resumed>) = 0 [pid 5745] close(3 [pid 5747] memfd_create("syzkaller", 0 [pid 5745] <... close resumed>) = 0 [pid 5747] <... memfd_create resumed>) = 3 [pid 5745] close(4) = 0 [pid 5745] mkdir("./bus", 0777 [pid 5747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5745] <... mkdir resumed>) = 0 [pid 5747] <... mmap resumed>) = 0x7f7c475b3000 [pid 5745] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5742] <... openat resumed>) = 4 [pid 5742] ioctl(4, LOOP_CLR_FD) = 0 [pid 5742] close(4) = 0 [pid 5742] memfd_create("syzkaller", 0) = 4 [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5747] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5747] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5747] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5747] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5747] close(3) = 0 [pid 5747] close(4) = 0 [pid 5747] mkdir("./bus", 0777) = 0 [ 253.749061][ T5742] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 253.763947][ T5742] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/268/bus supports timestamps until (%ptR?) (0x7fffffff) [ 253.799757][ T5744] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 253.826530][ T5745] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5747] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5744] <... mount resumed>) = 0 [pid 5745] <... mount resumed>) = 0 [pid 5745] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5745] chdir("./bus") = 0 [pid 5745] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5745] ioctl(4, LOOP_CLR_FD) = 0 [pid 5745] close(4) = 0 [pid 5745] memfd_create("syzkaller", 0 [pid 5744] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5745] <... memfd_create resumed>) = 4 [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5744] <... openat resumed>) = 3 [pid 5744] chdir("./bus") = 0 [pid 5744] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5744] ioctl(4, LOOP_CLR_FD) = 0 [pid 5744] close(4) = 0 [pid 5744] memfd_create("syzkaller", 0) = 4 [pid 5744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5738] <... write resumed>) = 20699119 [pid 5738] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5738] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5738] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5738] ioctl(5, LOOP_CLR_FD) = 0 [pid 5738] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5738] close(5) = 0 [pid 5738] close(4 [pid 5747] <... mount resumed>) = 0 [pid 5747] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5747] chdir("./bus") = 0 [pid 5747] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5747] ioctl(4, LOOP_CLR_FD) = 0 [ 253.841592][ T5744] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/266/bus supports timestamps until (%ptR?) (0x7fffffff) [ 253.864337][ T5745] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/271/bus supports timestamps until (%ptR?) (0x7fffffff) [ 253.865268][ T5747] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5747] close(4 [pid 5742] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5747] <... close resumed>) = 0 [pid 5747] memfd_create("syzkaller", 0) = 4 [pid 5747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 253.916970][ T5747] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/271/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5738] <... close resumed>) = 0 [pid 5738] exit_group(0) = ? [pid 5738] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5738, si_uid=0, si_status=0, si_utime=3, si_stime=14} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./270/binderfs") = 0 [pid 349] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5745] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./270/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./270/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./270/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./270") = 0 [pid 349] mkdir("./271", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5758 ./strace-static-x86_64: Process 5758 attached [pid 5758] set_robust_list(0x555584fcf660, 24) = 0 [pid 5758] chdir("./271") = 0 [pid 5758] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5758] setpgid(0, 0) = 0 [pid 5758] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5758] write(3, "1000", 4) = 4 [pid 5758] close(3) = 0 [pid 5758] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5758] write(1, "executing program\n", 18executing program ) = 18 [pid 5758] memfd_create("syzkaller", 0) = 3 [pid 5758] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5758] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5758] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5758] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5758] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5758] close(3) = 0 [pid 5758] close(4 [pid 5744] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5758] <... close resumed>) = 0 [pid 5758] mkdir("./bus", 0777) = 0 [pid 5758] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5742] <... write resumed>) = 20699119 [pid 5742] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5747] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5745] <... write resumed>) = 20699119 [pid 5745] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5745] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5742] <... openat resumed>) = 5 [pid 5742] ioctl(5, LOOP_SET_FD, 4 [pid 5745] <... openat resumed>) = 5 [pid 5745] ioctl(5, LOOP_SET_FD, 4 [pid 5742] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5745] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5745] ioctl(5, LOOP_CLR_FD [pid 5742] ioctl(5, LOOP_CLR_FD [pid 5745] <... ioctl resumed>) = 0 [pid 5742] <... ioctl resumed>) = 0 [pid 5745] ioctl(5, LOOP_SET_FD, 4 [pid 5742] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5745] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5742] close(5 [pid 5745] close(5 [pid 5742] <... close resumed>) = 0 [pid 5745] <... close resumed>) = 0 [pid 5742] close(4 [pid 5745] close(4 [pid 5744] <... write resumed>) = 20699119 [pid 5744] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5744] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5744] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5744] ioctl(5, LOOP_CLR_FD) = 0 [pid 5744] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5744] close(5) = 0 [pid 5744] close(4 [pid 5758] <... mount resumed>) = 0 [pid 5758] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5758] chdir("./bus") = 0 [pid 5758] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5758] ioctl(4, LOOP_CLR_FD) = 0 [pid 5758] close(4 [pid 5745] <... close resumed>) = 0 [pid 5758] <... close resumed>) = 0 [pid 5758] memfd_create("syzkaller", 0) = 4 [pid 5758] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5742] <... close resumed>) = 0 [pid 5742] exit_group(0) = ? [pid 5745] exit_group(0 [pid 5742] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5742, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5745] <... exit_group resumed>) = ? [pid 5745] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5745, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] <... restart_syscall resumed>) = 0 [pid 348] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 344] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 344] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./271/binderfs", [pid 344] newfstatat(AT_FDCWD, "./268/binderfs", [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./271/binderfs" [pid 344] unlink("./268/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 348] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [ 254.253499][ T5758] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 254.270359][ T5758] ext4 filesystem being mounted at /root/syzkaller.53SCZU/271/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5747] <... write resumed>) = 20699119 [pid 5744] <... close resumed>) = 0 [pid 5747] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5747] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5744] exit_group(0) = ? [pid 5744] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5744, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./266/binderfs") = 0 [pid 342] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./271/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./271/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./271/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./271") = 0 [pid 348] mkdir("./272", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5758] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5758] munmap(0x7f7c475b3000, 138412032 [pid 5747] <... openat resumed>) = 5 [pid 5747] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5758] <... munmap resumed>) = 0 [pid 5747] ioctl(5, LOOP_CLR_FD [pid 5758] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 5747] <... ioctl resumed>) = 0 [pid 344] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5758] <... openat resumed>) = 5 [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./266/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./266/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./266/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5758] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] close(4executing program [pid 5758] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] close(3 [pid 344] newfstatat(AT_FDCWD, "./268/bus", [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./266/bus" [pid 348] <... close resumed>) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./266") = 0 [pid 342] mkdir("./267", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5762 ./strace-static-x86_64: Process 5762 attached [pid 5762] set_robust_list(0x555584fcf660, 24) = 0 [pid 5762] chdir("./267") = 0 [pid 5762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5762] setpgid(0, 0) = 0 [pid 5762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5762] write(3, "1000", 4) = 4 [pid 5762] close(3) = 0 [pid 5762] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5762] write(1, "executing program\n", 18) = 18 [pid 5762] memfd_create("syzkaller", 0) = 3 [pid 5762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./268/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5763 [pid 344] <... openat resumed>) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./268/bus" [pid 5762] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./268") = 0 [pid 344] mkdir("./269", 0777executing program [pid 5762] <... write resumed>) = 262144 [pid 5762] munmap(0x7f7c475b3000, 138412032) = 0 [pid 344] <... mkdir resumed>) = 0 [pid 5762] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5762] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5763 attached [pid 5763] set_robust_list(0x555584fcf660, 24) = 0 [pid 5763] chdir("./272") = 0 [pid 5763] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5763] setpgid(0, 0) = 0 [pid 5763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5763] write(3, "1000", 4) = 4 [pid 5763] close(3) = 0 [pid 5763] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5763] write(1, "executing program\n", 18) = 18 [pid 5763] memfd_create("syzkaller", 0) = 3 [pid 5763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5747] ioctl(5, LOOP_SET_FD, 4 [pid 5758] ioctl(5, LOOP_CLR_FD [pid 5747] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5747] close(5 [pid 5762] <... ioctl resumed>) = 0 [pid 5762] close(3) = 0 [pid 5762] close(4 [pid 5758] <... ioctl resumed>) = 0 [pid 5747] <... close resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5747] close(4 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5765 [pid 5758] ioctl(5, LOOP_SET_FD, 4./strace-static-x86_64: Process 5765 attached [pid 5765] set_robust_list(0x555584fcf660, 24) = 0 [pid 5765] chdir("./269") = 0 [pid 5765] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5765] setpgid(0, 0) = 0 [pid 5765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5758] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5765] <... openat resumed>) = 3 [pid 5758] close(5 [pid 5765] write(3, "1000", 4) = 4 [pid 5765] close(3) = 0 [pid 5765] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5763] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144executing program [pid 5765] write(1, "executing program\n", 18) = 18 [pid 5765] memfd_create("syzkaller", 0 [pid 5763] <... write resumed>) = 262144 [pid 5765] <... memfd_create resumed>) = 3 [pid 5765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5765] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5763] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5763] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5765] <... write resumed>) = 262144 [pid 5765] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5765] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5747] <... close resumed>) = 0 [pid 5747] exit_group(0) = ? [pid 5747] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5747, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./271/binderfs") = 0 [pid 343] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5762] <... close resumed>) = 0 [pid 5758] <... close resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5762] mkdir("./bus", 0777 [pid 5758] close(4 [pid 5762] <... mkdir resumed>) = 0 [pid 5762] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./271/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./271/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./271/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./271") = 0 [pid 343] mkdir("./272", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5758] <... close resumed>) = 0 [pid 5758] exit_group(0) = ? [pid 5758] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5758, si_uid=0, si_status=0, si_utime=3, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./271/binderfs") = 0 [pid 349] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5765] <... openat resumed>) = 4 [pid 5763] <... openat resumed>) = 4 [pid 5765] ioctl(4, LOOP_SET_FD, 3 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 5763] ioctl(4, LOOP_SET_FD, 3 [pid 5762] <... mount resumed>) = 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3 [pid 5763] <... ioctl resumed>) = 0 [pid 5762] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] <... umount2 resumed>) = 0 [pid 5763] close(3 [pid 5762] <... openat resumed>) = 3 [pid 349] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5763] <... close resumed>) = 0 [pid 5762] chdir("./bus" [pid 5763] close(4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5762] <... chdir resumed>) = 0 [pid 5765] <... ioctl resumed>) = 0 [pid 5762] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] newfstatat(AT_FDCWD, "./271/bus", [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5770 [pid 5765] close(3) = 0 [pid 5765] close(4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5770 attached ) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./271/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./271/bus" [pid 5770] set_robust_list(0x555584fcf660, 24 [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5770] <... set_robust_list resumed>) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./271" [pid 5770] chdir("./272" [pid 349] <... rmdir resumed>) = 0 [pid 349] mkdir("./272", 0777 [pid 5770] <... chdir resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5770] setpgid(0, 0) = 0 [pid 5770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5770] write(3, "1000", 4) = 4 [pid 5770] close(3) = 0 [pid 5770] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5770] write(1, "executing program\n", 18executing program ) = 18 [pid 5770] memfd_create("syzkaller", 0) = 3 [pid 5770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5770] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5770] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5763] <... close resumed>) = 0 [pid 5763] mkdir("./bus", 0777) = 0 [ 254.618402][ T5762] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 254.632434][ T5762] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/267/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5763] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5765] <... close resumed>) = 0 [pid 5770] <... openat resumed>) = 4 [pid 5765] mkdir("./bus", 0777 [pid 349] <... openat resumed>) = 3 [pid 5770] ioctl(4, LOOP_SET_FD, 3 [pid 5762] <... openat resumed>) = 4 [pid 5762] ioctl(4, LOOP_CLR_FD [pid 5765] <... mkdir resumed>) = 0 [pid 5765] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] ioctl(3, LOOP_CLR_FD [pid 5763] <... mount resumed>) = 0 [pid 5763] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5763] chdir("./bus") = 0 [pid 5763] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5770] <... ioctl resumed>) = 0 [pid 5762] <... ioctl resumed>) = 0 [pid 5762] close(4 [pid 5770] close(3) = 0 [pid 5770] close(4) = 0 [pid 5762] <... close resumed>) = 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5762] memfd_create("syzkaller", 0 [pid 349] close(3 [pid 5762] <... memfd_create resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 5770] mkdir("./bus", 0777 [pid 5762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5762] <... mmap resumed>) = 0x7f7c475b3000 [pid 5770] <... mkdir resumed>) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5774 [pid 5770] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"./strace-static-x86_64: Process 5774 attached [pid 5763] <... openat resumed>) = 4 [pid 5763] ioctl(4, LOOP_CLR_FD) = 0 [pid 5763] close(4 [pid 5774] set_robust_list(0x555584fcf660, 24 [pid 5763] <... close resumed>) = 0 [pid 5763] memfd_create("syzkaller", 0 [pid 5774] <... set_robust_list resumed>) = 0 [pid 5774] chdir("./272" [pid 5763] <... memfd_create resumed>) = 4 [pid 5774] <... chdir resumed>) = 0 [pid 5763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5763] <... mmap resumed>) = 0x7f7c475b3000 [pid 5774] <... prctl resumed>) = 0 [pid 5774] setpgid(0, 0) = 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5774] write(3, "1000", 4) = 4 [pid 5774] close(3) = 0 [pid 5774] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5774] write(1, "executing program\n", 18executing program ) = 18 [pid 5774] memfd_create("syzkaller", 0) = 3 [ 254.758400][ T5763] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 254.772544][ T5763] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/272/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5774] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5765] <... mount resumed>) = 0 [pid 5765] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5765] chdir("./bus") = 0 [pid 5774] <... write resumed>) = 262144 [pid 5774] munmap(0x7f7c475b3000, 138412032 [pid 5765] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5774] <... munmap resumed>) = 0 [pid 5774] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5765] <... openat resumed>) = 4 [pid 5774] <... openat resumed>) = 4 [pid 5774] ioctl(4, LOOP_SET_FD, 3 [pid 5765] ioctl(4, LOOP_CLR_FD [pid 5774] <... ioctl resumed>) = 0 [pid 5765] <... ioctl resumed>) = 0 [pid 5765] close(4) = 0 [pid 5765] memfd_create("syzkaller", 0) = 4 [pid 5765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5774] close(3) = 0 [pid 5774] close(4) = 0 [pid 5774] mkdir("./bus", 0777) = 0 [ 254.855023][ T5765] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 254.875506][ T5770] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 254.886851][ T5765] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/269/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5774] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5770] <... mount resumed>) = 0 [pid 5770] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5770] chdir("./bus") = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5770] ioctl(4, LOOP_CLR_FD) = 0 [pid 5770] close(4) = 0 [pid 5770] memfd_create("syzkaller", 0) = 4 [pid 5770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 254.904166][ T5770] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/272/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5762] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5774] <... mount resumed>) = 0 [pid 5774] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5774] chdir("./bus") = 0 [pid 5774] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5774] ioctl(4, LOOP_CLR_FD) = 0 [pid 5774] close(4) = 0 [pid 5774] memfd_create("syzkaller", 0) = 4 [pid 5774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 254.966809][ T5774] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 255.006854][ T5774] ext4 filesystem being mounted at /root/syzkaller.53SCZU/272/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5763] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5765] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5770] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5762] <... write resumed>) = 20699119 [pid 5762] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5762] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5762] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5762] ioctl(5, LOOP_CLR_FD) = 0 [pid 5762] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5762] close(5) = 0 [pid 5762] close(4 [pid 5763] <... write resumed>) = 20699119 [pid 5763] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5763] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5763] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5763] ioctl(5, LOOP_CLR_FD) = 0 [pid 5765] <... write resumed>) = 20699119 [pid 5765] munmap(0x7f7c475b3000, 138412032 [pid 5763] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5763] close(5) = 0 [pid 5763] close(4 [pid 5765] <... munmap resumed>) = 0 [pid 5765] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5765] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5774] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5765] ioctl(5, LOOP_CLR_FD) = 0 [pid 5765] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5765] close(5) = 0 [pid 5765] close(4 [pid 5762] <... close resumed>) = 0 [pid 5762] exit_group(0) = ? [pid 5762] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5762, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./267/binderfs") = 0 [pid 342] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5770] <... write resumed>) = 20699119 [pid 5770] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5763] <... close resumed>) = 0 [pid 5770] <... openat resumed>) = 5 [pid 5770] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5770] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5763] exit_group(0) = ? [pid 5763] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5763, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5770] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5770] close(5) = 0 [pid 5770] close(4 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(3, "", [pid 342] newfstatat(AT_FDCWD, "./267/bus", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] getdents64(3, [pid 342] umount2("./267/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] openat(AT_FDCWD, "./267/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... openat resumed>) = 4 [pid 348] newfstatat(AT_FDCWD, "./272/binderfs", [pid 342] newfstatat(4, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] unlink("./272/binderfs" [pid 342] getdents64(4, [pid 348] <... unlink resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./267/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./267") = 0 [pid 342] mkdir("./268", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5774] <... write resumed>) = 20699119 [pid 5774] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5774] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5765] <... close resumed>) = 0 [pid 5765] exit_group(0) = ? [pid 5765] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5765, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./269/binderfs", [pid 348] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 5774] <... openat resumed>) = 5 [pid 5774] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 342] ioctl(3, LOOP_CLR_FD [pid 5774] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] close(3 [pid 348] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... close resumed>) = 0 [pid 5774] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5774] close(5) = 0 [pid 5774] close(4 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] unlink("./269/binderfs") = 0 [pid 348] newfstatat(AT_FDCWD, "./272/bus", [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5782 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./272/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./272/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./272") = 0 [pid 348] mkdir("./273", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5782 attached [pid 5782] set_robust_list(0x555584fcf660, 24) = 0 [pid 5782] chdir("./268") = 0 [pid 5782] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5782] setpgid(0, 0) = 0 [pid 5782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5782] write(3, "1000", 4) = 4 [pid 5782] close(3) = 0 [pid 5782] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5782] write(1, "executing program\n", 18executing program ) = 18 [pid 5782] memfd_create("syzkaller", 0) = 3 [pid 5782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5782] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5782] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5770] <... close resumed>) = 0 [pid 5770] exit_group(0) = ? [pid 5770] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5770, si_uid=0, si_status=0, si_utime=10, si_stime=10} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./272/binderfs") = 0 [pid 343] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5774] <... close resumed>) = 0 [pid 5774] exit_group(0) = ? [pid 5774] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5774, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./272/binderfs") = 0 [pid 349] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./269/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./269/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./269/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./269") = 0 [pid 344] mkdir("./270", 0777) = 0 [pid 5782] <... openat resumed>) = 4 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5782] ioctl(4, LOOP_SET_FD, 3 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... openat resumed>) = 3 [pid 348] close(3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5782] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... umount2 resumed>) = 0 [pid 349] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] newfstatat(AT_FDCWD, "./272/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./272/bus", [pid 349] openat(AT_FDCWD, "./272/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] openat(AT_FDCWD, "./272/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] close(4) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] close(3 [pid 343] <... openat resumed>) = 4 [pid 349] rmdir("./272/bus" [pid 5782] close(3 [pid 349] <... rmdir resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 343] newfstatat(4, "", [pid 5782] <... close resumed>) = 0 [pid 349] getdents64(3, [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5784 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5784 attached [pid 5782] close(4 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5785 attached [pid 5784] set_robust_list(0x555584fcf660, 24 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5785 [pid 343] getdents64(4, [pid 5785] set_robust_list(0x555584fcf660, 24 [pid 5784] <... set_robust_list resumed>) = 0 [pid 349] close(3 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./272" [pid 5785] <... set_robust_list resumed>) = 0 [pid 5784] chdir("./273" [pid 349] <... rmdir resumed>) = 0 [pid 343] getdents64(4, [pid 349] mkdir("./273", 0777 [pid 5785] chdir("./270" [pid 5784] <... chdir resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] close(4) = 0 [pid 343] rmdir("./272/bus" [pid 5785] <... chdir resumed>) = 0 [pid 5784] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 5785] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5784] <... prctl resumed>) = 0 [pid 343] rmdir("./272" [pid 5785] <... prctl resumed>) = 0 [pid 5784] setpgid(0, 0 [pid 343] <... rmdir resumed>) = 0 [pid 5785] setpgid(0, 0 [pid 5784] <... setpgid resumed>) = 0 [pid 343] mkdir("./273", 0777 [pid 5785] <... setpgid resumed>) = 0 [pid 5784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5784] <... openat resumed>) = 3 [pid 5784] write(3, "1000", 4 [pid 5785] <... openat resumed>) = 3 [pid 5784] <... write resumed>) = 4 [pid 5785] write(3, "1000", 4 [pid 5784] close(3 [pid 5785] <... write resumed>) = 4 [pid 5784] <... close resumed>) = 0 [pid 5785] close(3) = 0 [pid 5785] symlink("/dev/binderfs", "./binderfs" [pid 5784] symlink("/dev/binderfs", "./binderfs" [pid 5785] <... symlink resumed>) = 0 [pid 5784] <... symlink resumed>) = 0 executing program [pid 5785] write(1, "executing program\n", 18) = 18 [pid 5785] memfd_create("syzkaller", 0 [pid 5784] write(1, "executing program\n", 18executing program [pid 5785] <... memfd_create resumed>) = 3 [pid 5784] <... write resumed>) = 18 [pid 5785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5784] memfd_create("syzkaller", 0 [pid 5785] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5784] <... memfd_create resumed>) = 3 [pid 5785] <... write resumed>) = 262144 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5785] munmap(0x7f7c475b3000, 138412032 [pid 5784] <... mmap resumed>) = 0x7f7c475b3000 [pid 5785] <... munmap resumed>) = 0 [pid 5785] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5784] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5784] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5784] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5782] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 5782] mkdir("./bus", 0777 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 5782] <... mkdir resumed>) = 0 [pid 5782] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5785] <... openat resumed>) = 4 [pid 5784] <... openat resumed>) = 4 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5785] ioctl(4, LOOP_SET_FD, 3 [pid 5784] ioctl(4, LOOP_SET_FD, 3 [pid 349] close(3 [pid 343] close(3 [pid 5785] <... ioctl resumed>) = 0 [pid 5785] close(3) = 0 [pid 5785] close(4 [pid 5784] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5784] close(3./strace-static-x86_64: Process 5789 attached ./strace-static-x86_64: Process 5788 attached ) = 0 [pid 5784] close(4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5788 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5789 [pid 5789] set_robust_list(0x555584fcf660, 24 [pid 5788] set_robust_list(0x555584fcf660, 24 [pid 5789] <... set_robust_list resumed>) = 0 [pid 5788] <... set_robust_list resumed>) = 0 [pid 5788] chdir("./273") = 0 [pid 5789] chdir("./273" [pid 5788] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5789] <... chdir resumed>) = 0 [pid 5788] <... prctl resumed>) = 0 [pid 5789] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5788] setpgid(0, 0 [pid 5789] <... prctl resumed>) = 0 [pid 5788] <... setpgid resumed>) = 0 [pid 5789] setpgid(0, 0 [pid 5788] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5789] <... setpgid resumed>) = 0 [pid 5789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5788] <... openat resumed>) = 3 [pid 5789] write(3, "1000", 4 [pid 5788] write(3, "1000", 4 [pid 5789] <... write resumed>) = 4 [pid 5788] <... write resumed>) = 4 [pid 5789] close(3 [pid 5788] close(3 [pid 5789] <... close resumed>) = 0 [pid 5788] <... close resumed>) = 0 [pid 5789] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5788] symlink("/dev/binderfs", "./binderfs" [pid 5789] write(1, "executing program\n", 18executing program [pid 5788] <... symlink resumed>) = 0 [pid 5789] <... write resumed>) = 18 [pid 5788] write(1, "executing program\n", 18executing program [pid 5789] memfd_create("syzkaller", 0 [pid 5788] <... write resumed>) = 18 [pid 5789] <... memfd_create resumed>) = 3 [pid 5788] memfd_create("syzkaller", 0 [pid 5789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5788] <... memfd_create resumed>) = 3 [pid 5788] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5789] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5788] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5789] <... write resumed>) = 262144 [pid 5788] <... write resumed>) = 262144 [pid 5789] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5788] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5789] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5788] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5782] <... mount resumed>) = 0 [pid 5782] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5782] chdir("./bus") = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5785] <... close resumed>) = 0 [pid 5782] <... openat resumed>) = 4 [pid 5782] ioctl(4, LOOP_CLR_FD) = 0 [pid 5782] close(4) = 0 [pid 5782] memfd_create("syzkaller", 0) = 4 [pid 5782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5785] mkdir("./bus", 0777 [pid 5788] <... openat resumed>) = 4 [pid 5788] ioctl(4, LOOP_SET_FD, 3 [pid 5785] <... mkdir resumed>) = 0 [pid 5785] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5788] <... ioctl resumed>) = 0 [pid 5788] close(3) = 0 [pid 5788] close(4 [pid 5789] <... openat resumed>) = 4 [pid 5784] <... close resumed>) = 0 [pid 5789] ioctl(4, LOOP_SET_FD, 3 [pid 5784] mkdir("./bus", 0777) = 0 [pid 5784] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5782] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5785] <... mount resumed>) = 0 [pid 5785] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5785] chdir("./bus") = 0 [ 255.659027][ T5782] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 255.673262][ T5782] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/268/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5785] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5782] <... write resumed>) = 20699119 [pid 5788] <... close resumed>) = 0 [pid 5788] mkdir("./bus", 0777 [pid 5789] <... ioctl resumed>) = 0 [pid 5788] <... mkdir resumed>) = 0 [pid 5782] munmap(0x7f7c475b3000, 138412032 [pid 5789] close(3) = 0 [pid 5788] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5789] close(4 [pid 5782] <... munmap resumed>) = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5785] <... openat resumed>) = 4 [ 255.738347][ T5785] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 255.752923][ T5785] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/270/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5785] ioctl(4, LOOP_CLR_FD [pid 5789] <... close resumed>) = 0 [pid 5789] mkdir("./bus", 0777) = 0 [pid 5789] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5782] <... openat resumed>) = 5 [pid 5782] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5782] ioctl(5, LOOP_CLR_FD) = 0 [pid 5785] <... ioctl resumed>) = 0 [pid 5785] close(4) = 0 [pid 5785] memfd_create("syzkaller", 0 [pid 5782] ioctl(5, LOOP_SET_FD, 4 [pid 5785] <... memfd_create resumed>) = 4 [pid 5782] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5782] close(5 [pid 5785] <... mmap resumed>) = 0x7f7c475b3000 [pid 5782] <... close resumed>) = 0 [pid 5782] close(4 [pid 5789] <... mount resumed>) = 0 [pid 5784] <... mount resumed>) = 0 [pid 5789] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5784] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5789] chdir("./bus") = 0 [pid 5784] <... openat resumed>) = 3 [pid 5789] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5784] chdir("./bus" [pid 5789] ioctl(4, LOOP_CLR_FD) = 0 [pid 5784] <... chdir resumed>) = 0 [pid 5789] close(4) = 0 [pid 5784] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5789] memfd_create("syzkaller", 0 [pid 5784] <... openat resumed>) = 4 [pid 5789] <... memfd_create resumed>) = 4 [pid 5784] ioctl(4, LOOP_CLR_FD [pid 5789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5784] <... ioctl resumed>) = 0 [pid 5789] <... mmap resumed>) = 0x7f7c475b3000 [pid 5784] close(4) = 0 [pid 5784] memfd_create("syzkaller", 0) = 4 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 255.949331][ T5788] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 255.964007][ T5788] ext4 filesystem being mounted at /root/syzkaller.53SCZU/273/bus supports timestamps until (%ptR?) (0x7fffffff) [ 255.981974][ T5784] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [pid 5788] <... mount resumed>) = 0 [pid 5788] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5788] chdir("./bus") = 0 [pid 5788] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5788] ioctl(4, LOOP_CLR_FD) = 0 [pid 5788] close(4) = 0 [pid 5788] memfd_create("syzkaller", 0) = 4 [pid 5788] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5782] <... close resumed>) = 0 [pid 5782] exit_group(0) = ? [pid 5782] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5782, si_uid=0, si_status=0, si_utime=5, si_stime=8} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./268/binderfs") = 0 [ 256.004545][ T5784] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/273/bus supports timestamps until (%ptR?) (0x7fffffff) [ 256.017863][ T5789] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/273/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 342] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 342] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./268/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./268/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./268/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./268/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./268") = 0 [pid 342] mkdir("./269", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5802 [pid 5784] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 5802 attached [pid 5802] set_robust_list(0x555584fcf660, 24) = 0 [pid 5802] chdir("./269") = 0 [pid 5802] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5802] setpgid(0, 0) = 0 [pid 5802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5802] write(3, "1000", 4) = 4 [pid 5802] close(3) = 0 [pid 5802] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5802] write(1, "executing program\n", 18executing program ) = 18 [pid 5802] memfd_create("syzkaller", 0) = 3 [pid 5802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5802] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5802] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5802] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5802] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5802] close(3) = 0 [pid 5802] close(4) = 0 [pid 5802] mkdir("./bus", 0777) = 0 [pid 5802] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5785] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5802] <... mount resumed>) = 0 [pid 5802] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5802] chdir("./bus") = 0 [pid 5802] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5802] ioctl(4, LOOP_CLR_FD) = 0 [pid 5802] close(4) = 0 [pid 5802] memfd_create("syzkaller", 0) = 4 [pid 5802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5788] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5784] <... write resumed>) = 20699119 [ 256.212652][ T5802] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/269/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5789] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5784] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5784] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5784] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5784] ioctl(5, LOOP_CLR_FD) = 0 [pid 5784] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5784] close(5) = 0 [pid 5784] close(4 [pid 5785] <... write resumed>) = 20699119 [pid 5785] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5785] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5785] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5785] ioctl(5, LOOP_CLR_FD) = 0 [pid 5785] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5785] close(5 [pid 5788] <... write resumed>) = 20699119 [pid 5785] <... close resumed>) = 0 [pid 5785] close(4 [pid 5789] <... write resumed>) = 20699119 [pid 5788] munmap(0x7f7c475b3000, 138412032 [pid 5789] munmap(0x7f7c475b3000, 138412032 [pid 5788] <... munmap resumed>) = 0 [pid 5789] <... munmap resumed>) = 0 [pid 5788] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5789] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5788] <... openat resumed>) = 5 [pid 5789] <... openat resumed>) = 5 [pid 5788] ioctl(5, LOOP_SET_FD, 4 [pid 5789] ioctl(5, LOOP_SET_FD, 4 [pid 5788] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5789] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5788] ioctl(5, LOOP_CLR_FD [pid 5789] ioctl(5, LOOP_CLR_FD [pid 5788] <... ioctl resumed>) = 0 [pid 5789] <... ioctl resumed>) = 0 [pid 5788] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5788] close(5) = 0 [pid 5789] ioctl(5, LOOP_SET_FD, 4 [pid 5788] close(4 [pid 5789] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5789] close(5) = 0 [pid 5789] close(4 [pid 5802] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5784] <... close resumed>) = 0 [pid 5784] exit_group(0) = ? [pid 5784] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5784, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 348] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./273/binderfs") = 0 [pid 348] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 348] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./273/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./273/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./273/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./273") = 0 [pid 348] mkdir("./274", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5806 [pid 5785] <... close resumed>) = 0 ./strace-static-x86_64: Process 5806 attached [pid 5806] set_robust_list(0x555584fcf660, 24) = 0 [pid 5806] chdir("./274") = 0 [pid 5806] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5806] setpgid(0, 0) = 0 [pid 5806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5806] write(3, "1000", 4) = 4 [pid 5806] close(3) = 0 [pid 5806] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5806] write(1, "executing program\n", 18executing program ) = 18 [pid 5806] memfd_create("syzkaller", 0 [pid 5785] exit_group(0) = ? [pid 5806] <... memfd_create resumed>) = 3 [pid 5785] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5785, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./270/binderfs") = 0 [pid 344] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5788] <... close resumed>) = 0 [pid 5788] exit_group(0) = ? [pid 5806] <... mmap resumed>) = 0x7f7c475b3000 [pid 5788] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5788, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5789] <... close resumed>) = 0 [pid 5806] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5806] munmap(0x7f7c475b3000, 138412032 [pid 5789] exit_group(0) = ? [pid 5806] <... munmap resumed>) = 0 [pid 5806] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5789] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5789, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 349] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 349] newfstatat(3, "", [pid 343] newfstatat(3, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, [pid 343] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./273/binderfs", [pid 343] newfstatat(AT_FDCWD, "./273/binderfs", [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./273/binderfs" [pid 343] unlink("./273/binderfs" [pid 349] <... unlink resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 349] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5802] <... write resumed>) = 20699119 [pid 5802] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5802] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./270/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./270/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./270/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./270") = 0 [pid 344] mkdir("./271", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5807 [pid 5806] <... openat resumed>) = 4 [pid 5806] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5807 attached [pid 5807] set_robust_list(0x555584fcf660, 24) = 0 [pid 5807] chdir("./271") = 0 [pid 5807] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5807] setpgid(0, 0) = 0 [pid 5807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5807] write(3, "1000", 4) = 4 [pid 5807] close(3) = 0 [pid 5807] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5807] write(1, "executing program\n", 18executing program ) = 18 [pid 5807] memfd_create("syzkaller", 0) = 3 [pid 5807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5807] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5807] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5807] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5802] <... openat resumed>) = 5 [pid 5807] <... openat resumed>) = 4 [pid 5806] <... ioctl resumed>) = 0 [pid 5802] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... umount2 resumed>) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 5807] ioctl(4, LOOP_SET_FD, 3 [pid 5806] close(3 [pid 5802] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5806] <... close resumed>) = 0 [pid 5802] ioctl(5, LOOP_CLR_FD [pid 349] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5807] <... ioctl resumed>) = 0 [pid 5806] close(4 [pid 5802] <... ioctl resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5807] close(3 [pid 349] newfstatat(AT_FDCWD, "./273/bus", [pid 343] newfstatat(AT_FDCWD, "./273/bus", [pid 5807] <... close resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5807] close(4 [pid 349] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5807] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5807] mkdir("./bus", 0777 [pid 349] openat(AT_FDCWD, "./273/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./273/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5807] <... mkdir resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 343] <... openat resumed>) = 4 [pid 5807] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] newfstatat(4, "", [pid 343] newfstatat(4, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 343] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 343] getdents64(4, [pid 5802] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5802] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] close(4 [pid 343] close(4 [pid 5802] close(5 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] rmdir("./273/bus" [pid 343] rmdir("./273/bus" [pid 349] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 343] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] rmdir("./273" [pid 343] rmdir("./273" [pid 349] <... rmdir resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 349] mkdir("./274", 0777 [pid 343] mkdir("./274", 0777 [pid 349] <... mkdir resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5806] <... close resumed>) = 0 [pid 5802] <... close resumed>) = 0 [pid 5806] mkdir("./bus", 0777 [pid 5802] close(4 [pid 5806] <... mkdir resumed>) = 0 [pid 5806] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5807] <... mount resumed>) = 0 [pid 5807] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5807] chdir("./bus") = 0 [pid 5807] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5802] <... close resumed>) = 0 [pid 5802] exit_group(0) = ? [pid 5802] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5802, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./269/binderfs") = 0 [pid 342] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... openat resumed>) = 3 [pid 343] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5812 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5813 ./strace-static-x86_64: Process 5813 attached [pid 5813] set_robust_list(0x555584fcf660, 24) = 0 [pid 5813] chdir("./274") = 0 [pid 5813] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5813] setpgid(0, 0) = 0 [pid 5813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5813] write(3, "1000", 4) = 4 [pid 5813] close(3) = 0 [pid 5813] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5807] <... openat resumed>) = 4 [pid 5807] ioctl(4, LOOP_CLR_FD) = 0 [pid 5807] close(4) = 0 [pid 5807] memfd_create("syzkaller", 0) = 4 [pid 5807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5812 attached [pid 5813] write(1, "executing program\n", 18executing program [pid 5812] set_robust_list(0x555584fcf660, 24 [pid 5813] <... write resumed>) = 18 [pid 5812] <... set_robust_list resumed>) = 0 [pid 5813] memfd_create("syzkaller", 0 [pid 5812] chdir("./274") = 0 [pid 5813] <... memfd_create resumed>) = 3 [pid 5812] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5812] <... prctl resumed>) = 0 [pid 5813] <... mmap resumed>) = 0x7f7c475b3000 [pid 5812] setpgid(0, 0) = 0 [pid 5812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5813] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5812] write(3, "1000", 4) = 4 [pid 5812] close(3) = 0 [pid 5812] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5812] write(1, "executing program\n", 18) = 18 [pid 5812] memfd_create("syzkaller", 0) = 3 [pid 5812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5812] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5813] <... write resumed>) = 262144 [pid 5812] <... write resumed>) = 262144 [pid 5813] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5812] munmap(0x7f7c475b3000, 138412032 [pid 5813] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5812] <... munmap resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5813] <... openat resumed>) = 4 [pid 342] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5813] ioctl(4, LOOP_SET_FD, 3 [pid 5812] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./269/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./269/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5813] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./269/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5813] close(3 [pid 5812] <... openat resumed>) = 4 [pid 5813] <... close resumed>) = 0 [pid 5812] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", [pid 5813] close(4 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./269/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./269") = 0 [pid 342] mkdir("./270", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5812] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 5813] <... close resumed>) = 0 [pid 5812] close(3 [pid 5813] mkdir("./bus", 0777 [pid 5812] <... close resumed>) = 0 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5813] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5818 attached [pid 5818] set_robust_list(0x555584fcf660, 24) = 0 [pid 5818] chdir("./270" [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5818 [pid 5813] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5812] close(4 [pid 5818] <... chdir resumed>) = 0 [pid 5818] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5818] setpgid(0, 0) = 0 [pid 5818] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "1000", 4) = 4 [pid 5818] close(3) = 0 [pid 5818] symlink("/dev/binderfs", "./binderfs" [pid 5812] <... close resumed>) = 0 executing program [pid 5812] mkdir("./bus", 0777 [pid 5818] <... symlink resumed>) = 0 [pid 5818] write(1, "executing program\n", 18 [pid 5812] <... mkdir resumed>) = 0 [pid 5818] <... write resumed>) = 18 [pid 5818] memfd_create("syzkaller", 0 [pid 5812] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5818] <... memfd_create resumed>) = 3 [pid 5818] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 256.818421][ T5807] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/271/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5818] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5818] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5818] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5818] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5818] close(3) = 0 [pid 5818] close(4 [pid 5806] <... mount resumed>) = 0 [pid 5806] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5806] chdir("./bus") = 0 [pid 5806] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5813] <... mount resumed>) = 0 [pid 5813] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5813] chdir("./bus") = 0 [pid 5813] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5818] <... close resumed>) = 0 [pid 5818] mkdir("./bus", 0777 [pid 5806] <... openat resumed>) = 4 [pid 5818] <... mkdir resumed>) = 0 [pid 5806] ioctl(4, LOOP_CLR_FD [pid 5818] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5812] <... mount resumed>) = 0 [pid 5812] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5812] chdir("./bus") = 0 [pid 5812] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 256.884537][ T5806] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/274/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5807] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5813] <... openat resumed>) = 4 [pid 5806] <... ioctl resumed>) = 0 [pid 5813] ioctl(4, LOOP_CLR_FD [pid 5806] close(4 [pid 5813] <... ioctl resumed>) = 0 [pid 5806] <... close resumed>) = 0 [pid 5813] close(4 [pid 5806] memfd_create("syzkaller", 0 [pid 5813] <... close resumed>) = 0 [pid 5806] <... memfd_create resumed>) = 4 [pid 5813] memfd_create("syzkaller", 0 [pid 5806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5813] <... memfd_create resumed>) = 4 [pid 5806] <... mmap resumed>) = 0x7f7c475b3000 [pid 5813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5812] <... openat resumed>) = 4 [pid 5807] <... write resumed>) = 20699119 [pid 5807] munmap(0x7f7c475b3000, 138412032 [pid 5812] ioctl(4, LOOP_CLR_FD) = 0 [pid 5812] close(4) = 0 [pid 5812] memfd_create("syzkaller", 0) = 4 [pid 5812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5807] <... munmap resumed>) = 0 [pid 5807] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5807] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5807] ioctl(5, LOOP_CLR_FD) = 0 [pid 5807] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5807] close(5 [pid 5818] <... mount resumed>) = 0 [pid 5807] <... close resumed>) = 0 [pid 5818] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [ 256.929768][ T5813] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/274/bus supports timestamps until (%ptR?) (0x7fffffff) [ 256.948434][ T5812] ext4 filesystem being mounted at /root/syzkaller.53SCZU/274/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5807] close(4 [pid 5818] <... openat resumed>) = 3 [pid 5818] chdir("./bus") = 0 [pid 5818] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5818] ioctl(4, LOOP_CLR_FD) = 0 [pid 5818] close(4) = 0 [pid 5818] memfd_create("syzkaller", 0) = 4 [pid 5818] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 257.033680][ T5818] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/270/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5807] <... close resumed>) = 0 [pid 5807] exit_group(0) = ? [pid 5807] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5807, si_uid=0, si_status=0, si_utime=4, si_stime=10} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./271/binderfs") = 0 [pid 344] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5806] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5818] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 5813] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./271/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./271/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./271/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./271") = 0 [pid 344] mkdir("./272", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5826 [pid 5812] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 5826 attached [pid 5826] set_robust_list(0x555584fcf660, 24) = 0 [pid 5826] chdir("./272") = 0 [pid 5826] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5826] setpgid(0, 0) = 0 [pid 5826] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5826] write(3, "1000", 4) = 4 [pid 5826] close(3executing program ) = 0 [pid 5826] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5826] write(1, "executing program\n", 18) = 18 [pid 5826] memfd_create("syzkaller", 0) = 3 [pid 5826] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5826] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5826] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5826] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5826] close(3) = 0 [pid 5826] close(4) = 0 [pid 5826] mkdir("./bus", 0777) = 0 [pid 5826] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue") = 0 [pid 5826] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5826] chdir("./bus") = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5826] ioctl(4, LOOP_CLR_FD) = 0 [pid 5826] close(4) = 0 [pid 5826] memfd_create("syzkaller", 0) = 4 [pid 5826] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5806] <... write resumed>) = 20699119 [pid 5806] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5806] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5806] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5806] ioctl(5, LOOP_CLR_FD) = 0 [pid 5806] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5806] close(5) = 0 [ 257.327941][ T5826] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/272/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5806] close(4 [pid 5818] <... write resumed>) = 20699119 [pid 5818] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5818] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5818] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5818] ioctl(5, LOOP_CLR_FD) = 0 [pid 5818] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5818] close(5) = 0 [pid 5818] close(4 [pid 5813] <... write resumed>) = 20699119 [pid 5812] <... write resumed>) = 20699119 [pid 5813] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5813] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5813] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5813] ioctl(5, LOOP_CLR_FD) = 0 [pid 5812] munmap(0x7f7c475b3000, 138412032 [pid 5813] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5813] close(5) = 0 [pid 5813] close(4 [pid 5812] <... munmap resumed>) = 0 [pid 5812] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5812] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5812] ioctl(5, LOOP_CLR_FD) = 0 [pid 5812] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5812] close(5) = 0 [pid 5812] close(4 [pid 5806] <... close resumed>) = 0 [pid 5818] <... close resumed>) = 0 [pid 5806] exit_group(0) = ? [pid 5806] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5806, si_uid=0, si_status=0, si_utime=4, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5818] exit_group(0) = ? [pid 5818] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5818, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 348] <... restart_syscall resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 348] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 342] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./274/binderfs", [pid 342] newfstatat(AT_FDCWD, "./270/binderfs", [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./274/binderfs" [pid 342] unlink("./270/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 342] <... unlink resumed>) = 0 [pid 348] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./274/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./274/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5813] <... close resumed>) = 0 [pid 5813] exit_group(0) = ? [pid 348] newfstatat(4, "", [pid 5813] +++ exited with 0 +++ [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5813, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 343] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] close(4 [pid 343] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] <... close resumed>) = 0 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] rmdir("./274/bus" [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] <... rmdir resumed>) = 0 [pid 343] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] getdents64(3, [pid 343] newfstatat(AT_FDCWD, "./274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] unlink("./274/binderfs") = 0 [pid 348] close(3 [pid 343] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... close resumed>) = 0 [pid 348] rmdir("./274") = 0 [pid 348] mkdir("./275", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5812] <... close resumed>) = 0 [pid 5812] exit_group(0) = ? [pid 5812] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5812, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./274/binderfs") = 0 [pid 349] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./270/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./270/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./270/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./270/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./270") = 0 [pid 342] mkdir("./271", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... write resumed>) = 20699119 [pid 5826] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 349] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] close(3 [pid 5826] <... openat resumed>) = 5 [pid 349] newfstatat(AT_FDCWD, "./274/bus", [pid 348] <... close resumed>) = 0 [pid 343] newfstatat(AT_FDCWD, "./274/bus", [pid 342] ioctl(3, LOOP_CLR_FD [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] close(3 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5830 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./274/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... close resumed>) = 0 [pid 343] openat(AT_FDCWD, "./274/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 4 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] newfstatat(4, "", [pid 343] <... openat resumed>) = 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 343] newfstatat(4, "", [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5831 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] getdents64(4, [pid 349] close(4./strace-static-x86_64: Process 5830 attached [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... close resumed>) = 0 [pid 343] getdents64(4, [pid 349] rmdir("./274/bus" [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5830] set_robust_list(0x555584fcf660, 24) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 343] close(4) = 0 [pid 349] getdents64(3, [pid 343] rmdir("./274/bus" [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5830] chdir("./275") = 0 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 343] <... rmdir resumed>) = 0 [pid 349] close(3 [pid 343] getdents64(3, [pid 5830] <... prctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] rmdir("./274" [pid 343] close(3 [pid 5830] setpgid(0, 0) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./274" [pid 349] mkdir("./275", 0777 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 343] <... rmdir resumed>) = 0 [pid 5830] write(3, "1000", 4) = 4 [pid 5830] close(3) = 0 [pid 5830] symlink("/dev/binderfs", "./binderfs"executing program [pid 349] <... mkdir resumed>) = 0 [pid 343] mkdir("./275", 0777 [pid 5830] <... symlink resumed>) = 0 [pid 5830] write(1, "executing program\n", 18) = 18 [pid 343] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 349] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5830] memfd_create("syzkaller", 0 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3 [pid 349] close(3 [pid 343] <... close resumed>) = 0 [pid 5830] <... memfd_create resumed>) = 3 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... close resumed>) = 0 [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5832 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5833 [pid 5826] ioctl(5, LOOP_SET_FD, 4executing program ) = -1 EBUSY (Device or resource busy) [pid 5830] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 ./strace-static-x86_64: Process 5832 attached [pid 5832] set_robust_list(0x555584fcf660, 24) = 0 [pid 5832] chdir("./275") = 0 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5832] setpgid(0, 0) = 0 [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5833 attached [pid 5833] set_robust_list(0x555584fcf660, 24 [pid 5830] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5833] chdir("./275" [pid 5832] <... openat resumed>) = 3 [pid 5833] <... chdir resumed>) = 0 [pid 5832] write(3, "1000", 4 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5832] <... write resumed>) = 4 [pid 5833] <... prctl resumed>) = 0 [pid 5833] setpgid(0, 0 [pid 5832] close(3 [pid 5830] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5832] <... close resumed>) = 0 [pid 5830] <... openat resumed>) = 4 [pid 5832] symlink("/dev/binderfs", "./binderfs" [pid 5833] <... setpgid resumed>) = 0 [pid 5832] <... symlink resumed>) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5830] ioctl(4, LOOP_SET_FD, 3 [pid 5833] <... openat resumed>) = 3 [pid 5833] write(3, "1000", 4) = 4 [pid 5833] close(3) = 0 [pid 5833] symlink("/dev/binderfs", "./binderfs" [pid 5832] write(1, "executing program\n", 18) = 18 [pid 5833] <... symlink resumed>) = 0 [pid 5832] memfd_create("syzkaller", 0) = 3 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 executing program [pid 5826] ioctl(5, LOOP_CLR_FD [pid 5833] write(1, "executing program\n", 18) = 18 [pid 5833] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 5831 attached [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5832] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5833] <... write resumed>) = 262144 [pid 5832] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5833] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5833] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5833] close(3) = 0 [pid 5833] close(4 [pid 5832] <... openat resumed>) = 4 [pid 5832] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... ioctl resumed>) = 0 [pid 5831] set_robust_list(0x555584fcf660, 24 [pid 5830] <... ioctl resumed>) = 0 [pid 5832] <... ioctl resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5826] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5826] close(5) = 0 [pid 5826] close(4 [pid 5832] close(3 [pid 5833] mkdir("./bus", 0777 [pid 5832] <... close resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] close(4 [pid 5833] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5832] <... close resumed>) = 0 [pid 5832] mkdir("./bus", 0777) = 0 [pid 5832] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5831] <... set_robust_list resumed>) = 0 [pid 5830] close(3 [pid 5831] chdir("./271" [pid 5830] <... close resumed>) = 0 [pid 5830] close(4 [pid 5831] <... chdir resumed>) = 0 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5830] <... close resumed>) = 0 [pid 5830] mkdir("./bus", 0777 [pid 5831] <... prctl resumed>) = 0 [pid 5830] <... mkdir resumed>) = 0 [pid 5831] setpgid(0, 0) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5831] write(3, "1000", 4 [pid 5830] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5831] <... write resumed>) = 4 [pid 5831] close(3) = 0 [pid 5831] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5831] write(1, "executing program\n", 18) = 18 [pid 5831] memfd_create("syzkaller", 0) = 3 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5831] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5832] <... mount resumed>) = 0 [pid 5832] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5833] <... mount resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5833] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5832] chdir("./bus" [pid 5833] chdir("./bus" [pid 5832] <... chdir resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5833] <... chdir resumed>) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... close resumed>) = 0 [pid 5826] exit_group(0) = ? [pid 5826] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5826, si_uid=0, si_status=0, si_utime=5, si_stime=9} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./272/binderfs") = 0 [pid 344] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5832] <... openat resumed>) = 4 [pid 5831] <... openat resumed>) = 4 [pid 5832] ioctl(4, LOOP_CLR_FD [pid 5831] ioctl(4, LOOP_SET_FD, 3 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./272/bus", [pid 5833] <... openat resumed>) = 4 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5833] ioctl(4, LOOP_CLR_FD [pid 344] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./272/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5831] <... ioctl resumed>) = 0 [pid 344] <... openat resumed>) = 4 [pid 5832] <... ioctl resumed>) = 0 [pid 5830] <... mount resumed>) = 0 [pid 5830] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5832] close(4 [pid 344] newfstatat(4, "", [pid 5831] close(3 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5831] <... close resumed>) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5831] close(4 [pid 5832] <... close resumed>) = 0 [ 257.721299][ T5833] ext4 filesystem being mounted at /root/syzkaller.53SCZU/275/bus supports timestamps until (%ptR?) (0x7fffffff) [ 257.728720][ T5832] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/275/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5832] memfd_create("syzkaller", 0 [pid 5833] <... ioctl resumed>) = 0 [pid 5831] <... close resumed>) = 0 [pid 344] getdents64(4, [pid 5832] <... memfd_create resumed>) = 4 [pid 5831] mkdir("./bus", 0777 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 5833] close(4 [pid 5831] <... mkdir resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] close(4 [pid 5831] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5832] <... mmap resumed>) = 0x7f7c475b3000 [pid 344] <... close resumed>) = 0 [pid 5833] memfd_create("syzkaller", 0 [pid 344] rmdir("./272/bus" [pid 5830] <... openat resumed>) = 3 [pid 5830] chdir("./bus") = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5830] ioctl(4, LOOP_CLR_FD [pid 344] <... rmdir resumed>) = 0 [pid 5833] <... memfd_create resumed>) = 4 [pid 344] getdents64(3, [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5833] <... mmap resumed>) = 0x7f7c475b3000 [pid 344] close(3) = 0 [pid 5830] <... ioctl resumed>) = 0 [pid 5830] close(4) = 0 [pid 5830] memfd_create("syzkaller", 0) = 4 [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] rmdir("./272") = 0 [pid 344] mkdir("./273", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5844 ./strace-static-x86_64: Process 5844 attached [pid 5844] set_robust_list(0x555584fcf660, 24) = 0 [pid 5844] chdir("./273") = 0 [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5844] setpgid(0, 0) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5844] write(3, "1000", 4) = 4 [pid 5844] close(3) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5844] write(1, "executing program\n", 18executing program ) = 18 [pid 5844] memfd_create("syzkaller", 0) = 3 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5844] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5844] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5844] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5844] close(3) = 0 [pid 5844] close(4 [pid 5831] <... mount resumed>) = 0 [ 257.798337][ T5830] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/275/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5831] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5831] chdir("./bus") = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5844] <... close resumed>) = 0 [pid 5831] <... openat resumed>) = 4 [pid 5844] mkdir("./bus", 0777 [pid 5831] ioctl(4, LOOP_CLR_FD [pid 5844] <... mkdir resumed>) = 0 [pid 5844] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [ 257.870007][ T5831] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/271/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5830] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5831] <... ioctl resumed>) = 0 [pid 5831] close(4) = 0 [pid 5831] memfd_create("syzkaller", 0) = 4 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5832] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5844] <... mount resumed>) = 0 [pid 5844] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5844] chdir("./bus") = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5844] ioctl(4, LOOP_CLR_FD) = 0 [pid 5844] close(4) = 0 [pid 5844] memfd_create("syzkaller", 0) = 4 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5833] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5844] <... mmap resumed>) = 0x7f7c475b3000 [pid 5830] <... write resumed>) = 20699119 [pid 5830] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5830] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5830] ioctl(5, LOOP_CLR_FD) = 0 [pid 5830] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5830] close(5) = 0 [ 258.018705][ T5844] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/273/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5830] close(4 [pid 5832] <... write resumed>) = 20699119 [pid 5832] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5832] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5832] ioctl(5, LOOP_CLR_FD) = 0 [pid 5832] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5832] close(5) = 0 [pid 5832] close(4 [pid 5831] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5830] <... close resumed>) = 0 [pid 5830] exit_group(0) = ? [pid 5830] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5833] <... write resumed>) = 20699119 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./275/binderfs") = 0 [pid 348] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5833] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5844] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5833] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 5833] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5833] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./275/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5833] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5833] close(5) = 0 [pid 5833] close(4 [pid 348] openat(AT_FDCWD, "./275/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./275/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./275") = 0 [pid 348] mkdir("./276", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5850 ./strace-static-x86_64: Process 5850 attached [pid 5850] set_robust_list(0x555584fcf660, 24) = 0 [pid 5850] chdir("./276") = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 [pid 5850] close(3) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5850] write(1, "executing program\n", 18executing program ) = 18 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5832] <... close resumed>) = 0 [pid 5850] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3 [pid 5832] exit_group(0) = ? [pid 5832] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5850] <... ioctl resumed>) = 0 [pid 5850] close(3) = 0 [pid 5850] close(4) = 0 [pid 5850] mkdir("./bus", 0777) = 0 [pid 5850] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./275/binderfs") = 0 [pid 343] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5831] <... write resumed>) = 20699119 [pid 5831] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5833] <... close resumed>) = 0 [pid 5850] <... mount resumed>) = 0 [pid 5833] exit_group(0) = ? [pid 5850] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5833] +++ exited with 0 +++ [pid 5850] <... openat resumed>) = 3 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5850] chdir("./bus") = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5831] <... openat resumed>) = 5 [pid 349] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./275/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./275/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./275/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./275") = 0 [pid 343] mkdir("./276", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5854 [pid 5831] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] newfstatat(3, "", [pid 5831] ioctl(5, LOOP_CLR_FD [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5831] <... ioctl resumed>) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./275/binderfs") = 0 [pid 5831] ioctl(5, LOOP_SET_FD, 4 [pid 349] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5831] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5831] close(5) = 0 [pid 5831] close(4 [pid 5844] <... write resumed>) = 20699119 [pid 5844] munmap(0x7f7c475b3000, 138412032./strace-static-x86_64: Process 5854 attached [pid 5854] set_robust_list(0x555584fcf660, 24) = 0 [pid 5854] chdir("./276") = 0 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5854] setpgid(0, 0) = 0 [pid 5844] <... munmap resumed>) = 0 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5854] <... openat resumed>) = 3 [pid 5854] write(3, "1000", 4) = 4 [pid 5854] close(3) = 0 [pid 5854] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5854] write(1, "executing program\n", 18executing program ) = 18 [pid 5854] memfd_create("syzkaller", 0) = 3 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5854] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5854] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5831] <... close resumed>) = 0 [pid 5831] exit_group(0) = ? [pid 5831] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5831, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./271/binderfs") = 0 [pid 342] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5850] <... openat resumed>) = 4 [pid 5854] <... openat resumed>) = 4 [pid 5850] ioctl(4, LOOP_CLR_FD [ 258.353340][ T5850] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/276/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5854] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] <... ioctl resumed>) = 0 [pid 5844] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5854] close(3 [pid 5850] close(4 [pid 5844] ioctl(5, LOOP_SET_FD, 4 [pid 349] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5854] <... close resumed>) = 0 [pid 5850] <... close resumed>) = 0 [pid 5844] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5854] close(4 [pid 5850] memfd_create("syzkaller", 0 [pid 5844] ioctl(5, LOOP_CLR_FD [pid 349] newfstatat(AT_FDCWD, "./275/bus", [pid 342] newfstatat(AT_FDCWD, "./271/bus", [pid 5850] <... memfd_create resumed>) = 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./271/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5850] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./275/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./275/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./275") = 0 [pid 349] mkdir("./276", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 342] openat(AT_FDCWD, "./271/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./271/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./271") = 0 [pid 342] mkdir("./272", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5854] <... close resumed>) = 0 [pid 5844] <... ioctl resumed>) = 0 [pid 5854] mkdir("./bus", 0777) = 0 [pid 5854] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5844] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5844] close(5 [pid 5850] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5850] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5844] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 5850] ioctl(5, LOOP_SET_FD, 4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 5850] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5850] ioctl(5, LOOP_CLR_FD [pid 5844] close(4 [pid 349] close(3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 5850] <... ioctl resumed>) = 0 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5856 [pid 342] close(3./strace-static-x86_64: Process 5856 attached ) = 0 [pid 5850] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5850] close(5) = 0 [pid 5850] close(4 [pid 5856] set_robust_list(0x555584fcf660, 24 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5856] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5858 attached [pid 5856] chdir("./276" [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5858 [pid 5858] set_robust_list(0x555584fcf660, 24) = 0 [pid 5858] chdir("./272" [pid 5856] <... chdir resumed>) = 0 [pid 5858] <... chdir resumed>) = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5856] <... prctl resumed>) = 0 [pid 5856] setpgid(0, 0 [pid 5858] setpgid(0, 0) = 0 [pid 5856] <... setpgid resumed>) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5856] <... openat resumed>) = 3 [pid 5858] <... openat resumed>) = 3 [pid 5856] write(3, "1000", 4 [pid 5858] write(3, "1000", 4 [pid 5856] <... write resumed>) = 4 [pid 5858] <... write resumed>) = 4 [pid 5856] close(3 [pid 5858] close(3 [pid 5856] <... close resumed>) = 0 [pid 5858] <... close resumed>) = 0 [pid 5856] symlink("/dev/binderfs", "./binderfs" [pid 5858] symlink("/dev/binderfs", "./binderfs" [pid 5856] <... symlink resumed>) = 0 executing program executing program [pid 5858] <... symlink resumed>) = 0 [pid 5856] write(1, "executing program\n", 18) = 18 [pid 5858] write(1, "executing program\n", 18 [pid 5854] <... mount resumed>) = 0 [pid 5854] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5856] memfd_create("syzkaller", 0 [pid 5858] <... write resumed>) = 18 [pid 5854] <... openat resumed>) = 3 [pid 5854] chdir("./bus") = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5854] ioctl(4, LOOP_CLR_FD) = 0 [pid 5854] close(4) = 0 [pid 5854] memfd_create("syzkaller", 0 [pid 5856] <... memfd_create resumed>) = 3 [pid 5858] memfd_create("syzkaller", 0 [pid 5854] <... memfd_create resumed>) = 4 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5856] <... mmap resumed>) = 0x7f7c475b3000 [pid 5858] <... memfd_create resumed>) = 3 [pid 5856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5856] <... write resumed>) = 262144 [pid 5858] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5856] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5858] munmap(0x7f7c475b3000, 138412032 [pid 5856] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5858] <... munmap resumed>) = 0 [pid 5856] <... openat resumed>) = 4 [pid 5858] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5856] ioctl(4, LOOP_SET_FD, 3 [pid 5858] <... openat resumed>) = 4 [pid 5858] ioctl(4, LOOP_SET_FD, 3 [pid 5856] <... ioctl resumed>) = 0 [pid 5856] close(3) = 0 [pid 5856] close(4 [pid 5844] <... close resumed>) = 0 [pid 5858] <... ioctl resumed>) = 0 [pid 5858] close(3) = 0 [pid 5858] close(4 [pid 5844] exit_group(0) = ? [pid 5844] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./273/binderfs") = 0 [pid 344] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5856] <... close resumed>) = 0 [pid 5856] mkdir("./bus", 0777) = 0 [pid 5856] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5850] <... close resumed>) = 0 [pid 5850] exit_group(0) = ? [pid 5850] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=5, si_stime=10} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./276/binderfs") = 0 [pid 348] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [ 258.621342][ T5854] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/276/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5854] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5858] <... close resumed>) = 0 [pid 5858] mkdir("./bus", 0777) = 0 [pid 5858] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5854] <... write resumed>) = 20699119 [pid 5854] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5856] <... mount resumed>) = 0 [pid 5856] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5856] chdir("./bus") = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5854] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5854] ioctl(5, LOOP_SET_FD, 4 [pid 348] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5854] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./276/bus", [pid 344] newfstatat(AT_FDCWD, "./273/bus", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./276/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] openat(AT_FDCWD, "./273/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5854] ioctl(5, LOOP_CLR_FD [pid 348] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 4 [pid 348] newfstatat(4, "", [pid 344] newfstatat(4, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 344] getdents64(4, [pid 5854] <... ioctl resumed>) = 0 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 344] getdents64(4, [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4 [pid 344] close(4 [pid 348] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] rmdir("./276/bus" [pid 344] rmdir("./273/bus" [pid 348] <... rmdir resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 348] getdents64(3, [pid 344] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3 [pid 344] close(3 [pid 348] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] rmdir("./276" [pid 344] rmdir("./273" [pid 348] <... rmdir resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 348] mkdir("./277", 0777 [pid 344] mkdir("./274", 0777 [pid 348] <... mkdir resumed>) = 0 [pid 344] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3 [pid 344] close(3 [pid 348] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5864 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5865 ./strace-static-x86_64: Process 5864 attached [pid 5864] set_robust_list(0x555584fcf660, 24) = 0 [pid 5864] chdir("./277") = 0 [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5864] setpgid(0, 0) = 0 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5864] write(3, "1000", 4 [pid 5854] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5854] close(5 [pid 5864] <... write resumed>) = 4 [pid 5864] close(3 [pid 5854] <... close resumed>) = 0 [pid 5854] close(4 [pid 5864] <... close resumed>) = 0 [pid 5864] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5864] write(1, "executing program\n", 18) = 18 [pid 5864] memfd_create("syzkaller", 0) = 3 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5864] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5864] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5864] ioctl(4, LOOP_SET_FD, 3executing program ) = 0 executing program [pid 5864] close(3) = 0 [pid 5864] close(4./strace-static-x86_64: Process 5865 attached [pid 5865] set_robust_list(0x555584fcf660, 24) = 0 [pid 5865] chdir("./274") = 0 [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] setpgid(0, 0) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5865] write(3, "1000", 4) = 4 [pid 5865] close(3) = 0 [pid 5865] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5865] write(1, "executing program\n", 18) = 18 [pid 5865] memfd_create("syzkaller", 0) = 3 [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5865] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5865] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5858] <... mount resumed>) = 0 [pid 5858] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5858] chdir("./bus") = 0 [pid 5858] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5854] <... close resumed>) = 0 [pid 5854] exit_group(0) = ? [pid 5854] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5854, si_uid=0, si_status=0, si_utime=5, si_stime=9} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... openat resumed>) = 4 [pid 5864] <... close resumed>) = 0 [pid 5856] <... openat resumed>) = 4 [pid 5856] ioctl(4, LOOP_CLR_FD [pid 5865] ioctl(4, LOOP_SET_FD, 3 [pid 5864] mkdir("./bus", 0777) = 0 [pid 5864] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./276/binderfs") = 0 [pid 343] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5858] <... openat resumed>) = 4 [pid 5858] ioctl(4, LOOP_CLR_FD) = 0 [pid 5858] close(4) = 0 [pid 5858] memfd_create("syzkaller", 0) = 4 [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5856] <... ioctl resumed>) = 0 [pid 5856] close(4 [pid 5865] <... ioctl resumed>) = 0 [pid 5865] close(3) = 0 [ 258.798448][ T5856] ext4 filesystem being mounted at /root/syzkaller.53SCZU/276/bus supports timestamps until (%ptR?) (0x7fffffff) [ 258.832749][ T5858] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/272/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5865] close(4 [pid 5856] <... close resumed>) = 0 [pid 5856] memfd_create("syzkaller", 0) = 4 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5858] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5865] <... close resumed>) = 0 [pid 5865] mkdir("./bus", 0777) = 0 [pid 5865] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./276/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./276/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./276/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./276") = 0 [pid 343] mkdir("./277", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5873 ./strace-static-x86_64: Process 5873 attached [pid 5873] set_robust_list(0x555584fcf660, 24) = 0 [pid 5873] chdir("./277") = 0 [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... mount resumed>) = 0 [pid 5873] <... prctl resumed>) = 0 [pid 5873] setpgid(0, 0 [pid 5864] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5873] <... setpgid resumed>) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... openat resumed>) = 3 [pid 5873] <... openat resumed>) = 3 [pid 5873] write(3, "1000", 4 [pid 5864] chdir("./bus" [pid 5873] <... write resumed>) = 4 [pid 5873] close(3 [pid 5864] <... chdir resumed>) = 0 [pid 5873] <... close resumed>) = 0 [pid 5873] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5873] write(1, "executing program\n", 18) = 18 [pid 5873] memfd_create("syzkaller", 0) = 3 [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5873] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5864] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5873] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5873] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... openat resumed>) = 4 [pid 5873] <... openat resumed>) = 4 [pid 5864] ioctl(4, LOOP_CLR_FD [pid 5873] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... mount resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5865] chdir("./bus") = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5873] <... ioctl resumed>) = 0 [pid 5873] close(3 [pid 5864] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5865] ioctl(4, LOOP_CLR_FD) = 0 [pid 5865] close(4) = 0 [pid 5865] memfd_create("syzkaller", 0) = 4 [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5873] <... close resumed>) = 0 [pid 5864] close(4 [pid 5873] close(4 [pid 5864] <... close resumed>) = 0 [pid 5873] <... close resumed>) = 0 [pid 5873] mkdir("./bus", 0777) = 0 [pid 5864] memfd_create("syzkaller", 0 [pid 5873] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5864] <... memfd_create resumed>) = 4 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5858] <... write resumed>) = 20699119 [pid 5858] munmap(0x7f7c475b3000, 138412032) = 0 [ 258.972387][ T5864] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/277/bus supports timestamps until (%ptR?) (0x7fffffff) [ 259.009482][ T5865] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/274/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5858] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5858] ioctl(5, LOOP_CLR_FD) = 0 [pid 5858] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5858] close(5) = 0 [pid 5858] close(4 [pid 5873] <... mount resumed>) = 0 [pid 5873] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5873] chdir("./bus") = 0 [pid 5873] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5873] ioctl(4, LOOP_CLR_FD) = 0 [pid 5873] close(4) = 0 [pid 5873] memfd_create("syzkaller", 0) = 4 [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 259.122728][ T5873] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/277/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5856] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5858] <... close resumed>) = 0 [pid 5858] exit_group(0) = ? [pid 5858] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5858, si_uid=0, si_status=0, si_utime=2, si_stime=20} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./272/binderfs") = 0 [pid 342] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./272/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./272/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./272/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./272/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./272") = 0 [pid 342] mkdir("./273", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5878 [pid 5864] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 5878 attached [pid 5878] set_robust_list(0x555584fcf660, 24) = 0 [pid 5878] chdir("./273") = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5878] setpgid(0, 0) = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1000", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5878] write(1, "executing program\n", 18) = 18 [pid 5878] memfd_create("syzkaller", 0) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5878] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5878] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5878] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5878] close(3) = 0 [pid 5878] close(4) = 0 [pid 5878] mkdir("./bus", 0777) = 0 [pid 5878] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5873] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5856] <... write resumed>) = 20699119 [pid 5856] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5856] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5856] ioctl(5, LOOP_CLR_FD) = 0 [pid 5856] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5856] close(5 [pid 5878] <... mount resumed>) = 0 [pid 5856] <... close resumed>) = 0 [pid 5878] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5878] chdir("./bus") = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5878] ioctl(4, LOOP_CLR_FD) = 0 [pid 5878] close(4) = 0 [pid 5878] memfd_create("syzkaller", 0) = 4 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5856] close(4 [pid 5865] <... write resumed>) = 20699119 [pid 5865] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5865] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5865] ioctl(5, LOOP_CLR_FD) = 0 [pid 5865] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5865] close(5) = 0 [ 259.364263][ T5878] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/273/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5865] close(4 [pid 5864] <... write resumed>) = 20699119 [pid 5864] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5864] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5864] ioctl(5, LOOP_CLR_FD) = 0 [pid 5864] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5864] close(5) = 0 [pid 5864] close(4 [pid 5856] <... close resumed>) = 0 [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5873] <... write resumed>) = 20699119 [pid 5873] munmap(0x7f7c475b3000, 138412032) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./276/binderfs") = 0 [pid 349] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5873] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5873] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5873] ioctl(5, LOOP_CLR_FD) = 0 [pid 5873] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5873] close(5 [pid 5865] <... close resumed>) = 0 [pid 5865] exit_group(0) = ? [pid 5865] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=3, si_stime=13} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./274/binderfs") = 0 [pid 344] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5873] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 5873] close(4 [pid 349] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./276/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./276/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./276/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./276") = 0 [pid 349] mkdir("./277", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 5864] exit_group(0) = ? [pid 5864] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./277/binderfs") = 0 [pid 348] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5873] <... close resumed>) = 0 [pid 5873] exit_group(0) = ? [pid 5873] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./277/binderfs") = 0 [pid 343] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./274/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./274/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./274/bus" [pid 349] <... openat resumed>) = 3 [pid 344] <... rmdir resumed>) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 349] ioctl(3, LOOP_CLR_FD [pid 344] rmdir("./274") = 0 [pid 344] mkdir("./275", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5878] <... write resumed>) = 20699119 [pid 5878] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... umount2 resumed>) = 0 [pid 349] close(3 [pid 348] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./277/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./277/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5882 [pid 348] close(4) = 0 [pid 348] rmdir("./277/bus"./strace-static-x86_64: Process 5882 attached ) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./277" [pid 5882] set_robust_list(0x555584fcf660, 24 [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./278", 0777 [pid 5882] <... set_robust_list resumed>) = 0 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5882] chdir("./277") = 0 [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5882] setpgid(0, 0) = 0 [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5882] write(3, "1000", 4) = 4 [pid 5882] close(3) = 0 [pid 5882] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5882] write(1, "executing program\n", 18) = 18 [pid 5882] memfd_create("syzkaller", 0) = 3 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5882] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5882] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5882] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5878] <... openat resumed>) = 5 [pid 344] <... openat resumed>) = 3 [pid 5878] ioctl(5, LOOP_SET_FD, 4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5878] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5878] ioctl(5, LOOP_CLR_FD [pid 344] close(3 [pid 5878] <... ioctl resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5883 ./strace-static-x86_64: Process 5883 attached [pid 5883] set_robust_list(0x555584fcf660, 24) = 0 [pid 5883] chdir("./275") = 0 [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5883] setpgid(0, 0) = 0 [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5883] write(3, "1000", 4) = 4 [pid 5878] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5878] close(5) = 0 [pid 5878] close(4 [pid 348] <... openat resumed>) = 3 [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./277/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./277/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 348] ioctl(3, LOOP_CLR_FD [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] rmdir("./277/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./277" [pid 348] close(3 [pid 343] <... rmdir resumed>) = 0 [pid 343] mkdir("./278", 0777 [pid 348] <... close resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5884 [pid 5883] close(3) = 0 [pid 5883] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5883] write(1, "executing program\n", 18executing program ) = 18 [pid 5883] memfd_create("syzkaller", 0) = 3 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5885 [pid 5883] <... write resumed>) = 262144 [pid 5883] munmap(0x7f7c475b3000, 138412032) = 0 ./strace-static-x86_64: Process 5885 attached [pid 5885] set_robust_list(0x555584fcf660, 24) = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5883] ioctl(4, LOOP_SET_FD, 3 [pid 5885] chdir("./278") = 0 [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5885] setpgid(0, 0) = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5885] write(3, "1000", 4) = 4 [pid 5885] close(3) = 0 [pid 5885] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5885] write(1, "executing program\n", 18) = 18 [pid 5885] memfd_create("syzkaller", 0) = 3 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5884 attached [pid 5884] set_robust_list(0x555584fcf660, 24 [pid 5883] <... ioctl resumed>) = 0 [pid 5883] close(3) = 0 [pid 5883] close(4 [pid 5884] <... set_robust_list resumed>) = 0 [pid 5884] chdir("./278") = 0 [pid 5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5884] setpgid(0, 0 [pid 5885] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5884] <... setpgid resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5884] write(3, "1000", 4) = 4 [pid 5885] <... write resumed>) = 262144 [pid 5884] close(3) = 0 [pid 5884] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5884] write(1, "executing program\n", 18executing program ) = 18 [pid 5884] memfd_create("syzkaller", 0) = 3 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5884] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5885] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5884] <... write resumed>) = 262144 [pid 5884] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5878] <... close resumed>) = 0 [pid 5883] <... close resumed>) = 0 [pid 5883] mkdir("./bus", 0777 [pid 5882] <... openat resumed>) = 4 [pid 5878] exit_group(0 [pid 5885] <... openat resumed>) = 4 [pid 5885] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5883] <... mkdir resumed>) = 0 [pid 5882] ioctl(4, LOOP_SET_FD, 3 [pid 5885] close(3) = 0 [pid 5885] close(4 [pid 5884] <... openat resumed>) = 4 [pid 5884] ioctl(4, LOOP_SET_FD, 3 [pid 5878] <... exit_group resumed>) = ? [pid 5878] +++ exited with 0 +++ [pid 5883] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./273/binderfs") = 0 [pid 342] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5885] <... close resumed>) = 0 [pid 5885] mkdir("./bus", 0777) = 0 [pid 5885] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5884] <... ioctl resumed>) = 0 [pid 5884] close(3 [pid 5882] <... ioctl resumed>) = 0 [pid 5884] <... close resumed>) = 0 [pid 5882] close(3 [pid 5884] close(4 [pid 5882] <... close resumed>) = 0 [pid 5882] close(4 [pid 5883] <... mount resumed>) = 0 [pid 5883] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5883] chdir("./bus") = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5885] <... mount resumed>) = 0 [pid 5885] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5885] chdir("./bus") = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5884] <... close resumed>) = 0 [pid 5884] mkdir("./bus", 0777) = 0 [ 259.828605][ T5885] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/278/bus supports timestamps until (%ptR?) (0x7fffffff) [ 259.828612][ T5883] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/275/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5884] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5883] <... openat resumed>) = 4 [pid 5883] ioctl(4, LOOP_CLR_FD) = 0 [pid 5883] close(4) = 0 [pid 5883] memfd_create("syzkaller", 0) = 4 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5882] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 5882] mkdir("./bus", 0777 [pid 342] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./273/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./273/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./273/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./273/bus" [pid 5882] <... mkdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 5882] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./273") = 0 [pid 342] mkdir("./274", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5894 ./strace-static-x86_64: Process 5894 attached [pid 5894] set_robust_list(0x555584fcf660, 24) = 0 [pid 5894] chdir("./274") = 0 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5894] setpgid(0, 0) = 0 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5894] write(3, "1000", 4) = 4 [pid 5894] close(3) = 0 [pid 5894] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5894] write(1, "executing program\n", 18) = 18 [pid 5894] memfd_create("syzkaller", 0) = 3 [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5894] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5894] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5894] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5894] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5894] close(3) = 0 [pid 5894] close(4 [pid 5885] <... openat resumed>) = 4 [pid 5885] ioctl(4, LOOP_CLR_FD) = 0 [pid 5885] close(4) = 0 [pid 5894] <... close resumed>) = 0 [pid 5885] memfd_create("syzkaller", 0 [pid 5894] mkdir("./bus", 0777) = 0 [pid 5894] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5885] <... memfd_create resumed>) = 4 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5884] <... mount resumed>) = 0 [pid 5882] <... mount resumed>) = 0 [pid 5884] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5882] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5884] <... openat resumed>) = 3 [pid 5882] <... openat resumed>) = 3 [pid 5884] chdir("./bus" [pid 5882] chdir("./bus" [pid 5884] <... chdir resumed>) = 0 [pid 5882] <... chdir resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5882] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5884] <... openat resumed>) = 4 [pid 5882] <... openat resumed>) = 4 [pid 5884] ioctl(4, LOOP_CLR_FD [pid 5882] ioctl(4, LOOP_CLR_FD [pid 5884] <... ioctl resumed>) = 0 [pid 5882] <... ioctl resumed>) = 0 [pid 5884] close(4 [pid 5882] close(4 [pid 5884] <... close resumed>) = 0 [pid 5882] <... close resumed>) = 0 [pid 5884] memfd_create("syzkaller", 0) = 4 [pid 5882] memfd_create("syzkaller", 0 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5894] <... mount resumed>) = 0 [pid 5894] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5894] chdir("./bus") = 0 [pid 5894] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5894] ioctl(4, LOOP_CLR_FD [pid 5882] <... memfd_create resumed>) = 4 [pid 5884] <... mmap resumed>) = 0x7f7c475b3000 [pid 5894] <... ioctl resumed>) = 0 [pid 5894] close(4 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5894] <... close resumed>) = 0 [pid 5894] memfd_create("syzkaller", 0) = 4 [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5882] <... mmap resumed>) = 0x7f7c475b3000 [ 259.968017][ T5884] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/278/bus supports timestamps until (%ptR?) (0x7fffffff) [ 259.994351][ T5882] ext4 filesystem being mounted at /root/syzkaller.53SCZU/277/bus supports timestamps until (%ptR?) (0x7fffffff) [ 260.015135][ T5894] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/274/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5883] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5885] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5882] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5883] <... write resumed>) = 20699119 [pid 5883] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 5883] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5883] ioctl(5, LOOP_CLR_FD) = 0 [pid 5894] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5883] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5883] close(5) = 0 [pid 5883] close(4 [pid 5884] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5883] <... close resumed>) = 0 [pid 5883] exit_group(0) = ? [pid 5883] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./275/binderfs") = 0 [pid 344] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5884] <... write resumed>) = 20699119 [pid 5884] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5885] <... write resumed>) = 20699119 [pid 5885] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5894] <... write resumed>) = 20699119 [pid 5894] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5894] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5882] <... write resumed>) = 20699119 [pid 5882] munmap(0x7f7c475b3000, 138412032 [pid 5884] <... openat resumed>) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./275/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./275/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5885] <... openat resumed>) = 5 [pid 5885] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5885] ioctl(5, LOOP_CLR_FD) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./275/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./275" [pid 5885] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5885] close(5 [pid 344] <... rmdir resumed>) = 0 [pid 5894] <... openat resumed>) = 5 [pid 5885] <... close resumed>) = 0 [pid 5884] ioctl(5, LOOP_SET_FD, 4 [pid 5882] <... munmap resumed>) = 0 [pid 344] mkdir("./276", 0777 [pid 5884] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5885] close(4 [pid 5884] ioctl(5, LOOP_CLR_FD [pid 344] <... mkdir resumed>) = 0 [pid 5884] <... ioctl resumed>) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 5884] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5884] close(5 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5884] <... close resumed>) = 0 [pid 5884] close(4 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5902 [pid 5882] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5894] ioctl(5, LOOP_SET_FD, 4 [pid 5882] <... openat resumed>) = 5 [pid 5894] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5894] ioctl(5, LOOP_CLR_FD) = 0 [pid 5882] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5882] ioctl(5, LOOP_CLR_FD) = 0 [pid 5894] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5894] close(5) = 0 [pid 5882] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5894] close(4 [pid 5882] close(5) = 0 [pid 5882] close(4./strace-static-x86_64: Process 5902 attached [pid 5902] set_robust_list(0x555584fcf660, 24) = 0 [pid 5902] chdir("./276") = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5902] setpgid(0, 0) = 0 [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5902] write(3, "1000", 4) = 4 [pid 5902] close(3) = 0 [pid 5902] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5902] write(1, "executing program\n", 18) = 18 [pid 5902] memfd_create("syzkaller", 0) = 3 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5902] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5902] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5902] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5902] close(3) = 0 [pid 5902] close(4) = 0 [pid 5902] mkdir("./bus", 0777) = 0 [pid 5902] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5885] <... close resumed>) = 0 [pid 5902] <... mount resumed>) = 0 [pid 5884] <... close resumed>) = 0 [pid 5902] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5885] exit_group(0 [pid 5884] exit_group(0 [pid 5894] <... close resumed>) = 0 [pid 5894] exit_group(0) = ? [pid 5894] +++ exited with 0 +++ [pid 5882] <... close resumed>) = 0 [pid 5902] chdir("./bus" [pid 5885] <... exit_group resumed>) = ? [pid 5884] <... exit_group resumed>) = ? [pid 5902] <... chdir resumed>) = 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=6, si_stime=10} --- [pid 5885] +++ exited with 0 +++ [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5902] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 5902] <... openat resumed>) = 4 [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5902] ioctl(4, LOOP_CLR_FD [pid 5882] exit_group(0 [pid 5884] +++ exited with 0 +++ [pid 5902] <... ioctl resumed>) = 0 [pid 5882] <... exit_group resumed>) = ? [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 5902] close(4 [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 5902] <... close resumed>) = 0 [pid 5882] +++ exited with 0 +++ [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./278/binderfs") = 0 [pid 348] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... restart_syscall resumed>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 5902] memfd_create("syzkaller", 0 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=2, si_stime=19} --- [pid 343] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5902] <... memfd_create resumed>) = 4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 5902] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... openat resumed>) = 3 [pid 343] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 349] newfstatat(3, "", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, [pid 342] getdents64(3, [pid 349] getdents64(3, [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./277/binderfs", [pid 343] newfstatat(AT_FDCWD, "./278/binderfs", [pid 342] newfstatat(AT_FDCWD, "./274/binderfs", [pid 349] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./277/binderfs" [pid 343] unlink("./278/binderfs" [pid 342] unlink("./274/binderfs" [pid 349] <... unlink resumed>) = 0 [pid 343] <... unlink resumed>) = 0 [pid 342] <... unlink resumed>) = 0 [pid 349] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./278/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./278/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./278/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./278") = 0 [pid 348] mkdir("./279", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 260.546271][ T5902] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/276/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5902] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5902] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 343] <... umount2 resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 349] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./277/bus", [pid 348] close(3 [pid 342] newfstatat(AT_FDCWD, "./274/bus", [pid 5902] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... close resumed>) = 0 [pid 343] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5902] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./278/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./278/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./278/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 342] umount2("./274/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./278" [pid 5902] ioctl(5, LOOP_CLR_FD [pid 349] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... rmdir resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] mkdir("./279", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] openat(AT_FDCWD, "./277/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "./274/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... openat resumed>) = 4 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5906 [pid 342] <... openat resumed>) = 4 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5907 [pid 349] newfstatat(4, "", [pid 342] newfstatat(4, "", [pid 5902] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5906 attached [pid 5906] set_robust_list(0x555584fcf660, 24) = 0 [pid 5906] chdir("./279" [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, [pid 5906] <... chdir resumed>) = 0 [pid 5906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5906] setpgid(0, 0) = 0 [pid 5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 349] getdents64(4, [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5906] write(3, "1000", 4) = 4 [pid 5906] close(3) = 0 [pid 5906] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 342] getdents64(4, [pid 5906] write(1, "executing program\n", 18) = 18 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] getdents64(4, [pid 342] close(4 [pid 5906] memfd_create("syzkaller", 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] <... close resumed>) = 0 [pid 349] close(4 [pid 342] rmdir("./274/bus" [pid 5906] <... memfd_create resumed>) = 3 [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5906] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 349] <... close resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 349] rmdir("./277/bus") = 0 [pid 342] getdents64(3, [pid 349] getdents64(3, [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 349] close(3 [pid 342] rmdir("./274" [pid 349] <... close resumed>) = 0 [pid 5906] <... write resumed>) = 262144 [pid 5906] munmap(0x7f7c475b3000, 138412032 [pid 349] rmdir("./277" [pid 342] <... rmdir resumed>) = 0 [pid 5906] <... munmap resumed>) = 0 [pid 5906] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... rmdir resumed>) = 0 [pid 342] mkdir("./275", 0777 [pid 5906] <... openat resumed>) = 4 [pid 5906] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5906] close(3) = 0 [pid 5906] close(4 [pid 349] mkdir("./278", 0777 [pid 342] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5907 attached [pid 5907] set_robust_list(0x555584fcf660, 24) = 0 [pid 5907] chdir("./279" [pid 349] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5907] <... chdir resumed>) = 0 [pid 5907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5907] setpgid(0, 0) = 0 [pid 5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5907] <... openat resumed>) = 3 [pid 5902] ioctl(5, LOOP_SET_FD, 4 [pid 5907] write(3, "1000", 4) = 4 [pid 5907] close(3) = 0 [pid 5907] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5907] write(1, "executing program\n", 18) = 18 [pid 5907] memfd_create("syzkaller", 0 [pid 5902] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5907] <... memfd_create resumed>) = 3 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5907] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5902] close(5 [pid 5907] <... write resumed>) = 262144 [pid 5907] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 5906] <... close resumed>) = 0 [pid 5902] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 5902] close(4 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 5906] mkdir("./bus", 0777 [pid 342] close(3 [pid 349] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 5906] <... mkdir resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5906] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5909 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5910 [pid 5907] <... openat resumed>) = 4 [pid 5907] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5910 attached [pid 5910] set_robust_list(0x555584fcf660, 24) = 0 [pid 5910] chdir("./275") = 0 [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5910] setpgid(0, 0) = 0 [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5910] write(3, "1000", 4) = 4 [pid 5910] close(3) = 0 [pid 5910] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5910] write(1, "executing program\n", 18) = 18 [pid 5910] memfd_create("syzkaller", 0) = 3 [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5910] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5909 attached [pid 5909] set_robust_list(0x555584fcf660, 24 [pid 5910] <... write resumed>) = 262144 [pid 5910] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5907] <... ioctl resumed>) = 0 [pid 5907] close(3) = 0 [pid 5907] close(4 [pid 5909] <... set_robust_list resumed>) = 0 [pid 5909] chdir("./278") = 0 [pid 5909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5909] setpgid(0, 0) = 0 [pid 5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5909] write(3, "1000", 4) = 4 [pid 5909] close(3) = 0 [pid 5909] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5909] write(1, "executing program\n", 18) = 18 [pid 5909] memfd_create("syzkaller", 0) = 3 [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5909] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5909] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5909] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5902] <... close resumed>) = 0 [pid 5902] exit_group(0) = ? [pid 5902] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=3, si_stime=10} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./276/binderfs") = 0 [ 260.795160][ T5906] ================================================================== [ 260.803353][ T5906] BUG: KASAN: slab-out-of-bounds in __ext4_iget+0x3ac/0x40d0 [ 260.810743][ T5906] Read of size 8 at addr ffff8881d4813040 by task syz-executor405/5906 [ 260.819061][ T5906] [ 260.821395][ T5906] CPU: 0 PID: 5906 Comm: syz-executor405 Not tainted 5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0 [ 260.831710][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 260.841878][ T5906] Call Trace: [ 260.845336][ T5906] __dump_stack+0x1e/0x20 [ 260.849647][ T5906] dump_stack+0x15b/0x1b8 [ 260.854138][ T5906] ? vprintk_default+0x28/0x30 [ 260.858881][ T5906] ? show_regs_print_info+0x18/0x18 [ 260.864203][ T5906] ? printk+0xcc/0x110 [ 260.868257][ T5906] ? __ext4_iget+0x3ac/0x40d0 [ 260.872914][ T5906] print_address_description+0x8d/0x4c0 [ 260.878444][ T5906] ? iget_locked+0x810/0x810 [ 260.883033][ T5906] ? __kasan_check_write+0x14/0x20 [ 260.888209][ T5906] ? __ext4_iget+0x3ac/0x40d0 [ 260.892860][ T5906] __kasan_report+0xef/0x120 [ 260.897441][ T5906] ? __ext4_iget+0x3ac/0x40d0 [ 260.902117][ T5906] kasan_report+0x30/0x60 [ 260.906512][ T5906] __asan_report_load8_noabort+0x14/0x20 [ 260.912130][ T5906] __ext4_iget+0x3ac/0x40d0 [ 260.916619][ T5906] ? idr_replace+0x190/0x190 [ 260.921189][ T5906] ? __kasan_check_write+0x14/0x20 [ 260.926276][ T5906] ? _raw_write_lock+0x8e/0xe0 [ 260.931017][ T5906] ? _raw_write_trylock+0x140/0x140 [ 260.936278][ T5906] ? __proc_create+0x564/0x8d0 [ 260.941106][ T5906] ? ext4_get_projid+0x140/0x140 [ 260.946027][ T5906] ? _raw_write_unlock+0x2b/0x60 [ 260.951049][ T5906] ? proc_register+0x34d/0x4e0 [ 260.955809][ T5906] ext4_enable_quotas+0x33b/0x6c0 [ 260.960821][ T5906] ext4_fill_super+0x7f7c/0x8670 [ 260.965740][ T5906] ? ext4_mount+0x40/0x40 [ 260.970050][ T5906] ? register_shrinker_prepared+0x11d/0x160 [ 260.975921][ T5906] ? set_blocksize+0x1ab/0x3c0 [ 260.980659][ T5906] ? sb_set_blocksize+0xaa/0xf0 [ 260.985493][ T5906] mount_bdev+0x279/0x390 [ 260.989808][ T5906] ? ext4_mount+0x40/0x40 [ 260.994126][ T5906] ext4_mount+0x34/0x40 [ 260.998276][ T5906] legacy_get_tree+0xea/0x190 [ 261.002952][ T5906] ? ext4_lazyinit_thread+0xcc0/0xcc0 [ 261.008309][ T5906] vfs_get_tree+0x89/0x260 [ 261.012768][ T5906] do_new_mount+0x234/0x480 [ 261.017258][ T5906] do_mount+0x63a/0xd40 [ 261.021505][ T5906] ? page_fault+0x2f/0x40 [ 261.025817][ T5906] ? copy_mount_options+0x249/0x340 [ 261.031001][ T5906] ? copy_mount_string+0x30/0x30 [ 261.036271][ T5906] ? copy_mount_options+0x302/0x340 [ 261.041458][ T5906] ksys_mount+0xc5/0x100 [ 261.045679][ T5906] __x64_sys_mount+0xbf/0xd0 [ 261.050435][ T5906] do_syscall_64+0xcf/0x170 [ 261.054926][ T5906] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 261.061028][ T5906] RIP: 0033:0x7f7c4f9f37da [ 261.065441][ T5906] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 261.085440][ T5906] RSP: 002b:00007ffd352c12d8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 261.093852][ T5906] RAX: ffffffffffffffda RBX: 00007ffd352c1330 RCX: 00007f7c4f9f37da [ 261.101818][ T5906] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007ffd352c1330 [ 261.109794][ T5906] RBP: 0000200000000000 R08: 00007ffd352c1370 R09: 00000000000004f4 [ 261.117761][ T5906] R10: 000000000021081e R11: 0000000000000206 R12: 0000200000000180 [ 261.125894][ T5906] R13: 00007ffd352c1370 R14: 00000000000004fa R15: 00002000000001c0 [ 261.133849][ T5906] [ 261.136156][ T5906] Allocated by task 0: [ 261.140312][ T5906] (stack is not available) [ 261.144786][ T5906] [ 261.147110][ T5906] Freed by task 0: [ 261.150804][ T5906] (stack is not available) [ 261.155188][ T5906] [ 261.157495][ T5906] The buggy address belongs to the object at ffff8881d4812b80 [ 261.157495][ T5906] which belongs to the cache f2fs_inode_cache of size 1264 [ 261.172146][ T5906] The buggy address is located 1216 bytes inside of [ 261.172146][ T5906] 1264-byte region [ffff8881d4812b80, ffff8881d4813070) [ 261.185816][ T5906] The buggy address belongs to the page: [ 261.191429][ T5906] page:ffffea0007520400 refcount:1 mapcount:0 mapping:ffff8881f0feb900 index:0xffff8881d4813660 compound_mapcount: 0 [ 261.203925][ T5906] flags: 0x8000000000010200(slab|head) [ 261.209369][ T5906] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f0feb900 [ 261.218115][ T5906] raw: ffff8881d4813660 0000000080170016 00000001ffffffff 0000000000000000 [ 261.226686][ T5906] page dumped because: kasan: bad access detected [ 261.233218][ T5906] page_owner tracks the page as allocated [ 261.238964][ T5906] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE) [ 261.255025][ T5906] prep_new_page+0x35e/0x370 [ 261.259610][ T5906] get_page_from_freelist+0x1296/0x1310 [ 261.265236][ T5906] __alloc_pages_nodemask+0x202/0x4b0 [ 261.270603][ T5906] alloc_slab_page+0x3c/0x3b0 [ 261.275273][ T5906] new_slab+0x93/0x420 [ 261.279443][ T5906] ___slab_alloc+0x29e/0x420 [ 261.284008][ T5906] __slab_alloc+0x63/0xa0 [ 261.288318][ T5906] kmem_cache_alloc+0x12c/0x270 [ 261.293147][ T5906] f2fs_alloc_inode+0x26/0x3b0 [ 261.298044][ T5906] iget_locked+0x144/0x810 [ 261.302593][ T5906] f2fs_iget+0x55/0x4ac0 [ 261.306827][ T5906] f2fs_fill_super+0x44fc/0x7760 [ 261.311917][ T5906] mount_bdev+0x279/0x390 [ 261.316491][ T5906] f2fs_mount+0x34/0x40 [ 261.320728][ T5906] legacy_get_tree+0xea/0x190 [ 261.325384][ T5906] vfs_get_tree+0x89/0x260 [ 261.329861][ T5906] page last free stack trace: [ 261.334781][ T5906] free_unref_page_prepare+0x2a9/0x3a0 [ 261.340334][ T5906] free_unref_page_list+0x110/0x4c0 [ 261.345637][ T5906] release_pages+0xa62/0xaa0 [ 261.350294][ T5906] __pagevec_release+0xbb/0x140 [ 261.355133][ T5906] shmem_undo_range+0x7d8/0x1860 [ 261.360599][ T5906] shmem_evict_inode+0x204/0x9a0 [ 261.365538][ T5906] evict+0x465/0x880 [ 261.369412][ T5906] iput+0x67d/0x810 [ 261.373255][ T5906] dentry_unlink_inode+0x2ca/0x370 [ 261.378344][ T5906] __dentry_kill+0x43e/0x640 [ 261.383011][ T5906] dentry_kill+0xc0/0x2a0 [ 261.387314][ T5906] dput+0x42/0x80 [ 261.391019][ T5906] __fput+0x4ba/0x730 [ 261.394990][ T5906] ____fput+0x15/0x20 [ 261.398969][ T5906] task_work_run+0x146/0x170 [ 261.403540][ T5906] ptrace_notify+0x212/0x250 [ 261.408118][ T5906] [ 261.410422][ T5906] Memory state around the buggy address: [ 261.416034][ T5906] ffff8881d4812f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 261.424073][ T5906] ffff8881d4812f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 261.432121][ T5906] >ffff8881d4813000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 261.440156][ T5906] ^ [pid 344] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] <... openat resumed>) = 4 [pid 5909] <... openat resumed>) = 4 [pid 5907] <... close resumed>) = 0 [pid 5910] ioctl(4, LOOP_SET_FD, 3 [pid 5909] ioctl(4, LOOP_SET_FD, 3 [pid 5907] mkdir("./bus", 0777) = 0 [pid 5907] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5910] <... ioctl resumed>) = 0 [pid 5910] close(3) = 0 [pid 5910] close(4 [pid 5909] <... ioctl resumed>) = 0 [pid 5909] close(3) = 0 [pid 5909] close(4) = 0 [pid 5909] mkdir("./bus", 0777) = 0 [ 261.446283][ T5906] ffff8881d4813080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 [ 261.454317][ T5906] ffff8881d4813100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 261.462438][ T5906] ================================================================== [ 261.470577][ T5906] Disabling lock debugging due to kernel taint [ 261.477163][ T5906] EXT4-fs warning (device loop3): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix. [ 261.492002][ T5906] EXT4-fs (loop3): mount failed [pid 5909] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5907] <... mount resumed>) = 0 [pid 5907] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5907] chdir("./bus") = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5910] <... close resumed>) = 0 [pid 5906] <... mount resumed>) = -1 EACCES (Permission denied) [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./276/bus", [pid 5910] mkdir("./bus", 0777 [pid 5906] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./276/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./276/bus") = 0 [pid 5910] <... mkdir resumed>) = 0 [pid 344] getdents64(3, [pid 5910] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./276") = 0 [pid 344] mkdir("./277", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5909] <... mount resumed>) = 0 [pid 5909] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5909] chdir("./bus") = 0 [pid 5909] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5907] <... openat resumed>) = 4 [ 261.558389][ T5907] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/279/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5907] ioctl(4, LOOP_CLR_FD [pid 5909] <... openat resumed>) = 4 [pid 5906] <... openat resumed>) = 3 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5920 [pid 5909] ioctl(4, LOOP_CLR_FD) = 0 [pid 5909] close(4) = 0 [pid 5909] memfd_create("syzkaller", 0) = 4 [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5906] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5920 attached [pid 5920] set_robust_list(0x555584fcf660, 24) = 0 [pid 5920] chdir("./277") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5920] close(3) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5920] write(1, "executing program\n", 18executing program ) = 18 [pid 5920] memfd_create("syzkaller", 0) = 3 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5920] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5920] munmap(0x7f7c475b3000, 138412032) = 0 [ 261.608625][ T5909] ext4 filesystem being mounted at /root/syzkaller.53SCZU/278/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5920] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5910] <... mount resumed>) = 0 [pid 5910] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5907] <... ioctl resumed>) = 0 [pid 5920] <... openat resumed>) = 4 [pid 5907] close(4 [pid 5906] <... ioctl resumed>) = 0 [pid 5920] ioctl(4, LOOP_SET_FD, 3 [pid 5907] <... close resumed>) = 0 [pid 5907] memfd_create("syzkaller", 0 [pid 5906] close(3 [pid 5910] <... openat resumed>) = 3 [pid 5907] <... memfd_create resumed>) = 4 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5910] chdir("./bus" [pid 5920] <... ioctl resumed>) = 0 [pid 5906] <... close resumed>) = 0 [pid 5920] close(3 [pid 5906] memfd_create("syzkaller", 0 [pid 5920] <... close resumed>) = 0 [pid 5920] close(4 [pid 5906] <... memfd_create resumed>) = 3 [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5910] <... chdir resumed>) = 0 [pid 5906] <... mmap resumed>) = 0x7f7c475b3000 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5909] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5920] <... close resumed>) = 0 [pid 5910] <... openat resumed>) = 4 [pid 5920] mkdir("./bus", 0777 [pid 5910] ioctl(4, LOOP_CLR_FD [pid 5920] <... mkdir resumed>) = 0 [ 261.705897][ T5910] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/275/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5920] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5910] <... ioctl resumed>) = 0 [pid 5910] close(4) = 0 [pid 5910] memfd_create("syzkaller", 0) = 4 [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5907] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5920] <... mount resumed>) = 0 [pid 5920] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5920] chdir("./bus") = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5920] ioctl(4, LOOP_CLR_FD) = 0 [pid 5920] close(4) = 0 [pid 5920] memfd_create("syzkaller", 0) = 4 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5909] <... write resumed>) = 20699119 [pid 5909] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5906] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5909] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5909] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5909] ioctl(5, LOOP_CLR_FD) = 0 [ 261.868099][ T5920] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/277/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5909] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5909] close(5) = 0 [pid 5909] close(4) = 0 [pid 5909] exit_group(0) = ? [pid 5909] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=5, si_stime=10} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./278/binderfs") = 0 [pid 349] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5906] <... write resumed>) = 20699119 [pid 5906] munmap(0x7f7c475b3000, 138412032 [pid 5910] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5906] <... munmap resumed>) = 0 [pid 5906] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5907] <... write resumed>) = 20699119 [pid 5907] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5906] <... openat resumed>) = 4 [pid 5906] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./278/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./278/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./278/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./278") = 0 [pid 349] mkdir("./279", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5920] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5907] <... openat resumed>) = 5 [pid 5906] <... ioctl resumed>) = 0 [pid 5907] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5907] ioctl(5, LOOP_CLR_FD) = 0 [pid 5906] close(3) = 0 [pid 5906] close(4) = 0 [pid 5906] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5906] mount("/dev/loop3", "./bus", "f2fs", MS_RDONLY|MS_NOATIME|MS_REC|MS_SILENT|0x200, "nodiscard,usrjquota=nodiscard,active_logs=4,jqfmt=vfsold,atgc,disable_roll_forward,background_gc=on,"... [pid 5907] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5907] close(5) = 0 [pid 349] <... openat resumed>) = 3 [pid 5907] close(4 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5928 ./strace-static-x86_64: Process 5928 attached [pid 5928] set_robust_list(0x555584fcf660, 24) = 0 [pid 5928] chdir("./279") = 0 [pid 5928] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5928] setpgid(0, 0) = 0 [pid 5928] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5928] write(3, "1000", 4) = 4 [pid 5928] close(3) = 0 [pid 5928] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5928] write(1, "executing program\n", 18executing program ) = 18 [pid 5928] memfd_create("syzkaller", 0) = 3 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5928] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5928] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5928] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5928] close(3) = 0 [pid 5928] close(4) = 0 [pid 5928] mkdir("./bus", 0777) = 0 [pid 5928] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5910] <... write resumed>) = 20699119 [pid 5910] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5928] <... mount resumed>) = 0 [pid 5928] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5910] <... openat resumed>) = 5 [pid 5910] ioctl(5, LOOP_SET_FD, 4 [pid 5928] <... openat resumed>) = 3 [pid 5910] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5928] chdir("./bus" [pid 5910] ioctl(5, LOOP_CLR_FD) = 0 [pid 5928] <... chdir resumed>) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5928] ioctl(4, LOOP_CLR_FD) = 0 [pid 5928] close(4 [pid 5910] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5910] close(5) = 0 [pid 5910] close(4 [pid 5928] <... close resumed>) = 0 [ 262.156928][ T5906] F2FS-fs (loop3): invalid crc value [pid 5928] memfd_create("syzkaller", 0) = 4 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5907] <... close resumed>) = 0 [ 262.213915][ T5928] ext4 filesystem being mounted at /root/syzkaller.53SCZU/279/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5907] exit_group(0) = ? [pid 5907] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./279/binderfs") = 0 [pid 343] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] <... close resumed>) = 0 [pid 5910] exit_group(0) = ? [pid 5910] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./275/binderfs") = 0 [pid 342] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] <... write resumed>) = 20699119 [pid 5920] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./279/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./279/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./279/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./279") = 0 [pid 343] mkdir("./280", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [ 262.267531][ T5906] F2FS-fs (loop3): recover fsync data on readonly fs [ 262.285126][ T5906] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 262.306615][ T5906] F2FS-fs (loop3): checkpoint=disable on readonly fs [pid 5928] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5920] <... openat resumed>) = 5 [pid 5920] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5920] ioctl(5, LOOP_CLR_FD [pid 5928] <... write resumed>) = 20699119 [pid 5928] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5906] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./275/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./275/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./275/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./275/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./275") = 0 [pid 342] mkdir("./276", 0777) = 0 [pid 5906] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3 [pid 5928] <... openat resumed>) = 5 [pid 5920] <... ioctl resumed>) = 0 [pid 5906] <... openat resumed>) = 3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5906] ioctl(3, LOOP_CLR_FD [pid 343] close(3 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 5932 ./strace-static-x86_64: Process 5932 attached [pid 5932] set_robust_list(0x555584fcf660, 24) = 0 [pid 5932] chdir("./276") = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5932] setpgid(0, 0) = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5932] write(3, "1000", 4) = 4 [pid 5932] close(3) = 0 [pid 5932] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5932] write(1, "executing program\n", 18) = 18 [pid 5932] memfd_create("syzkaller", 0) = 3 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5928] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5928] ioctl(5, LOOP_CLR_FD [pid 5932] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5920] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5920] close(5 [pid 5932] <... write resumed>) = 262144 [pid 5932] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5933 [pid 5932] <... openat resumed>) = 4 [pid 5932] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5933 attached [pid 5933] set_robust_list(0x555584fcf660, 24) = 0 [pid 5933] chdir("./280") = 0 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5933] setpgid(0, 0) = 0 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5933] write(3, "1000", 4) = 4 [pid 5933] close(3) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5933] write(1, "executing program\n", 18executing program ) = 18 [pid 5933] memfd_create("syzkaller", 0) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5933] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5933] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5932] <... ioctl resumed>) = 0 [pid 5928] <... ioctl resumed>) = 0 [pid 5920] <... close resumed>) = 0 [pid 5932] close(3) = 0 [pid 5932] close(4 [pid 5920] close(4 [pid 5928] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5928] close(5 [pid 5906] <... ioctl resumed>) = 0 [pid 5906] close(3 [pid 5933] <... openat resumed>) = 4 [pid 5932] <... close resumed>) = 0 [pid 5933] ioctl(4, LOOP_SET_FD, 3 [pid 5932] mkdir("./bus", 0777) = 0 [pid 5932] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5933] <... ioctl resumed>) = 0 [pid 5933] close(3 [pid 5928] <... close resumed>) = 0 [pid 5933] <... close resumed>) = 0 [pid 5928] close(4 [pid 5906] <... close resumed>) = 0 [pid 5906] exit_group(0) = ? [pid 5906] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=7, si_stime=22} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 5933] close(4) = 0 [pid 5933] mkdir("./bus", 0777) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./279/binderfs") = 0 [pid 348] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./279/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./279/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./279/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./279") = 0 [pid 348] mkdir("./280", 0777 [pid 5933] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5937 ./strace-static-x86_64: Process 5937 attached [pid 5937] set_robust_list(0x555584fcf660, 24) = 0 [pid 5937] chdir("./280") = 0 [pid 5937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5937] setpgid(0, 0) = 0 [pid 5937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5937] write(3, "1000", 4) = 4 [pid 5937] close(3) = 0 [pid 5937] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5937] write(1, "executing program\n", 18) = 18 [pid 5937] memfd_create("syzkaller", 0) = 3 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5937] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5937] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5937] ioctl(4, LOOP_SET_FD, 3 [pid 5920] <... close resumed>) = 0 [pid 5920] exit_group(0) = ? [pid 5920] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 5932] <... mount resumed>) = 0 [pid 5932] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5932] chdir("./bus") = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5937] <... ioctl resumed>) = 0 [pid 5937] close(3) = 0 [pid 5937] close(4 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./277/binderfs") = 0 [pid 344] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5933] <... mount resumed>) = 0 [pid 5933] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5933] chdir("./bus") = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5928] <... close resumed>) = 0 [pid 5928] exit_group(0) = ? [pid 5928] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5928, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./279/binderfs") = 0 [pid 349] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5937] <... close resumed>) = 0 [pid 5932] <... openat resumed>) = 4 [pid 5937] mkdir("./bus", 0777) = 0 [pid 5932] ioctl(4, LOOP_CLR_FD [ 262.576037][ T5932] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/276/bus supports timestamps until (%ptR?) (0x7fffffff) [ 262.595922][ T5933] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/280/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5937] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5933] <... openat resumed>) = 4 [pid 5932] <... ioctl resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5933] ioctl(4, LOOP_CLR_FD [pid 5932] close(4 [pid 344] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./277/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./277/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./277/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./277") = 0 [pid 344] mkdir("./278", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5937] <... mount resumed>) = 0 [pid 5937] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5937] chdir("./bus") = 0 [pid 5937] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5933] <... ioctl resumed>) = 0 [pid 5932] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 5937] ioctl(4, LOOP_CLR_FD [pid 5933] close(4 [pid 5932] memfd_create("syzkaller", 0 [pid 349] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] ioctl(3, LOOP_CLR_FD [pid 5937] <... ioctl resumed>) = 0 [pid 5933] <... close resumed>) = 0 [pid 5932] <... memfd_create resumed>) = 4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./279/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./279/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", [pid 5933] memfd_create("syzkaller", 0 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 5933] <... memfd_create resumed>) = 4 [pid 5932] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./279/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./279") = 0 [pid 349] mkdir("./280", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5944 ./strace-static-x86_64: Process 5944 attached [pid 5944] set_robust_list(0x555584fcf660, 24) = 0 [pid 5944] chdir("./280") = 0 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] close(3 [pid 5933] <... mmap resumed>) = 0x7f7c475b3000 [pid 344] <... close resumed>) = 0 [pid 5944] setpgid(0, 0) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5944] write(3, "1000", 4) = 4 [pid 5944] close(3) = 0 [pid 5944] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5944] write(1, "executing program\n", 18) = 18 [pid 5944] memfd_create("syzkaller", 0) = 3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5944] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144executing program [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5944] <... write resumed>) = 262144 [pid 5944] munmap(0x7f7c475b3000, 138412032 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5945 [pid 5944] <... munmap resumed>) = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5944] ioctl(4, LOOP_SET_FD, 3executing program ./strace-static-x86_64: Process 5945 attached [pid 5945] set_robust_list(0x555584fcf660, 24) = 0 [pid 5945] chdir("./278") = 0 [pid 5945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5945] setpgid(0, 0) = 0 [pid 5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5945] write(3, "1000", 4) = 4 [pid 5945] close(3) = 0 [pid 5945] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5945] write(1, "executing program\n", 18) = 18 [pid 5945] memfd_create("syzkaller", 0) = 3 [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5945] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5945] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5937] close(4 [pid 5944] <... ioctl resumed>) = 0 [pid 5944] close(3) = 0 [ 262.708468][ T5937] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/280/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5944] close(4 [pid 5945] <... openat resumed>) = 4 [pid 5944] <... close resumed>) = 0 [pid 5945] ioctl(4, LOOP_SET_FD, 3 [pid 5944] mkdir("./bus", 0777 [pid 5937] <... close resumed>) = 0 [pid 5944] <... mkdir resumed>) = 0 [pid 5937] memfd_create("syzkaller", 0) = 4 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5932] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5944] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5933] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5945] <... ioctl resumed>) = 0 [pid 5945] close(3) = 0 [pid 5945] close(4 [pid 5937] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5945] <... close resumed>) = 0 [pid 5945] mkdir("./bus", 0777) = 0 [pid 5945] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5944] <... mount resumed>) = 0 [pid 5944] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5944] chdir("./bus") = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5944] ioctl(4, LOOP_CLR_FD) = 0 [pid 5944] close(4) = 0 [pid 5944] memfd_create("syzkaller", 0) = 4 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5932] <... write resumed>) = 20699119 [pid 5932] munmap(0x7f7c475b3000, 138412032) = 0 [ 262.949692][ T5944] ext4 filesystem being mounted at /root/syzkaller.53SCZU/280/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5932] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5932] ioctl(5, LOOP_CLR_FD) = 0 [pid 5933] <... write resumed>) = 20699119 [pid 5932] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5932] close(5 [pid 5933] munmap(0x7f7c475b3000, 138412032 [pid 5932] <... close resumed>) = 0 [pid 5933] <... munmap resumed>) = 0 [pid 5932] close(4 [pid 5933] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5933] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5933] ioctl(5, LOOP_CLR_FD) = 0 [pid 5933] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5933] close(5) = 0 [pid 5933] close(4 [pid 5937] <... write resumed>) = 20699119 [pid 5937] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5945] <... mount resumed>) = 0 [pid 5945] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5945] chdir("./bus") = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5945] ioctl(4, LOOP_CLR_FD) = 0 [pid 5945] close(4) = 0 [pid 5945] memfd_create("syzkaller", 0) = 4 [pid 5937] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5937] ioctl(5, LOOP_SET_FD, 4 [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5937] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5945] <... mmap resumed>) = 0x7f7c475b3000 [pid 5937] ioctl(5, LOOP_CLR_FD) = 0 [pid 5937] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5937] close(5) = 0 [ 263.058551][ T5945] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/278/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5937] close(4 [pid 5932] <... close resumed>) = 0 [pid 5933] <... close resumed>) = 0 [pid 5932] exit_group(0) = ? [pid 5933] exit_group(0 [pid 5932] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 5933] <... exit_group resumed>) = ? [pid 5933] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./280/binderfs") = 0 [pid 343] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... restart_syscall resumed>) = 0 [pid 342] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./276/binderfs") = 0 [pid 342] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5937] <... close resumed>) = 0 [pid 5937] exit_group(0) = ? [pid 5937] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5937, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 5944] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./280/binderfs") = 0 [pid 348] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./280/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./280/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./280/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./280") = 0 [pid 343] mkdir("./281", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5945] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5944] <... write resumed>) = 20699119 [pid 5944] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5945] <... write resumed>) = 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./280/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./280/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./280/bus" [pid 343] close(3 [pid 342] newfstatat(AT_FDCWD, "./276/bus", [pid 5945] munmap(0x7f7c475b3000, 138412032 [pid 5944] <... openat resumed>) = 5 [pid 348] <... rmdir resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] umount2("./276/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 5952 [pid 342] openat(AT_FDCWD, "./276/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", [pid 348] getdents64(3, [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5944] ioctl(5, LOOP_SET_FD, 4 [pid 348] close(3 [pid 5944] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... close resumed>) = 0 [pid 342] getdents64(4, [pid 5944] ioctl(5, LOOP_CLR_FD [pid 348] rmdir("./280" [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, [pid 5944] <... ioctl resumed>) = 0 [pid 5945] <... munmap resumed>) = 0 [pid 348] <... rmdir resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5952 attached [pid 5945] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 348] mkdir("./281", 0777 [pid 342] close(4) = 0 [pid 342] rmdir("./276/bus" [pid 348] <... mkdir resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./276" [pid 5945] <... openat resumed>) = 5 [pid 5952] set_robust_list(0x555584fcf660, 24 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 342] <... rmdir resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 342] mkdir("./277", 0777 [pid 5952] <... set_robust_list resumed>) = 0 [pid 5945] ioctl(5, LOOP_SET_FD, 4 [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] <... mkdir resumed>) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWRexecuting program [pid 348] close(3 [pid 342] <... openat resumed>) = 3 [pid 5944] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... close resumed>) = 0 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5953 ./strace-static-x86_64: Process 5953 attached [pid 5953] set_robust_list(0x555584fcf660, 24) = 0 [pid 5953] chdir("./277") = 0 [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5953] setpgid(0, 0) = 0 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5953] write(3, "1000", 4) = 4 [pid 5953] close(3) = 0 [pid 5953] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5953] write(1, "executing program\n", 18) = 18 [pid 5953] memfd_create("syzkaller", 0) = 3 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5944] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5954 [pid 5944] close(5 [pid 5953] <... write resumed>) = 262144 [pid 5953] munmap(0x7f7c475b3000, 138412032 [pid 5944] <... close resumed>) = 0 [pid 5945] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5944] close(4executing program [pid 5953] <... munmap resumed>) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5953] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5954 attached [pid 5954] set_robust_list(0x555584fcf660, 24) = 0 [pid 5954] chdir("./281") = 0 [pid 5954] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5954] setpgid(0, 0) = 0 [pid 5954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5954] write(3, "1000", 4) = 4 [pid 5954] close(3) = 0 [pid 5954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5954] write(1, "executing program\n", 18) = 18 [pid 5954] memfd_create("syzkaller", 0) = 3 [pid 5954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5945] ioctl(5, LOOP_CLR_FD [pid 5953] <... ioctl resumed>) = 0 [pid 5945] <... ioctl resumed>) = 0 [pid 5953] close(3) = 0 [pid 5953] close(4 [pid 5954] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5952] chdir("./281" [pid 5954] <... write resumed>) = 262144 [pid 5954] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5945] ioctl(5, LOOP_SET_FD, 4 [pid 5952] <... chdir resumed>) = 0 [pid 5954] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5945] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5952] <... prctl resumed>) = 0 [pid 5945] close(5 [pid 5952] setpgid(0, 0) = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5952] write(3, "1000", 4) = 4 [pid 5952] close(3) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5952] write(1, "executing program\n", 18) = 18 [pid 5952] memfd_create("syzkaller", 0) = 3 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5952] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5952] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5944] <... close resumed>) = 0 [pid 5944] exit_group(0) = ? [pid 5944] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./280/binderfs") = 0 [pid 349] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5954] <... openat resumed>) = 4 [pid 5953] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 5953] mkdir("./bus", 0777 [pid 349] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5953] <... mkdir resumed>) = 0 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5953] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] newfstatat(AT_FDCWD, "./280/bus", [pid 5954] ioctl(4, LOOP_SET_FD, 3 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./280/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./280/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./280") = 0 [pid 349] mkdir("./281", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program [pid 5954] <... ioctl resumed>) = 0 [pid 5952] <... openat resumed>) = 4 [pid 5945] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5957 ./strace-static-x86_64: Process 5957 attached [pid 5957] set_robust_list(0x555584fcf660, 24) = 0 [pid 5957] chdir("./281") = 0 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5957] setpgid(0, 0) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5957] write(3, "1000", 4) = 4 [pid 5957] close(3) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5957] write(1, "executing program\n", 18) = 18 [pid 5957] memfd_create("syzkaller", 0) = 3 [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5954] close(3 [pid 5952] ioctl(4, LOOP_SET_FD, 3 [pid 5945] close(4 [pid 5954] <... close resumed>) = 0 [pid 5954] close(4 [pid 5957] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5952] <... ioctl resumed>) = 0 [pid 5952] close(3) = 0 [pid 5952] close(4 [pid 5957] <... write resumed>) = 262144 [pid 5957] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5953] <... mount resumed>) = 0 [pid 5953] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5953] chdir("./bus") = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5945] <... close resumed>) = 0 [pid 5954] <... close resumed>) = 0 [pid 5954] mkdir("./bus", 0777 [pid 5945] exit_group(0 [pid 5954] <... mkdir resumed>) = 0 [pid 5945] <... exit_group resumed>) = ? [pid 5954] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5945] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=8, si_stime=9} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./278/binderfs") = 0 [pid 344] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5957] <... openat resumed>) = 4 [pid 5952] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5957] ioctl(4, LOOP_SET_FD, 3 [pid 5952] mkdir("./bus", 0777) = 0 [pid 344] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5952] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./278/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./278/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./278/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./278") = 0 [pid 344] mkdir("./279", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5957] <... ioctl resumed>) = 0 [pid 5957] close(3) = 0 [pid 5957] close(4 [pid 5953] <... openat resumed>) = 4 [ 263.453595][ T5953] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/277/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5953] ioctl(4, LOOP_CLR_FD [pid 5952] <... mount resumed>) = 0 [pid 5952] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5952] chdir("./bus") = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5954] <... mount resumed>) = 0 [pid 5954] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5954] chdir("./bus") = 0 [pid 5954] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5957] <... close resumed>) = 0 [pid 5953] <... ioctl resumed>) = 0 [pid 5952] <... openat resumed>) = 4 [pid 344] <... openat resumed>) = 3 [pid 5957] mkdir("./bus", 0777 [pid 5953] close(4 [pid 5952] ioctl(4, LOOP_CLR_FD [pid 344] ioctl(3, LOOP_CLR_FD [pid 5957] <... mkdir resumed>) = 0 [pid 5957] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5953] <... close resumed>) = 0 [pid 5952] <... ioctl resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5953] memfd_create("syzkaller", 0 [pid 5952] close(4 [pid 344] close(3 [pid 5953] <... memfd_create resumed>) = 4 [pid 5952] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5952] memfd_create("syzkaller", 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5953] <... mmap resumed>) = 0x7f7c475b3000 [ 263.558552][ T5954] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/281/bus supports timestamps until (%ptR?) (0x7fffffff) [ 263.558560][ T5952] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/281/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5952] <... memfd_create resumed>) = 4 ./strace-static-x86_64: Process 5966 attached [pid 5954] <... openat resumed>) = 4 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5966 [pid 5952] <... mmap resumed>) = 0x7f7c475b3000 [pid 5966] set_robust_list(0x555584fcf660, 24 [pid 5954] ioctl(4, LOOP_CLR_FD [pid 5966] <... set_robust_list resumed>) = 0 [pid 5954] <... ioctl resumed>) = 0 [pid 5966] chdir("./279" [pid 5954] close(4) = 0 [pid 5966] <... chdir resumed>) = 0 [pid 5954] memfd_create("syzkaller", 0 [pid 5966] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5954] <... memfd_create resumed>) = 4 [pid 5966] <... prctl resumed>) = 0 [pid 5954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5966] setpgid(0, 0 [pid 5954] <... mmap resumed>) = 0x7f7c475b3000 [pid 5966] <... setpgid resumed>) = 0 [pid 5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5966] write(3, "1000", 4) = 4 [pid 5966] close(3) = 0 [pid 5966] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5966] write(1, "executing program\n", 18executing program ) = 18 [pid 5966] memfd_create("syzkaller", 0) = 3 [pid 5966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5966] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5966] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5966] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5966] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5966] close(3) = 0 [pid 5966] close(4) = 0 [pid 5966] mkdir("./bus", 0777) = 0 [pid 5966] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5957] <... mount resumed>) = 0 [pid 5957] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5957] chdir("./bus") = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5957] ioctl(4, LOOP_CLR_FD) = 0 [pid 5957] close(4) = 0 [pid 5957] memfd_create("syzkaller", 0) = 4 [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 263.684254][ T5957] ext4 filesystem being mounted at /root/syzkaller.53SCZU/281/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5952] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5966] <... mount resumed>) = 0 [pid 5966] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5966] chdir("./bus") = 0 [pid 5966] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5966] ioctl(4, LOOP_CLR_FD) = 0 [pid 5966] close(4) = 0 [pid 5966] memfd_create("syzkaller", 0) = 4 [pid 5966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 263.818007][ T5966] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/279/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5953] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5954] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5957] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5952] <... write resumed>) = 20699119 [pid 5952] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 5952] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5952] ioctl(5, LOOP_CLR_FD) = 0 [pid 5952] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5952] close(5) = 0 [pid 5952] close(4 [pid 5953] <... write resumed>) = 20699119 [pid 5953] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5953] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5953] ioctl(5, LOOP_CLR_FD) = 0 [pid 5953] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5953] close(5) = 0 [pid 5966] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5953] close(4 [pid 5954] <... write resumed>) = 20699119 [pid 5954] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5954] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5954] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5954] ioctl(5, LOOP_CLR_FD) = 0 [pid 5954] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5954] close(5) = 0 [pid 5954] close(4 [pid 5952] <... close resumed>) = 0 [pid 5952] exit_group(0) = ? [pid 5952] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=7, si_stime=11} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./281/binderfs") = 0 [pid 343] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5957] <... write resumed>) = 20699119 [pid 5957] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 343] <... umount2 resumed>) = 0 [pid 5957] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5957] ioctl(5, LOOP_CLR_FD) = 0 [pid 343] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./281/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./281/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 5957] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5957] close(5) = 0 [pid 5953] <... close resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5957] close(4 [pid 343] getdents64(4, [pid 5953] exit_group(0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./281/bus" [pid 5953] <... exit_group resumed>) = ? [pid 343] <... rmdir resumed>) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 5953] +++ exited with 0 +++ [pid 343] <... close resumed>) = 0 [pid 343] rmdir("./281") = 0 [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=7, si_stime=13} --- [pid 343] mkdir("./282", 0777 [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5972 ./strace-static-x86_64: Process 5972 attached [pid 5972] set_robust_list(0x555584fcf660, 24) = 0 [pid 5972] chdir("./282") = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5972] setpgid(0, 0) = 0 [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 342] <... restart_syscall resumed>) = 0 [pid 5972] write(3, "1000", 4) = 4 [pid 5972] close(3 [pid 342] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5972] <... close resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 5972] symlink("/dev/binderfs", "./binderfs" [pid 342] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./277/binderfs", [pid 5972] <... symlink resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./277/binderfs") = 0 [pid 5972] write(1, "executing program\n", 18 [pid 342] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5972] <... write resumed>) = 18 [pid 5972] memfd_create("syzkaller", 0) = 3 [pid 5972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5972] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5972] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5972] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5954] <... close resumed>) = 0 [pid 5966] <... write resumed>) = 20699119 [pid 5954] exit_group(0 [pid 5966] munmap(0x7f7c475b3000, 138412032 [pid 5954] <... exit_group resumed>) = ? [pid 5966] <... munmap resumed>) = 0 [pid 5966] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5954] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5954, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./281/binderfs") = 0 [pid 348] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5972] <... openat resumed>) = 4 [pid 5966] <... openat resumed>) = 5 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./277/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./277/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./277/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5972] ioctl(4, LOOP_SET_FD, 3 [pid 5966] ioctl(5, LOOP_SET_FD, 4 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5966] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./277/bus" [pid 5966] ioctl(5, LOOP_CLR_FD [pid 5957] <... close resumed>) = 0 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./277" [pid 5957] exit_group(0 [pid 342] <... rmdir resumed>) = 0 [pid 342] mkdir("./278", 0777 [pid 5957] <... exit_group resumed>) = ? [pid 342] <... mkdir resumed>) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5957] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./281/binderfs") = 0 [pid 349] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = 0 [pid 5972] <... ioctl resumed>) = 0 [pid 5966] <... ioctl resumed>) = 0 [pid 5972] close(3 [pid 348] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... openat resumed>) = 3 [pid 5972] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5972] close(4 [pid 348] newfstatat(AT_FDCWD, "./281/bus", [pid 342] ioctl(3, LOOP_CLR_FD [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./281/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5966] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... openat resumed>) = 4 [pid 5966] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5966] close(5 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./281/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./281") = 0 [pid 348] mkdir("./282", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5972] <... close resumed>) = 0 [pid 5966] <... close resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5966] close(4 [pid 342] close(3 [pid 5972] mkdir("./bus", 0777 [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5974 [pid 5972] <... mkdir resumed>) = 0 [pid 5972] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] ioctl(3, LOOP_CLR_FD [pid 349] newfstatat(AT_FDCWD, "./281/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] close(3 [pid 349] openat(AT_FDCWD, "./281/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5974 attached [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 5976 [pid 5974] set_robust_list(0x555584fcf660, 24 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 5974] <... set_robust_list resumed>) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./281/bus" [pid 5974] chdir("./278") = 0 [pid 349] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 5974] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 5974] <... prctl resumed>) = 0 [pid 349] close(3) = 0 [pid 5974] setpgid(0, 0 [pid 349] rmdir("./281") = 0 [pid 5974] <... setpgid resumed>) = 0 [pid 349] mkdir("./282", 0777./strace-static-x86_64: Process 5976 attached [pid 5976] set_robust_list(0x555584fcf660, 24) = 0 [pid 5976] chdir("./282") = 0 [pid 5976] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5976] setpgid(0, 0) = 0 [pid 5976] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] <... mkdir resumed>) = 0 [pid 5974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5976] <... openat resumed>) = 3 [pid 5976] write(3, "1000", 4) = 4 [pid 5976] close(3) = 0 [pid 5976] symlink("/dev/binderfs", "./binderfs") = 0 [pid 349] <... openat resumed>) = 3 [pid 5976] write(1, "executing program\n", 18 [pid 5974] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FDexecuting program [pid 5976] <... write resumed>) = 18 [pid 5976] memfd_create("syzkaller", 0 [pid 5974] write(3, "1000", 4 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] close(3 [pid 5974] <... write resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 5974] close(3 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5976] <... memfd_create resumed>) = 3 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 executing program [pid 5974] <... close resumed>) = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5978 [pid 5974] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5974] write(1, "executing program\n", 18) = 18 [pid 5974] memfd_create("syzkaller", 0) = 3 [pid 5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5976] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5974] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5976] <... write resumed>) = 262144 ./strace-static-x86_64: Process 5978 attached [pid 5978] set_robust_list(0x555584fcf660, 24) = 0 [pid 5974] <... write resumed>) = 262144 [pid 5978] chdir("./282" [pid 5976] munmap(0x7f7c475b3000, 138412032 [pid 5974] munmap(0x7f7c475b3000, 138412032 [pid 5978] <... chdir resumed>) = 0 [pid 5978] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5976] <... munmap resumed>) = 0 [pid 5978] <... prctl resumed>) = 0 [pid 5978] setpgid(0, 0 [pid 5976] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5978] <... setpgid resumed>) = 0 [pid 5976] <... openat resumed>) = 4 [pid 5978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5976] ioctl(4, LOOP_SET_FD, 3 [pid 5978] <... openat resumed>) = 3 [pid 5978] write(3, "1000", 4) = 4 [pid 5978] close(3) = 0 [pid 5978] symlink("/dev/binderfs", "./binderfs" [pid 5974] <... munmap resumed>) = 0 [pid 5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5978] <... symlink resumed>) = 0 executing program [pid 5978] write(1, "executing program\n", 18) = 18 [pid 5978] memfd_create("syzkaller", 0) = 3 [pid 5978] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5978] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5978] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5976] <... ioctl resumed>) = 0 [pid 5976] close(3) = 0 [pid 5976] close(4 [pid 5978] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5972] <... mount resumed>) = 0 [pid 5972] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5972] chdir("./bus") = 0 [pid 5972] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5966] <... close resumed>) = 0 [pid 5966] exit_group(0) = ? [pid 5966] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5966, si_uid=0, si_status=0, si_utime=3, si_stime=14} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./279/binderfs") = 0 [pid 344] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5978] <... openat resumed>) = 4 [pid 5976] <... close resumed>) = 0 [pid 5974] <... openat resumed>) = 4 [pid 5972] <... openat resumed>) = 4 [pid 5978] ioctl(4, LOOP_SET_FD, 3 [pid 5976] mkdir("./bus", 0777 [pid 5974] ioctl(4, LOOP_SET_FD, 3 [pid 5972] ioctl(4, LOOP_CLR_FD [pid 5976] <... mkdir resumed>) = 0 [ 264.379586][ T5972] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/282/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5976] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5978] <... ioctl resumed>) = 0 [pid 5974] <... ioctl resumed>) = 0 [pid 5972] <... ioctl resumed>) = 0 [pid 5972] close(4 [pid 5978] close(3 [pid 5974] close(3 [pid 5972] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = 0 [pid 5978] <... close resumed>) = 0 [pid 5974] <... close resumed>) = 0 [pid 5972] memfd_create("syzkaller", 0 [pid 344] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5978] close(4 [pid 5974] close(4 [pid 5972] <... memfd_create resumed>) = 4 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] newfstatat(AT_FDCWD, "./279/bus", [pid 5972] <... mmap resumed>) = 0x7f7c475b3000 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./279/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./279/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./279") = 0 [pid 344] mkdir("./280", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5976] <... mount resumed>) = 0 [pid 5976] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5976] chdir("./bus") = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5978] <... close resumed>) = 0 [pid 5978] mkdir("./bus", 0777) = 0 [pid 5978] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5972] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5974] <... close resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 5974] mkdir("./bus", 0777 [pid 344] ioctl(3, LOOP_CLR_FD [pid 5974] <... mkdir resumed>) = 0 [pid 5974] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5972] <... write resumed>) = 20699119 [pid 5972] munmap(0x7f7c475b3000, 138412032) = 0 [ 264.541181][ T5976] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/282/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5972] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5976] <... openat resumed>) = 4 [pid 5972] <... openat resumed>) = 5 [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5984 [pid 5972] ioctl(5, LOOP_SET_FD, 4 [pid 5976] ioctl(4, LOOP_CLR_FD [pid 5972] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5976] <... ioctl resumed>) = 0 [pid 5976] close(4 [pid 5972] ioctl(5, LOOP_CLR_FD [pid 5976] <... close resumed>) = 0 [pid 5972] <... ioctl resumed>) = 0 [pid 5976] memfd_create("syzkaller", 0) = 4 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5972] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5972] close(5) = 0 [pid 5972] close(4./strace-static-x86_64: Process 5984 attached [pid 5984] set_robust_list(0x555584fcf660, 24) = 0 [pid 5984] chdir("./280") = 0 [pid 5984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5984] setpgid(0, 0) = 0 [pid 5984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5984] write(3, "1000", 4) = 4 [pid 5984] close(3) = 0 [pid 5984] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5984] write(1, "executing program\n", 18) = 18 [pid 5984] memfd_create("syzkaller", 0) = 3 [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5984] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5984] munmap(0x7f7c475b3000, 138412032 [pid 5978] <... mount resumed>) = 0 [pid 5974] <... mount resumed>) = 0 [pid 5984] <... munmap resumed>) = 0 [pid 5974] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5984] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5978] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5984] <... openat resumed>) = 4 [pid 5978] <... openat resumed>) = 3 [pid 5974] <... openat resumed>) = 3 [pid 5984] ioctl(4, LOOP_SET_FD, 3 [pid 5978] chdir("./bus" [pid 5974] chdir("./bus" [pid 5978] <... chdir resumed>) = 0 [pid 5974] <... chdir resumed>) = 0 [pid 5978] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5984] <... ioctl resumed>) = 0 [pid 5984] close(3) = 0 [pid 5978] <... openat resumed>) = 4 [pid 5974] <... openat resumed>) = 4 [pid 5984] close(4 [pid 5978] ioctl(4, LOOP_CLR_FD [pid 5974] ioctl(4, LOOP_CLR_FD [pid 5984] <... close resumed>) = 0 [pid 5978] <... ioctl resumed>) = 0 [pid 5984] mkdir("./bus", 0777 [pid 5974] <... ioctl resumed>) = 0 [pid 5978] close(4 [pid 5984] <... mkdir resumed>) = 0 [pid 5974] close(4 [pid 5978] <... close resumed>) = 0 [pid 5984] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5978] memfd_create("syzkaller", 0 [pid 5974] <... close resumed>) = 0 [pid 5974] memfd_create("syzkaller", 0) = 4 [pid 5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5978] <... memfd_create resumed>) = 4 [pid 5978] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5972] <... close resumed>) = 0 [pid 5972] exit_group(0) = ? [pid 5972] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=2, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./282/binderfs") = 0 [ 264.685441][ T5974] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/278/bus supports timestamps until (%ptR?) (0x7fffffff) [ 264.703735][ T5978] ext4 filesystem being mounted at /root/syzkaller.53SCZU/282/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5984] <... mount resumed>) = 0 [pid 5984] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5984] chdir("./bus") = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5984] ioctl(4, LOOP_CLR_FD) = 0 [pid 5984] close(4) = 0 [pid 5984] memfd_create("syzkaller", 0) = 4 [pid 343] <... umount2 resumed>) = 0 [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./282/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./282/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./282/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./282") = 0 [pid 343] mkdir("./283", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5992 ./strace-static-x86_64: Process 5992 attached [pid 5992] set_robust_list(0x555584fcf660, 24) = 0 [pid 5992] chdir("./283") = 0 [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5992] setpgid(0, 0) = 0 [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5992] write(3, "1000", 4) = 4 [pid 5992] close(3) = 0 [pid 5992] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5992] write(1, "executing program\n", 18executing program ) = 18 [pid 5992] memfd_create("syzkaller", 0) = 3 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 264.784092][ T5984] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/280/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5992] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5992] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5992] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5992] close(3) = 0 [pid 5992] close(4) = 0 [pid 5992] mkdir("./bus", 0777) = 0 [pid 5992] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5978] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5976] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5992] <... mount resumed>) = 0 [pid 5992] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5992] chdir("./bus") = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5992] ioctl(4, LOOP_CLR_FD) = 0 [pid 5992] close(4) = 0 [pid 5992] memfd_create("syzkaller", 0) = 4 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 264.913013][ T5992] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/283/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5974] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5984] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5978] <... write resumed>) = 20699119 [pid 5978] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5978] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5978] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5978] ioctl(5, LOOP_CLR_FD) = 0 [pid 5978] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5978] close(5) = 0 [pid 5978] close(4 [pid 5976] <... write resumed>) = 20699119 [pid 5976] munmap(0x7f7c475b3000, 138412032 [pid 5974] <... write resumed>) = 20699119 [pid 5976] <... munmap resumed>) = 0 [pid 5974] munmap(0x7f7c475b3000, 138412032 [pid 5976] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5976] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5976] ioctl(5, LOOP_CLR_FD) = 0 [pid 5974] <... munmap resumed>) = 0 [pid 5976] ioctl(5, LOOP_SET_FD, 4 [pid 5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5974] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5974] ioctl(5, LOOP_CLR_FD) = 0 [pid 5976] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5976] close(5 [pid 5974] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5974] close(5) = 0 [pid 5974] close(4 [pid 5976] <... close resumed>) = 0 [pid 5976] close(4 [pid 5992] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5978] <... close resumed>) = 0 [pid 5978] exit_group(0) = ? [pid 5978] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5978, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./282/binderfs") = 0 [pid 349] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5984] <... write resumed>) = 20699119 [pid 5984] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5976] <... close resumed>) = 0 [pid 5976] exit_group(0) = ? [pid 5976] +++ exited with 0 +++ [pid 5984] <... openat resumed>) = 5 [pid 5984] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5984] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5976, si_uid=0, si_status=0, si_utime=6, si_stime=11} --- [pid 5984] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5984] close(5) = 0 [pid 5984] close(4 [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 349] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./282/bus", [pid 348] <... restart_syscall resumed>) = 0 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] openat(AT_FDCWD, "./282/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... openat resumed>) = 3 [pid 349] <... openat resumed>) = 4 [pid 348] newfstatat(3, "", [pid 349] newfstatat(4, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] getdents64(4, [pid 348] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./282/binderfs", [pid 349] getdents64(4, [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] unlink("./282/binderfs") = 0 [pid 349] close(4 [pid 348] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./282/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./282") = 0 [pid 349] mkdir("./283", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5974] <... close resumed>) = 0 [pid 5974] exit_group(0) = ? [pid 5974] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5974, si_uid=0, si_status=0, si_utime=7, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./278/binderfs") = 0 [pid 342] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5992] <... write resumed>) = 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 348] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5992] munmap(0x7f7c475b3000, 138412032 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./282/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./282/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", [pid 5984] <... close resumed>) = 0 [pid 5984] exit_group(0) = ? [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, [pid 5984] +++ exited with 0 +++ [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5984, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] close(4) = 0 [pid 344] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] rmdir("./282/bus" [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... rmdir resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 348] getdents64(3, [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] getdents64(3, [pid 348] close(3 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] <... close resumed>) = 0 [pid 344] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] rmdir("./282" [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./280/binderfs", [pid 5992] <... munmap resumed>) = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... rmdir resumed>) = 0 [pid 348] mkdir("./283", 0777 [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./280/binderfs" [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... unlink resumed>) = 0 [pid 344] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 349] close(3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 342] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... close resumed>) = 0 [pid 5992] <... openat resumed>) = 5 [pid 5992] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5992] ioctl(5, LOOP_CLR_FD) = 0 [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 5996 [pid 5992] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5992] close(5) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./278/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./278/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./278/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 5997 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5996 attached [pid 5992] close(4 [pid 5996] set_robust_list(0x555584fcf660, 24 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./278/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./278") = 0 [pid 342] mkdir("./279", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5997 attached [pid 5997] set_robust_list(0x555584fcf660, 24) = 0 [pid 5997] chdir("./283") = 0 [pid 5997] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5997] setpgid(0, 0) = 0 [pid 5997] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5997] write(3, "1000", 4) = 4 [pid 5997] close(3) = 0 [pid 5997] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5997] write(1, "executing program\n", 18executing program ) = 18 [pid 5997] memfd_create("syzkaller", 0) = 3 [pid 5997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5996] <... set_robust_list resumed>) = 0 [pid 5996] chdir("./283") = 0 [pid 5996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5996] setpgid(0, 0) = 0 [pid 5996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5996] write(3, "1000", 4) = 4 [pid 5996] close(3) = 0 [pid 5996] symlink("/dev/binderfs", "./binderfs" [pid 5997] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5996] <... symlink resumed>) = 0 executing program [pid 5996] write(1, "executing program\n", 18) = 18 [pid 5996] memfd_create("syzkaller", 0) = 3 [pid 5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5997] <... write resumed>) = 262144 [pid 5997] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5996] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5996] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5996] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 344] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 5996] ioctl(4, LOOP_SET_FD, 3 [pid 342] ioctl(3, LOOP_CLR_FD [pid 344] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./280/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5992] <... close resumed>) = 0 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./280/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, [pid 5992] exit_group(0) = ? [pid 344] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./280/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./280" [pid 5992] +++ exited with 0 +++ [pid 5996] <... ioctl resumed>) = 0 [pid 344] <... rmdir resumed>) = 0 [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5996] close(3) = 0 [pid 5996] close(4 [pid 344] mkdir("./281", 0777) = 0 [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5992, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 342] close(3 [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... restart_syscall resumed>) = 0 [pid 343] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./283/binderfs") = 0 [pid 343] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5996] <... close resumed>) = 0 [pid 5996] mkdir("./bus", 0777 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5996] <... mkdir resumed>) = 0 [pid 5997] <... openat resumed>) = 4 [pid 5996] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] <... close resumed>) = 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 5999 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5997] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 6000 executing program ./strace-static-x86_64: Process 6000 attached [pid 6000] set_robust_list(0x555584fcf660, 24) = 0 [pid 6000] chdir("./279") = 0 [pid 6000] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6000] setpgid(0, 0) = 0 [pid 6000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6000] write(3, "1000", 4) = 4 [pid 6000] close(3) = 0 [pid 6000] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6000] write(1, "executing program\n", 18) = 18 [pid 6000] memfd_create("syzkaller", 0) = 3 [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 5999 attached [pid 5999] set_robust_list(0x555584fcf660, 24) = 0 [pid 5999] chdir("./281") = 0 [pid 5999] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6000] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5999] <... prctl resumed>) = 0 [pid 5999] setpgid(0, 0) = 0 [pid 5999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6000] <... write resumed>) = 262144 [pid 6000] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6000] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5999] <... openat resumed>) = 3 [pid 5999] write(3, "1000", 4) = 4 [pid 5999] close(3) = 0 [pid 5999] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5999] write(1, "executing program\n", 18executing program ) = 18 [pid 5999] memfd_create("syzkaller", 0) = 3 [pid 5999] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5999] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5999] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5999] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5997] <... ioctl resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./283/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./283/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./283/bus") = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./283") = 0 [pid 343] mkdir("./284", 0777 [pid 5997] close(3 [pid 343] <... mkdir resumed>) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5997] <... close resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5997] close(4 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 6002 executing program ./strace-static-x86_64: Process 6002 attached [pid 6002] set_robust_list(0x555584fcf660, 24) = 0 [pid 6002] chdir("./284") = 0 [pid 6002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6002] setpgid(0, 0) = 0 [pid 6002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6002] write(3, "1000", 4) = 4 [pid 6002] close(3) = 0 [pid 6002] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6002] write(1, "executing program\n", 18) = 18 [pid 6002] memfd_create("syzkaller", 0) = 3 [pid 6002] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5999] <... openat resumed>) = 4 [pid 5999] ioctl(4, LOOP_SET_FD, 3 [pid 6002] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6002] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6002] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5996] <... mount resumed>) = 0 [pid 5996] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5996] chdir("./bus") = 0 [pid 5996] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6000] <... openat resumed>) = 4 [pid 5997] <... close resumed>) = 0 [pid 6000] ioctl(4, LOOP_SET_FD, 3 [pid 5997] mkdir("./bus", 0777) = 0 [pid 5997] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5999] <... ioctl resumed>) = 0 [pid 5999] close(3) = 0 [ 265.498608][ T5996] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/283/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5999] close(4) = 0 [pid 6002] <... openat resumed>) = 4 [pid 6000] <... ioctl resumed>) = 0 [pid 5999] mkdir("./bus", 0777) = 0 [pid 6002] ioctl(4, LOOP_SET_FD, 3 [pid 5996] <... openat resumed>) = 4 [pid 6000] close(3 [pid 5999] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5996] ioctl(4, LOOP_CLR_FD [pid 6000] <... close resumed>) = 0 [pid 6000] close(4 [pid 5997] <... mount resumed>) = 0 [pid 5997] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5997] chdir("./bus") = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6002] <... ioctl resumed>) = 0 [pid 6002] close(3) = 0 [pid 6002] close(4 [pid 5999] <... mount resumed>) = 0 [pid 5999] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5999] chdir("./bus") = 0 [ 265.618532][ T5997] ext4 filesystem being mounted at /root/syzkaller.53SCZU/283/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5999] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6000] <... close resumed>) = 0 [pid 5996] <... ioctl resumed>) = 0 [pid 6000] mkdir("./bus", 0777 [pid 5996] close(4 [pid 6000] <... mkdir resumed>) = 0 [ 265.668761][ T5999] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/281/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6000] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5997] <... openat resumed>) = 4 [pid 5997] ioctl(4, LOOP_CLR_FD) = 0 [pid 5997] close(4) = 0 [pid 5997] memfd_create("syzkaller", 0) = 4 [pid 5997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 5996] <... close resumed>) = 0 [pid 5996] memfd_create("syzkaller", 0) = 4 [pid 5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6002] <... close resumed>) = 0 [pid 5999] <... openat resumed>) = 4 [pid 6002] mkdir("./bus", 0777) = 0 [pid 5999] ioctl(4, LOOP_CLR_FD [pid 6002] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 5997] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5999] <... ioctl resumed>) = 0 [pid 5996] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5999] close(4) = 0 [pid 5999] memfd_create("syzkaller", 0) = 4 [pid 5999] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6002] <... mount resumed>) = 0 [pid 6002] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6002] chdir("./bus") = 0 [pid 6002] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6002] ioctl(4, LOOP_CLR_FD) = 0 [pid 6002] close(4) = 0 [pid 6002] memfd_create("syzkaller", 0) = 4 [pid 6002] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6000] <... mount resumed>) = 0 [pid 6000] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6000] chdir("./bus") = 0 [pid 6000] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6000] ioctl(4, LOOP_CLR_FD) = 0 [pid 6000] close(4) = 0 [pid 6000] memfd_create("syzkaller", 0) = 4 [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 265.895195][ T6002] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/284/bus supports timestamps until (%ptR?) (0x7fffffff) [ 265.918804][ T6000] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/279/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 5996] <... write resumed>) = 20699119 [pid 5997] <... write resumed>) = 20699119 [pid 5997] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 5997] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5997] ioctl(5, LOOP_CLR_FD) = 0 [pid 5996] munmap(0x7f7c475b3000, 138412032) = 0 [pid 5997] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5997] close(5) = 0 [pid 5997] close(4 [pid 5996] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 5996] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5996] ioctl(5, LOOP_CLR_FD) = 0 [pid 5996] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5996] close(5) = 0 [pid 5996] close(4 [pid 5999] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 5996] <... close resumed>) = 0 [pid 5997] <... close resumed>) = 0 [pid 5997] exit_group(0) = ? [pid 5997] +++ exited with 0 +++ [pid 5996] exit_group(0 [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5997, si_uid=0, si_status=0, si_utime=8, si_stime=14} --- [pid 5996] <... exit_group resumed>) = ? [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 5996] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5996, si_uid=0, si_status=0, si_utime=5, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... restart_syscall resumed>) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 349] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./283/binderfs" [pid 349] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] <... unlink resumed>) = 0 [pid 348] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... openat resumed>) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./283/binderfs") = 0 [pid 349] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6002] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6000] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./283/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./283/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./283/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./283") = 0 [pid 348] mkdir("./284", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./283/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./283/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./283/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./283") = 0 [pid 349] mkdir("./284", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6016 [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6017 [pid 6000] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 6016 attached [pid 6016] set_robust_list(0x555584fcf660, 24) = 0 [pid 6016] chdir("./284") = 0 [pid 6016] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6017 attached ) = 0 [pid 6017] set_robust_list(0x555584fcf660, 24) = 0 [pid 6017] chdir("./284" [pid 6016] setpgid(0, 0) = 0 [pid 6016] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6017] <... chdir resumed>) = 0 [pid 6017] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6017] setpgid(0, 0) = 0 [pid 6017] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6016] <... openat resumed>) = 3 [pid 6016] write(3, "1000", 4) = 4 [pid 6017] <... openat resumed>) = 3 [pid 6017] write(3, "1000", 4 [pid 6016] close(3 [pid 6017] <... write resumed>) = 4 [pid 6000] munmap(0x7f7c475b3000, 138412032 [pid 5999] <... write resumed>) = 20699119 [pid 6017] close(3) = 0 [pid 6017] symlink("/dev/binderfs", "./binderfs" [pid 6016] <... close resumed>) = 0 executing program [pid 6017] <... symlink resumed>) = 0 [pid 6016] symlink("/dev/binderfs", "./binderfs" [pid 6017] write(1, "executing program\n", 18) = 18 [pid 6017] memfd_create("syzkaller", 0) = 3 [pid 6016] <... symlink resumed>) = 0 [pid 6017] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6017] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 executing program [pid 6016] write(1, "executing program\n", 18) = 18 [pid 6000] <... munmap resumed>) = 0 [pid 6017] <... write resumed>) = 262144 [pid 6016] memfd_create("syzkaller", 0 [pid 6000] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 6000] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6000] ioctl(5, LOOP_CLR_FD) = 0 [pid 6017] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6016] <... memfd_create resumed>) = 3 [pid 6017] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6017] ioctl(4, LOOP_SET_FD, 3 [pid 5999] munmap(0x7f7c475b3000, 138412032 [pid 6016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6000] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6016] <... mmap resumed>) = 0x7f7c475b3000 [pid 6000] close(5 [pid 5999] <... munmap resumed>) = 0 [pid 5999] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6017] <... ioctl resumed>) = 0 [pid 6016] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6000] <... close resumed>) = 0 [pid 6000] close(4 [pid 6017] close(3) = 0 [pid 6017] close(4 [pid 6016] <... write resumed>) = 262144 [pid 6016] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6016] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6002] <... write resumed>) = 20699119 [pid 6002] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6002] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6000] <... close resumed>) = 0 [pid 6000] exit_group(0) = ? [pid 6000] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6000, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 6017] <... close resumed>) = 0 [pid 6016] <... openat resumed>) = 4 [pid 6002] <... openat resumed>) = 5 [pid 5999] <... openat resumed>) = 5 [pid 342] <... restart_syscall resumed>) = 0 [pid 6017] mkdir("./bus", 0777 [pid 6016] ioctl(4, LOOP_SET_FD, 3 [pid 6017] <... mkdir resumed>) = 0 [pid 6002] ioctl(5, LOOP_SET_FD, 4 [pid 5999] ioctl(5, LOOP_SET_FD, 4 [pid 342] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6002] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5999] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5999] ioctl(5, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6002] ioctl(5, LOOP_CLR_FD [pid 6017] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./279/binderfs") = 0 [pid 342] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6016] <... ioctl resumed>) = 0 [pid 5999] <... ioctl resumed>) = 0 [pid 6016] close(3) = 0 [pid 6016] close(4 [pid 5999] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 5999] close(5 [pid 6017] <... mount resumed>) = 0 [pid 6017] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6017] chdir("./bus") = 0 [pid 6017] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6016] <... close resumed>) = 0 [pid 6002] <... ioctl resumed>) = 0 [pid 6016] mkdir("./bus", 0777) = 0 [pid 6016] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6002] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6002] close(5 [pid 5999] <... close resumed>) = 0 [pid 5999] close(4 [pid 6002] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 6017] <... openat resumed>) = 4 [pid 6002] close(4 [pid 342] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./279/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./279/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./279/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./279/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./279") = 0 [pid 342] mkdir("./280", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6024 [ 266.388471][ T6017] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/284/bus supports timestamps until (%ptR?) (0x7fffffff) executing program ./strace-static-x86_64: Process 6024 attached [pid 6024] set_robust_list(0x555584fcf660, 24) = 0 [pid 6024] chdir("./280") = 0 [pid 6024] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6024] setpgid(0, 0) = 0 [pid 6024] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6024] write(3, "1000", 4) = 4 [pid 6024] close(3) = 0 [pid 6024] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6024] write(1, "executing program\n", 18) = 18 [pid 6024] memfd_create("syzkaller", 0) = 3 [pid 6024] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6024] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6024] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6024] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6024] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6017] ioctl(4, LOOP_CLR_FD [pid 6024] close(3) = 0 [pid 6024] close(4 [pid 5999] <... close resumed>) = 0 [pid 5999] exit_group(0) = ? [pid 6016] <... mount resumed>) = 0 [pid 6016] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5999] +++ exited with 0 +++ [pid 6016] <... openat resumed>) = 3 [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5999, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 6016] chdir("./bus") = 0 [pid 6016] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./281/binderfs") = 0 [pid 344] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6024] <... close resumed>) = 0 [pid 6017] <... ioctl resumed>) = 0 [pid 6016] <... openat resumed>) = 4 [pid 6024] mkdir("./bus", 0777 [pid 6017] close(4 [pid 6016] ioctl(4, LOOP_CLR_FD [pid 6024] <... mkdir resumed>) = 0 [pid 6017] <... close resumed>) = 0 [pid 6016] <... ioctl resumed>) = 0 [pid 6024] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6017] memfd_create("syzkaller", 0 [pid 6016] close(4 [pid 6017] <... memfd_create resumed>) = 4 [pid 6016] <... close resumed>) = 0 [pid 6017] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6016] memfd_create("syzkaller", 0 [pid 6017] <... mmap resumed>) = 0x7f7c475b3000 [pid 6016] <... memfd_create resumed>) = 4 [pid 6016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6002] <... close resumed>) = 0 [pid 6002] exit_group(0) = ? [pid 6002] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6002, si_uid=0, si_status=0, si_utime=9, si_stime=15} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] <... umount2 resumed>) = 0 [pid 343] newfstatat(3, "", [pid 344] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./281/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./281/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./281/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./281") = 0 [pid 344] mkdir("./282", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6028 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 266.487969][ T6016] ext4 filesystem being mounted at /root/syzkaller.53SCZU/284/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./284/binderfs") = 0 [pid 343] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6028 attached [pid 6028] set_robust_list(0x555584fcf660, 24) = 0 [pid 6024] <... mount resumed>) = 0 [pid 6028] chdir("./282" [pid 6024] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6028] <... chdir resumed>) = 0 [pid 6024] <... openat resumed>) = 3 [pid 6028] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6024] chdir("./bus" [pid 6028] <... prctl resumed>) = 0 [pid 6024] <... chdir resumed>) = 0 [pid 6028] setpgid(0, 0 [pid 6024] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6028] <... setpgid resumed>) = 0 [pid 6028] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6028] write(3, "1000", 4) = 4 [pid 6028] close(3) = 0 [pid 6028] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6028] write(1, "executing program\n", 18executing program ) = 18 [pid 6028] memfd_create("syzkaller", 0) = 3 [pid 6028] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6028] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6028] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6028] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 343] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./284/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./284/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./284/bus" [pid 6028] <... openat resumed>) = 4 [pid 6024] <... openat resumed>) = 4 [pid 343] <... rmdir resumed>) = 0 [pid 6028] ioctl(4, LOOP_SET_FD, 3 [pid 6024] ioctl(4, LOOP_CLR_FD [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3) = 0 [pid 343] rmdir("./284") = 0 [pid 343] mkdir("./285", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6028] <... ioctl resumed>) = 0 [pid 6024] <... ioctl resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 6024] close(4 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6030 [pid 6024] <... close resumed>) = 0 [pid 6028] close(3 [pid 6024] memfd_create("syzkaller", 0 [pid 6028] <... close resumed>) = 0 [pid 6024] <... memfd_create resumed>) = 4 [pid 6028] close(4) = 0 [pid 6024] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6028] mkdir("./bus", 0777) = 0 [pid 6024] <... mmap resumed>) = 0x7f7c475b3000 [pid 6028] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue"./strace-static-x86_64: Process 6030 attached [pid 6030] set_robust_list(0x555584fcf660, 24) = 0 [pid 6030] chdir("./285") = 0 [pid 6030] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6030] setpgid(0, 0) = 0 [pid 6030] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6030] write(3, "1000", 4) = 4 [pid 6030] close(3) = 0 [pid 6030] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6030] write(1, "executing program\n", 18executing program ) = 18 [pid 6030] memfd_create("syzkaller", 0) = 3 [pid 6030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6030] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6030] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6030] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 266.580485][ T6024] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/280/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6030] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6030] close(3) = 0 [pid 6030] close(4) = 0 [pid 6030] mkdir("./bus", 0777) = 0 [pid 6030] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6016] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6028] <... mount resumed>) = 0 [pid 6028] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6028] chdir("./bus") = 0 [pid 6028] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6028] ioctl(4, LOOP_CLR_FD) = 0 [pid 6028] close(4) = 0 [pid 6028] memfd_create("syzkaller", 0) = 4 [pid 6028] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 266.691100][ T6028] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/282/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6017] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6030] <... mount resumed>) = 0 [pid 6030] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6030] chdir("./bus") = 0 [pid 6030] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6030] ioctl(4, LOOP_CLR_FD) = 0 [pid 6030] close(4) = 0 [pid 6030] memfd_create("syzkaller", 0) = 4 [pid 6030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 266.746161][ T6030] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/285/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6024] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6016] <... write resumed>) = 20699119 [pid 6016] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6016] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 6016] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6016] ioctl(5, LOOP_CLR_FD) = 0 [pid 6016] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6016] close(5) = 0 [pid 6016] close(4 [pid 6017] <... write resumed>) = 20699119 [pid 6017] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6017] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 6017] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6017] ioctl(5, LOOP_CLR_FD) = 0 [pid 6017] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6017] close(5) = 0 [pid 6017] close(4 [pid 6028] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6016] <... close resumed>) = 0 [pid 6030] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6016] exit_group(0) = ? [pid 6016] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6016, si_uid=0, si_status=0, si_utime=7, si_stime=10} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./284/binderfs") = 0 [pid 349] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6024] <... write resumed>) = 20699119 [pid 6017] <... close resumed>) = 0 [pid 6024] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6024] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6017] exit_group(0) = ? [pid 6017] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6017, si_uid=0, si_status=0, si_utime=10, si_stime=18} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./284/binderfs") = 0 [pid 348] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6024] <... openat resumed>) = 5 [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./284/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./284/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6024] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", [pid 6024] ioctl(5, LOOP_CLR_FD [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./284/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./284") = 0 [pid 349] mkdir("./285", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6028] <... write resumed>) = 20699119 [pid 6028] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6028] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6030] <... write resumed>) = 20699119 [pid 6030] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6030] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6024] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./284/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./284/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6024] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... openat resumed>) = 4 [pid 6024] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] newfstatat(4, "", [pid 6024] close(5 [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6024] <... close resumed>) = 0 [pid 348] getdents64(4, [pid 6024] close(4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] <... openat resumed>) = 3 [pid 348] getdents64(4, [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 348] close(4 [pid 349] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] rmdir("./284/bus") = 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 6036 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./284") = 0 [pid 348] mkdir("./285", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6037 [pid 6028] <... openat resumed>) = 5 [pid 6028] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6028] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 6037 attached [pid 6037] set_robust_list(0x555584fcf660, 24) = 0 [pid 6037] chdir("./285") = 0 [pid 6037] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6028] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6028] close(5) = 0 [pid 6028] close(4 [pid 6030] <... openat resumed>) = 5 [pid 6030] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6030] ioctl(5, LOOP_CLR_FD./strace-static-x86_64: Process 6036 attached ) = 0 [pid 6036] set_robust_list(0x555584fcf660, 24 [pid 6030] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6036] <... set_robust_list resumed>) = 0 [pid 6030] close(5 [pid 6036] chdir("./285" [pid 6030] <... close resumed>) = 0 [pid 6036] <... chdir resumed>) = 0 [pid 6030] close(4 [pid 6037] <... prctl resumed>) = 0 [pid 6037] setpgid(0, 0) = 0 [pid 6037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6037] write(3, "1000", 4) = 4 [pid 6037] close(3) = 0 [pid 6037] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6037] write(1, "executing program\n", 18) = 18 [pid 6037] memfd_create("syzkaller", 0) = 3 [pid 6037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6036] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6037] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6036] <... prctl resumed>) = 0 [pid 6036] setpgid(0, 0) = 0 [pid 6036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6037] <... write resumed>) = 262144 [pid 6037] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6037] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6037] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6036] <... openat resumed>) = 3 [pid 6037] close(3) = 0 [pid 6037] close(4 [pid 6036] write(3, "1000", 4) = 4 [pid 6036] close(3) = 0 [pid 6036] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6036] write(1, "executing program\n", 18) = 18 [pid 6036] memfd_create("syzkaller", 0) = 3 [pid 6036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6036] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6036] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6036] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6037] <... close resumed>) = 0 [pid 6037] mkdir("./bus", 0777) = 0 [pid 6037] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6036] <... openat resumed>) = 4 [pid 6036] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6036] close(3) = 0 [pid 6036] close(4 [pid 6028] <... close resumed>) = 0 [pid 6037] <... mount resumed>) = 0 [pid 6037] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6037] chdir("./bus") = 0 [pid 6037] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6028] exit_group(0) = ? [pid 6028] +++ exited with 0 +++ [pid 6036] <... close resumed>) = 0 [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6028, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 6036] mkdir("./bus", 0777) = 0 [pid 6036] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 344] <... restart_syscall resumed>) = 0 [pid 6024] <... close resumed>) = 0 [pid 344] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./282/binderfs") = 0 [pid 344] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6024] exit_group(0) = ? [pid 6030] <... close resumed>) = 0 [pid 6030] exit_group(0) = ? [pid 6024] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6024, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 6030] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6030, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 343] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", [pid 6037] <... openat resumed>) = 4 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6037] ioctl(4, LOOP_CLR_FD [pid 343] getdents64(3, [pid 6037] <... ioctl resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6037] close(4 [pid 343] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6037] <... close resumed>) = 0 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... openat resumed>) = 3 [pid 6037] memfd_create("syzkaller", 0 [pid 343] newfstatat(AT_FDCWD, "./285/binderfs", [pid 342] newfstatat(3, "", [pid 6037] <... memfd_create resumed>) = 4 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] unlink("./285/binderfs" [pid 6037] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] <... unlink resumed>) = 0 [pid 343] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./280/binderfs") = 0 [pid 342] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./282/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./282/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./282/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./282") = 0 [pid 344] mkdir("./283", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6036] <... mount resumed>) = 0 [pid 6036] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6036] chdir("./bus") = 0 [ 267.212134][ T6037] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/285/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6036] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6037] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 6037] munmap(0x7f7c475b3000, 138412032) = 0 [ 267.278722][ T6036] ext4 filesystem being mounted at /root/syzkaller.53SCZU/285/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6037] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 344] <... openat resumed>) = 3 [pid 6037] <... openat resumed>) = 5 [pid 6037] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6037] ioctl(5, LOOP_CLR_FD) = 0 [pid 6036] <... openat resumed>) = 4 [pid 6036] ioctl(4, LOOP_CLR_FD) = 0 [pid 343] <... umount2 resumed>) = 0 [pid 6036] close(4 [pid 6037] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6037] close(5 [pid 6036] <... close resumed>) = 0 [pid 344] ioctl(3, LOOP_CLR_FD [pid 342] <... umount2 resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 344] close(3 [pid 6036] memfd_create("syzkaller", 0 [pid 344] <... close resumed>) = 0 [pid 343] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 6044 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6037] <... close resumed>) = 0 [pid 6037] close(4 [pid 343] newfstatat(AT_FDCWD, "./285/bus", [pid 342] newfstatat(AT_FDCWD, "./280/bus", [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6036] <... memfd_create resumed>) = 4 [pid 6036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 343] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./280/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./280/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./285/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] <... openat resumed>) = 4 [pid 343] <... openat resumed>) = 4 [pid 342] newfstatat(4, "", [pid 343] newfstatat(4, "", [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 342] getdents64(4, [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, [pid 342] getdents64(4, [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4 [pid 342] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... close resumed>) = 0 [pid 342] close(4 [pid 343] rmdir("./285/bus" [pid 342] <... close resumed>) = 0 [pid 343] <... rmdir resumed>) = 0 [pid 342] rmdir("./280/bus" [pid 343] getdents64(3, [pid 342] <... rmdir resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 342] getdents64(3, [pid 343] <... close resumed>) = 0 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] rmdir("./285" [pid 342] close(3 [pid 343] <... rmdir resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 342] rmdir("./280" [pid 343] mkdir("./286", 0777 [pid 342] <... rmdir resumed>) = 0 [pid 343] <... mkdir resumed>) = 0 [pid 342] mkdir("./281", 0777./strace-static-x86_64: Process 6044 attached [pid 6044] set_robust_list(0x555584fcf660, 24 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 342] <... mkdir resumed>) = 0 [pid 6044] <... set_robust_list resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6044] chdir("./283") = 0 [pid 6044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6044] setpgid(0, 0 [pid 342] <... openat resumed>) = 3 [pid 343] ioctl(3, LOOP_CLR_FD [pid 342] ioctl(3, LOOP_CLR_FD [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 342] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] close(3 [pid 342] close(3 [pid 343] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6044] <... setpgid resumed>) = 0 [pid 6044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6046 attached ./strace-static-x86_64: Process 6045 attached [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 6045 [pid 6046] set_robust_list(0x555584fcf660, 24 [pid 6044] <... openat resumed>) = 3 [pid 6045] set_robust_list(0x555584fcf660, 24 [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 6046 [pid 6044] write(3, "1000", 4) = 4 [pid 6044] close(3) = 0 [pid 6044] symlink("/dev/binderfs", "./binderfs" [pid 6046] <... set_robust_list resumed>) = 0 [pid 6045] <... set_robust_list resumed>) = 0 [pid 6044] <... symlink resumed>) = 0 [pid 6046] chdir("./281" [pid 6045] chdir("./286"executing program [pid 6044] write(1, "executing program\n", 18) = 18 [pid 6044] memfd_create("syzkaller", 0) = 3 [pid 6044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6046] <... chdir resumed>) = 0 [pid 6045] <... chdir resumed>) = 0 [pid 6044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6046] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6045] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6046] <... prctl resumed>) = 0 [pid 6045] <... prctl resumed>) = 0 [pid 6045] setpgid(0, 0 [pid 6046] setpgid(0, 0) = 0 [pid 6045] <... setpgid resumed>) = 0 [pid 6045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6044] <... write resumed>) = 262144 [pid 6045] <... openat resumed>) = 3 [pid 6044] munmap(0x7f7c475b3000, 138412032 [pid 6046] <... openat resumed>) = 3 [pid 6045] write(3, "1000", 4 [pid 6046] write(3, "1000", 4 [pid 6045] <... write resumed>) = 4 [pid 6044] <... munmap resumed>) = 0 [pid 6044] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6044] ioctl(4, LOOP_SET_FD, 3 [pid 6046] <... write resumed>) = 4 [pid 6045] close(3 [pid 6046] close(3) = 0 [pid 6045] <... close resumed>) = 0 [pid 6046] symlink("/dev/binderfs", "./binderfs" [pid 6045] symlink("/dev/binderfs", "./binderfs" [pid 6046] <... symlink resumed>) = 0 [pid 6046] write(1, "executing program\n", 18 [pid 6045] <... symlink resumed>) = 0 executing program [pid 6046] <... write resumed>) = 18 [pid 6045] write(1, "executing program\n", 18executing program ) = 18 [pid 6046] memfd_create("syzkaller", 0 [pid 6045] memfd_create("syzkaller", 0 [pid 6044] <... ioctl resumed>) = 0 [pid 6044] close(3) = 0 [pid 6044] close(4 [pid 6046] <... memfd_create resumed>) = 3 [pid 6045] <... memfd_create resumed>) = 3 [pid 6046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6046] <... mmap resumed>) = 0x7f7c475b3000 [pid 6045] <... mmap resumed>) = 0x7f7c475b3000 [pid 6046] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6045] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6046] <... write resumed>) = 262144 [pid 6045] <... write resumed>) = 262144 [pid 6046] munmap(0x7f7c475b3000, 138412032 [pid 6045] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6046] <... munmap resumed>) = 0 [pid 6045] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6046] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6045] <... openat resumed>) = 4 [pid 6044] <... close resumed>) = 0 [pid 6046] ioctl(4, LOOP_SET_FD, 3 [pid 6045] ioctl(4, LOOP_SET_FD, 3 [pid 6044] mkdir("./bus", 0777) = 0 [pid 6044] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6046] <... ioctl resumed>) = 0 [pid 6046] close(3) = 0 [pid 6046] close(4 [pid 6045] <... ioctl resumed>) = 0 [pid 6046] <... close resumed>) = 0 [pid 6045] close(3 [pid 6046] mkdir("./bus", 0777 [pid 6045] <... close resumed>) = 0 [pid 6046] <... mkdir resumed>) = 0 [pid 6045] close(4 [pid 6046] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6037] <... close resumed>) = 0 [pid 6037] exit_group(0) = ? [pid 6037] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6037, si_uid=0, si_status=0, si_utime=3, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./285/binderfs") = 0 [pid 348] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6044] <... mount resumed>) = 0 [pid 6044] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6044] chdir("./bus") = 0 [pid 6044] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6045] <... close resumed>) = 0 [pid 6045] mkdir("./bus", 0777) = 0 [pid 6045] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6036] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6046] <... mount resumed>) = 0 [pid 6046] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6046] chdir("./bus") = 0 [pid 6046] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6036] <... write resumed>) = 20699119 [pid 6036] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6036] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6044] <... openat resumed>) = 4 [pid 6044] ioctl(4, LOOP_CLR_FD) = 0 [pid 6044] close(4 [pid 6046] <... openat resumed>) = 4 [pid 6044] <... close resumed>) = 0 [pid 6044] memfd_create("syzkaller", 0) = 4 [pid 6044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6046] ioctl(4, LOOP_CLR_FD [pid 348] <... umount2 resumed>) = 0 [pid 348] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 267.488349][ T6044] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/283/bus supports timestamps until (%ptR?) (0x7fffffff) [ 267.518333][ T6046] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/281/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 348] newfstatat(AT_FDCWD, "./285/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./285/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6046] <... ioctl resumed>) = 0 [pid 6036] <... openat resumed>) = 5 [pid 348] getdents64(4, [pid 6046] close(4 [pid 6036] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 6036] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] getdents64(4, [pid 6036] ioctl(5, LOOP_CLR_FD [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./285/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./285") = 0 [pid 348] mkdir("./286", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6055 [pid 6046] <... close resumed>) = 0 [pid 6036] <... ioctl resumed>) = 0 [pid 6046] memfd_create("syzkaller", 0) = 4 ./strace-static-x86_64: Process 6055 attached [pid 6046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6055] set_robust_list(0x555584fcf660, 24) = 0 [pid 6036] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6055] chdir("./286" [pid 6036] close(5 [pid 6055] <... chdir resumed>) = 0 [pid 6036] <... close resumed>) = 0 [pid 6036] close(4 [pid 6055] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6055] setpgid(0, 0) = 0 [pid 6055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6055] write(3, "1000", 4) = 4 [pid 6055] close(3) = 0 [pid 6055] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6055] write(1, "executing program\n", 18executing program ) = 18 [pid 6055] memfd_create("syzkaller", 0) = 3 [pid 6055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6055] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6055] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6055] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6055] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6045] <... mount resumed>) = 0 [pid 6045] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6045] chdir("./bus") = 0 [pid 6045] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6055] close(3 [pid 6045] ioctl(4, LOOP_CLR_FD) = 0 [pid 6055] <... close resumed>) = 0 [pid 6045] close(4 [pid 6055] close(4) = 0 [pid 6055] mkdir("./bus", 0777) = 0 [pid 6045] <... close resumed>) = 0 [pid 6055] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6045] memfd_create("syzkaller", 0) = 4 [pid 6045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6036] <... close resumed>) = 0 [pid 6036] exit_group(0) = ? [pid 6036] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6036, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 349] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./285/binderfs") = 0 [ 267.642530][ T6045] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/286/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6055] <... mount resumed>) = 0 [pid 6055] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6055] chdir("./bus") = 0 [pid 6055] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6044] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6055] <... openat resumed>) = 4 [pid 349] <... umount2 resumed>) = 0 [pid 6055] ioctl(4, LOOP_CLR_FD) = 0 [pid 349] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6055] close(4 [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./285/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./285/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6055] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./285/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 6055] memfd_create("syzkaller", 0 [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./285") = 0 [pid 349] mkdir("./286", 0777 [pid 6055] <... memfd_create resumed>) = 4 [pid 349] <... mkdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 6060 [pid 6055] <... mmap resumed>) = 0x7f7c475b3000 ./strace-static-x86_64: Process 6060 attached [pid 6060] set_robust_list(0x555584fcf660, 24) = 0 [pid 6060] chdir("./286") = 0 [pid 6060] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 267.718241][ T6055] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/286/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6060] setpgid(0, 0) = 0 [pid 6060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6060] write(3, "1000", 4) = 4 [pid 6060] close(3 [pid 6046] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6060] <... close resumed>) = 0 [pid 6060] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6060] write(1, "executing program\n", 18executing program ) = 18 [pid 6060] memfd_create("syzkaller", 0) = 3 [pid 6060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6060] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6060] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6060] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6060] close(3) = 0 [pid 6060] close(4) = 0 [pid 6060] mkdir("./bus", 0777) = 0 [pid 6060] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6045] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6046] <... write resumed>) = 20699119 [pid 6044] <... write resumed>) = 20699119 [pid 6044] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6060] <... mount resumed>) = 0 [pid 6060] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6060] chdir("./bus") = 0 [pid 6060] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6060] ioctl(4, LOOP_CLR_FD) = 0 [pid 6060] close(4 [pid 6046] munmap(0x7f7c475b3000, 138412032 [pid 6060] <... close resumed>) = 0 [pid 6060] memfd_create("syzkaller", 0) = 4 [pid 6044] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 6060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6044] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6044] ioctl(5, LOOP_CLR_FD) = 0 [pid 6046] <... munmap resumed>) = 0 [pid 6044] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6044] close(5 [pid 6046] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 6046] ioctl(5, LOOP_SET_FD, 4 [pid 6044] <... close resumed>) = 0 [pid 6046] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6044] close(4 [pid 6046] ioctl(5, LOOP_CLR_FD) = 0 [pid 6046] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6046] close(5) = 0 [pid 6046] close(4 [ 267.923622][ T6060] ext4 filesystem being mounted at /root/syzkaller.53SCZU/286/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6055] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6046] <... close resumed>) = 0 [pid 6046] exit_group(0) = ? [pid 6046] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6046, si_uid=0, si_status=0, si_utime=6, si_stime=10} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 6044] <... close resumed>) = 0 [pid 6044] exit_group(0) = ? [pid 6044] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6044, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 344] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 342] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 344] newfstatat(3, "", [pid 342] newfstatat(3, "", [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, [pid 342] getdents64(3, [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./283/binderfs", [pid 342] newfstatat(AT_FDCWD, "./281/binderfs", [pid 344] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./283/binderfs" [pid 342] unlink("./281/binderfs" [pid 344] <... unlink resumed>) = 0 [pid 342] <... unlink resumed>) = 0 [pid 344] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6055] <... write resumed>) = 20699119 [pid 6055] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6045] <... write resumed>) = 20699119 [pid 6045] munmap(0x7f7c475b3000, 138412032 [pid 6055] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6045] <... munmap resumed>) = 0 [pid 6045] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6060] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 342] <... umount2 resumed>) = 0 [pid 342] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./281/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./281/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./281/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./281/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./281") = 0 [pid 342] mkdir("./282", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6060] <... write resumed>) = 20699119 [pid 6060] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6060] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6055] <... openat resumed>) = 5 [pid 6055] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6055] ioctl(5, LOOP_CLR_FD) = 0 [pid 6060] <... openat resumed>) = 5 [pid 6045] <... openat resumed>) = 5 [pid 344] <... umount2 resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3 [pid 6060] ioctl(5, LOOP_SET_FD, 4 [pid 6045] ioctl(5, LOOP_SET_FD, 4 [pid 344] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 342] <... close resumed>) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6055] ioctl(5, LOOP_SET_FD, 4 [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... clone resumed>, child_tidptr=0x555584fcf650) = 6064 ./strace-static-x86_64: Process 6064 attached [pid 6064] set_robust_list(0x555584fcf660, 24) = 0 [pid 6064] chdir("./282") = 0 [pid 6064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6064] setpgid(0, 0) = 0 [pid 6064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6055] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] newfstatat(AT_FDCWD, "./283/bus", [pid 6064] <... openat resumed>) = 3 [pid 6064] write(3, "1000", 4) = 4 [pid 6064] close(3) = 0 [pid 6064] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6064] write(1, "executing program\n", 18executing program ) = 18 [pid 6064] memfd_create("syzkaller", 0) = 3 [pid 6064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6055] close(5) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6055] close(4 [pid 344] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6064] <... mmap resumed>) = 0x7f7c475b3000 [pid 6064] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6064] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6064] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6064] close(3) = 0 [pid 6064] close(4 [pid 6060] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6060] ioctl(5, LOOP_CLR_FD [pid 6045] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6045] ioctl(5, LOOP_CLR_FD [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./283/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./283/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./283") = 0 [pid 344] mkdir("./284", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6055] <... close resumed>) = 0 [pid 6055] exit_group(0) = ? [pid 6055] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6055, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6064] <... close resumed>) = 0 [pid 6060] <... ioctl resumed>) = 0 [pid 6045] <... ioctl resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 6064] mkdir("./bus", 0777 [pid 344] ioctl(3, LOOP_CLR_FD [pid 6064] <... mkdir resumed>) = 0 [pid 348] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6064] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] close(3 [pid 348] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... close resumed>) = 0 [pid 348] <... openat resumed>) = 3 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 6066 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./286/binderfs", [pid 6060] ioctl(5, LOOP_SET_FD, 4 [pid 6045] ioctl(5, LOOP_SET_FD, 4 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6060] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6045] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] unlink("./286/binderfs" [pid 6060] close(5 [pid 6045] close(5 [pid 348] <... unlink resumed>) = 0 [pid 6060] <... close resumed>) = 0 [pid 6045] <... close resumed>) = 0 [pid 348] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6060] close(4 [pid 6045] close(4./strace-static-x86_64: Process 6066 attached [pid 6066] set_robust_list(0x555584fcf660, 24) = 0 [pid 6066] chdir("./284") = 0 [pid 6066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6066] setpgid(0, 0) = 0 [pid 6066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6066] write(3, "1000", 4) = 4 [pid 6066] close(3) = 0 [pid 6066] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6064] <... mount resumed>) = 0 [pid 6066] write(1, "executing program\n", 18executing program [pid 6064] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6066] <... write resumed>) = 18 [pid 6064] <... openat resumed>) = 3 [pid 6066] memfd_create("syzkaller", 0 [pid 6064] chdir("./bus" [pid 6066] <... memfd_create resumed>) = 3 [pid 6064] <... chdir resumed>) = 0 [pid 6064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6066] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6066] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6064] <... openat resumed>) = 4 [pid 348] <... umount2 resumed>) = 0 [pid 6066] ioctl(4, LOOP_SET_FD, 3 [pid 6064] ioctl(4, LOOP_CLR_FD [pid 348] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./286/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./286/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./286/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3 [pid 6066] <... ioctl resumed>) = 0 [pid 6064] <... ioctl resumed>) = 0 [pid 6066] close(3 [pid 348] <... close resumed>) = 0 [pid 6064] close(4 [pid 6066] <... close resumed>) = 0 [pid 6064] <... close resumed>) = 0 [pid 348] rmdir("./286" [pid 6066] close(4 [pid 6064] memfd_create("syzkaller", 0) = 4 [pid 348] <... rmdir resumed>) = 0 [pid 6064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 348] mkdir("./287", 0777 [pid 6064] <... mmap resumed>) = 0x7f7c475b3000 [pid 348] <... mkdir resumed>) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6060] <... close resumed>) = 0 [pid 6060] exit_group(0) = ? [pid 6060] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6060, si_uid=0, si_status=0, si_utime=3, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 6066] <... close resumed>) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 6066] mkdir("./bus", 0777) = 0 [pid 6066] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6045] <... close resumed>) = 0 [pid 349] unlink("./286/binderfs") = 0 [pid 349] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6045] exit_group(0) = ? [pid 6045] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6045, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [ 268.262295][ T6064] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/282/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 343] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./286/binderfs") = 0 [pid 343] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... openat resumed>) = 3 [pid 348] ioctl(3, LOOP_CLR_FD [pid 6064] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6066] <... mount resumed>) = 0 [pid 6066] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6066] chdir("./bus") = 0 [pid 6066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6064] <... write resumed>) = 20699119 [pid 6064] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6064] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 348] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6064] <... openat resumed>) = 5 [pid 6064] ioctl(5, LOOP_SET_FD, 4 [pid 348] close(3 [pid 343] <... umount2 resumed>) = 0 [pid 6064] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6064] ioctl(5, LOOP_CLR_FD) = 0 [pid 6066] <... openat resumed>) = 4 [pid 6066] ioctl(4, LOOP_CLR_FD) = 0 [pid 6066] close(4) = 0 [pid 6066] memfd_create("syzkaller", 0 [pid 6064] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6064] close(5) = 0 [pid 6064] close(4 [pid 348] <... close resumed>) = 0 [pid 349] <... umount2 resumed>) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6066] <... memfd_create resumed>) = 4 [pid 349] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 6072 [pid 343] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./286/bus", [pid 343] newfstatat(AT_FDCWD, "./286/bus", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./286/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] openat(AT_FDCWD, "./286/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] <... openat resumed>) = 4 [pid 343] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", [pid 343] newfstatat(4, "", [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, [pid 343] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, [pid 343] getdents64(4, [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4 [pid 343] close(4 [pid 349] <... close resumed>) = 0 [pid 343] <... close resumed>) = 0 [pid 349] rmdir("./286/bus" [pid 343] rmdir("./286/bus" [pid 6066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... rmdir resumed>) = 0 [pid 6066] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] <... rmdir resumed>) = 0 [pid 349] getdents64(3, [pid 343] getdents64(3, [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3 [pid 343] close(3 [pid 349] <... close resumed>) = 0 [pid 349] rmdir("./286" [pid 343] <... close resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 343] rmdir("./286" [pid 349] mkdir("./287", 0777 [pid 343] <... rmdir resumed>) = 0 [pid 349] <... mkdir resumed>) = 0 [pid 343] mkdir("./287", 0777 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 343] <... mkdir resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 349] ioctl(3, LOOP_CLR_FD [pid 343] <... openat resumed>) = 3 [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 343] ioctl(3, LOOP_CLR_FD [pid 349] close(3 [pid 343] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 349] <... close resumed>) = 0 [pid 343] close(3 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 343] <... close resumed>) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 6073 [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 6074 ./strace-static-x86_64: Process 6073 attached [ 268.398801][ T6066] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/284/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6073] set_robust_list(0x555584fcf660, 24./strace-static-x86_64: Process 6072 attached ./strace-static-x86_64: Process 6074 attached [pid 6074] set_robust_list(0x555584fcf660, 24 [pid 6072] set_robust_list(0x555584fcf660, 24 [pid 6074] <... set_robust_list resumed>) = 0 [pid 6072] <... set_robust_list resumed>) = 0 [pid 6074] chdir("./287" [pid 6072] chdir("./287" [pid 6074] <... chdir resumed>) = 0 [pid 6072] <... chdir resumed>) = 0 [pid 6074] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6072] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6074] <... prctl resumed>) = 0 [pid 6072] <... prctl resumed>) = 0 [pid 6074] setpgid(0, 0) = 0 [pid 6072] setpgid(0, 0 [pid 6073] <... set_robust_list resumed>) = 0 [pid 6074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6072] <... setpgid resumed>) = 0 [pid 6073] chdir("./287" [pid 6074] <... openat resumed>) = 3 [pid 6074] write(3, "1000", 4 [pid 6072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6074] <... write resumed>) = 4 [pid 6074] close(3 [pid 6072] <... openat resumed>) = 3 [pid 6074] <... close resumed>) = 0 [pid 6072] write(3, "1000", 4 [pid 6074] symlink("/dev/binderfs", "./binderfs" [pid 6072] <... write resumed>) = 4 executing program [pid 6072] close(3 [pid 6074] <... symlink resumed>) = 0 [pid 6072] <... close resumed>) = 0 [pid 6074] write(1, "executing program\n", 18 [pid 6072] symlink("/dev/binderfs", "./binderfs"executing program [pid 6074] <... write resumed>) = 18 [pid 6072] <... symlink resumed>) = 0 [pid 6074] memfd_create("syzkaller", 0 [pid 6072] write(1, "executing program\n", 18 [pid 6074] <... memfd_create resumed>) = 3 [pid 6072] <... write resumed>) = 18 [pid 6074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6072] memfd_create("syzkaller", 0 [pid 6073] <... chdir resumed>) = 0 [pid 6073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6073] setpgid(0, 0) = 0 [pid 6073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6072] <... memfd_create resumed>) = 3 [pid 6073] <... openat resumed>) = 3 [pid 6074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6074] <... write resumed>) = 262144 [pid 6073] write(3, "1000", 4) = 4 [pid 6073] close(3) = 0 [pid 6073] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6073] write(1, "executing program\n", 18executing program ) = 18 [pid 6072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6074] munmap(0x7f7c475b3000, 138412032 [pid 6073] memfd_create("syzkaller", 0) = 3 [pid 6073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6073] munmap(0x7f7c475b3000, 138412032 [pid 6072] <... write resumed>) = 262144 [pid 6074] <... munmap resumed>) = 0 [pid 6072] munmap(0x7f7c475b3000, 138412032 [pid 6073] <... munmap resumed>) = 0 [pid 6073] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6073] ioctl(4, LOOP_SET_FD, 3 [pid 6072] <... munmap resumed>) = 0 [pid 6074] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6072] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6073] <... ioctl resumed>) = 0 [pid 6073] close(3) = 0 [pid 6073] close(4 [pid 6072] <... openat resumed>) = 4 [pid 6073] <... close resumed>) = 0 [pid 6073] mkdir("./bus", 0777) = 0 [pid 6073] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6074] <... openat resumed>) = 4 [pid 6074] ioctl(4, LOOP_SET_FD, 3 [pid 6072] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6072] close(3) = 0 [pid 6072] close(4 [pid 6074] <... ioctl resumed>) = 0 [pid 6074] close(3 [pid 6072] <... close resumed>) = 0 [pid 6074] <... close resumed>) = 0 [pid 6072] mkdir("./bus", 0777 [pid 6074] close(4 [pid 6072] <... mkdir resumed>) = 0 [pid 6072] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6073] <... mount resumed>) = 0 [pid 6073] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6073] chdir("./bus") = 0 [pid 6073] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6064] <... close resumed>) = 0 [pid 6064] exit_group(0) = ? [pid 6064] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6064, si_uid=0, si_status=0, si_utime=5, si_stime=9} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./282/binderfs") = 0 [pid 342] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6074] <... close resumed>) = 0 [pid 6073] <... openat resumed>) = 4 [pid 6074] mkdir("./bus", 0777 [pid 6073] ioctl(4, LOOP_CLR_FD [pid 6074] <... mkdir resumed>) = 0 [pid 6073] <... ioctl resumed>) = 0 [pid 6066] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6073] close(4 [pid 6074] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6072] <... mount resumed>) = 0 [pid 6072] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6072] chdir("./bus") = 0 [ 268.557691][ T6073] ext4 filesystem being mounted at /root/syzkaller.53SCZU/287/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6072] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6073] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 6073] memfd_create("syzkaller", 0 [pid 342] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6073] <... memfd_create resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] newfstatat(AT_FDCWD, "./282/bus", [pid 6073] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6066] <... write resumed>) = 20699119 [pid 6072] <... openat resumed>) = 4 [pid 342] umount2("./282/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6072] ioctl(4, LOOP_CLR_FD [pid 6066] munmap(0x7f7c475b3000, 138412032 [pid 6072] <... ioctl resumed>) = 0 [pid 6072] close(4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6072] <... close resumed>) = 0 [pid 342] openat(AT_FDCWD, "./282/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./282/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./282") = 0 [pid 342] mkdir("./283", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6083 [pid 6072] memfd_create("syzkaller", 0) = 4 [pid 6072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 ./strace-static-x86_64: Process 6083 attached [pid 6083] set_robust_list(0x555584fcf660, 24) = 0 [pid 6083] chdir("./283") = 0 [pid 6083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6083] setpgid(0, 0) = 0 [pid 6083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6083] write(3, "1000", 4) = 4 [pid 6083] close(3) = 0 [pid 6083] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6083] write(1, "executing program\n", 18executing program ) = 18 [pid 6083] memfd_create("syzkaller", 0) = 3 [pid 6083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6083] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6083] ioctl(4, LOOP_SET_FD, 3 [pid 6066] <... munmap resumed>) = 0 [ 268.612547][ T6072] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/287/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6066] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6083] <... ioctl resumed>) = 0 [pid 6083] close(3) = 0 [pid 6083] close(4) = 0 [pid 6083] mkdir("./bus", 0777) = 0 [pid 6066] <... openat resumed>) = 5 [pid 6066] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6066] ioctl(5, LOOP_CLR_FD) = 0 [pid 6083] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6066] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6066] close(5) = 0 [pid 6074] <... mount resumed>) = 0 [pid 6074] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6074] chdir("./bus") = 0 [pid 6074] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6074] ioctl(4, LOOP_CLR_FD) = 0 [pid 6074] close(4) = 0 [pid 6074] memfd_create("syzkaller", 0) = 4 [pid 6074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6066] close(4) = 0 [pid 6083] <... mount resumed>) = 0 [pid 6066] exit_group(0) = ? [pid 6083] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6083] chdir("./bus" [pid 6066] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6066, si_uid=0, si_status=0, si_utime=4, si_stime=10} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 6083] <... chdir resumed>) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6083] ioctl(4, LOOP_CLR_FD) = 0 [pid 6083] close(4) = 0 [pid 6083] memfd_create("syzkaller", 0) = 4 [pid 6083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 344] <... restart_syscall resumed>) = 0 [pid 344] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 268.703202][ T6074] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/287/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./284/binderfs") = 0 [pid 344] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6072] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./284/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./284/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./284/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./284") = 0 [pid 344] mkdir("./285", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 344] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 344] close(3) = 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6088 ./strace-static-x86_64: Process 6088 attached [pid 6088] set_robust_list(0x555584fcf660, 24) = 0 [pid 6088] chdir("./285") = 0 [pid 6088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6088] setpgid(0, 0) = 0 [ 268.767912][ T6083] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/283/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6088] write(3, "1000", 4) = 4 [pid 6088] close(3) = 0 [pid 6088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6088] write(1, "executing program\n", 18executing program ) = 18 [pid 6088] memfd_create("syzkaller", 0) = 3 [pid 6088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6088] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6088] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6088] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6088] close(3) = 0 [pid 6088] close(4) = 0 [pid 6088] mkdir("./bus", 0777) = 0 [pid 6088] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6073] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6088] <... mount resumed>) = 0 [pid 6088] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6088] chdir("./bus") = 0 [pid 6088] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6088] ioctl(4, LOOP_CLR_FD) = 0 [pid 6088] close(4) = 0 [pid 6088] memfd_create("syzkaller", 0) = 4 [pid 6088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 268.907454][ T6088] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/285/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6074] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6083] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6072] <... write resumed>) = 20699119 [pid 6072] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6072] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 6072] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6072] ioctl(5, LOOP_CLR_FD) = 0 [pid 6072] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6072] close(5) = 0 [pid 6072] close(4 [pid 6073] <... write resumed>) = 20699119 [pid 6073] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6073] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 6073] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6073] ioctl(5, LOOP_CLR_FD) = 0 [pid 6073] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6073] close(5) = 0 [pid 6073] close(4 [pid 6088] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6072] <... close resumed>) = 0 [pid 6072] exit_group(0) = ? [pid 6072] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6072, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 6074] <... write resumed>) = 20699119 [pid 6074] munmap(0x7f7c475b3000, 138412032) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 348] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./287/binderfs", [pid 6074] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6074] <... openat resumed>) = 5 [pid 348] unlink("./287/binderfs" [pid 6074] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 348] <... unlink resumed>) = 0 [pid 6074] ioctl(5, LOOP_CLR_FD [pid 348] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6074] <... ioctl resumed>) = 0 [pid 6074] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6074] close(5 [pid 6073] <... close resumed>) = 0 [pid 6083] <... write resumed>) = 20699119 [pid 6073] exit_group(0) = ? [pid 6073] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6073, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 6083] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./287/binderfs") = 0 [pid 349] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6074] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 6074] close(4 [pid 348] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./287/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./287/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./287/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./287") = 0 [pid 348] mkdir("./288", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6092 [pid 6083] <... openat resumed>) = 5 [pid 6083] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6083] ioctl(5, LOOP_CLR_FD./strace-static-x86_64: Process 6092 attached [pid 6092] set_robust_list(0x555584fcf660, 24) = 0 [pid 6092] chdir("./288") = 0 [pid 6092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6092] setpgid(0, 0) = 0 [pid 6092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6092] write(3, "1000", 4) = 4 [pid 6092] close(3) = 0 [pid 6092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6092] write(1, "executing program\n", 18executing program [pid 6088] <... write resumed>) = 20699119 [pid 6092] <... write resumed>) = 18 [pid 6092] memfd_create("syzkaller", 0) = 3 [pid 6092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6092] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6088] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6088] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6074] <... close resumed>) = 0 [pid 6074] exit_group(0) = ? [pid 6074] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6074, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 349] <... umount2 resumed>) = 0 [pid 349] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./287/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./287/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... restart_syscall resumed>) = 0 [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] getdents64(4, [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6083] <... ioctl resumed>) = 0 [pid 6092] <... openat resumed>) = 4 [pid 6088] <... openat resumed>) = 5 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 349] getdents64(4, [pid 343] <... openat resumed>) = 3 [pid 349] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] newfstatat(3, "", [pid 349] close(4 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] <... close resumed>) = 0 [pid 343] getdents64(3, [pid 6092] ioctl(4, LOOP_SET_FD, 3 [pid 6083] ioctl(5, LOOP_SET_FD, 4 [pid 349] rmdir("./287/bus" [pid 6088] ioctl(5, LOOP_SET_FD, 4 [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 6088] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6083] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] <... rmdir resumed>) = 0 [pid 343] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6083] close(5 [pid 349] getdents64(3, [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] newfstatat(AT_FDCWD, "./287/binderfs", [pid 349] close(3 [pid 343] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] <... close resumed>) = 0 [pid 343] unlink("./287/binderfs" [pid 6088] ioctl(5, LOOP_CLR_FD [pid 349] rmdir("./287" [pid 343] <... unlink resumed>) = 0 [pid 349] <... rmdir resumed>) = 0 [pid 343] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] mkdir("./288", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6092] <... ioctl resumed>) = 0 [pid 6083] <... close resumed>) = 0 [pid 6083] close(4 [pid 6092] close(3 [pid 6088] <... ioctl resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 349] ioctl(3, LOOP_CLR_FD [pid 6092] <... close resumed>) = 0 [pid 6092] close(4 [pid 6088] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6088] close(5 [pid 6083] <... close resumed>) = 0 [pid 6083] exit_group(0) = ? [pid 343] <... umount2 resumed>) = 0 [pid 6092] <... close resumed>) = 0 [pid 6092] mkdir("./bus", 0777) = 0 [pid 6092] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6088] <... close resumed>) = 0 [pid 349] close(3 [pid 343] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 349] <... close resumed>) = 0 [pid 6088] close(4 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6094 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./287/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] umount2("./287/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] openat(AT_FDCWD, "./287/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 343] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./287/bus") = 0 [pid 6083] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6083, si_uid=0, si_status=0, si_utime=5, si_stime=10} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 343] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 343] close(3 [pid 342] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./283/binderfs"./strace-static-x86_64: Process 6094 attached [pid 343] rmdir("./287" [pid 342] <... unlink resumed>) = 0 [pid 342] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6094] set_robust_list(0x555584fcf660, 24 [pid 343] <... rmdir resumed>) = 0 [pid 6094] <... set_robust_list resumed>) = 0 [pid 343] mkdir("./288", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6094] chdir("./288") = 0 [pid 6094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6094] setpgid(0, 0) = 0 [pid 6094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6094] write(3, "1000", 4) = 4 [pid 6094] close(3) = 0 [pid 6094] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6094] write(1, "executing program\n", 18executing program ) = 18 [pid 6094] memfd_create("syzkaller", 0) = 3 [pid 6094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6094] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6092] <... mount resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 342] <... umount2 resumed>) = 0 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... clone resumed>, child_tidptr=0x555584fcf650) = 6097 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./283/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./283/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6094] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./283/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./283/bus" [pid 6094] ioctl(4, LOOP_SET_FD, 3 [pid 342] <... rmdir resumed>) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./283") = 0 [pid 342] mkdir("./284", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6092] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6094] <... ioctl resumed>) = 0 [pid 342] <... openat resumed>) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6099 [pid 6094] close(3) = 0 [pid 6094] close(4 [pid 6092] <... openat resumed>) = 3 [pid 6092] chdir("./bus") = 0 [pid 6092] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 6097 attached [pid 6097] set_robust_list(0x555584fcf660, 24) = 0 [pid 6097] chdir("./288") = 0 [pid 6097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 6099 attached [pid 6099] set_robust_list(0x555584fcf660, 24) = 0 [pid 6099] chdir("./284") = 0 [pid 6099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6099] setpgid(0, 0) = 0 [pid 6099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6097] setpgid(0, 0 [pid 6099] <... openat resumed>) = 3 [pid 6099] write(3, "1000", 4) = 4 [pid 6097] <... setpgid resumed>) = 0 [pid 6099] close(3) = 0 [pid 6099] symlink("/dev/binderfs", "./binderfs" [pid 6097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6099] <... symlink resumed>) = 0 [pid 6099] write(1, "executing program\n", 18executing program [pid 6097] <... openat resumed>) = 3 [pid 6099] <... write resumed>) = 18 [pid 6099] memfd_create("syzkaller", 0 [pid 6097] write(3, "1000", 4) = 4 [pid 6099] <... memfd_create resumed>) = 3 [pid 6099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6097] close(3) = 0 [pid 6097] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6097] write(1, "executing program\n", 18) = 18 [pid 6097] memfd_create("syzkaller", 0) = 3 [pid 6097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6099] <... write resumed>) = 262144 [pid 6099] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6099] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6097] <... write resumed>) = 262144 [pid 6097] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6097] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6088] <... close resumed>) = 0 [pid 6088] exit_group(0) = ? [pid 6088] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6088, si_uid=0, si_status=0, si_utime=9, si_stime=12} --- [pid 344] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 344] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 344] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] unlink("./285/binderfs") = 0 [pid 344] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6094] <... close resumed>) = 0 [pid 6094] mkdir("./bus", 0777) = 0 [pid 6094] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6092] <... openat resumed>) = 4 [pid 6092] ioctl(4, LOOP_CLR_FD) = 0 [pid 6092] close(4) = 0 [pid 6092] memfd_create("syzkaller", 0) = 4 [pid 6092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6099] <... openat resumed>) = 4 [pid 6097] <... openat resumed>) = 4 [pid 6097] ioctl(4, LOOP_SET_FD, 3 [pid 6099] ioctl(4, LOOP_SET_FD, 3 [pid 6094] <... mount resumed>) = 0 [pid 6094] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6094] chdir("./bus") = 0 [ 269.343573][ T6092] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/288/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./285/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./285/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./285/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./285") = 0 [pid 344] mkdir("./286", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6097] <... ioctl resumed>) = 0 [pid 6097] close(3) = 0 [pid 6097] close(4 [pid 6099] <... ioctl resumed>) = 0 [pid 6099] close(3) = 0 [pid 6099] close(4 [pid 6094] <... openat resumed>) = 4 [pid 6092] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 344] <... openat resumed>) = 3 [pid 344] ioctl(3, LOOP_CLR_FD [pid 6094] ioctl(4, LOOP_CLR_FD [pid 6092] <... write resumed>) = 20699119 [pid 6092] munmap(0x7f7c475b3000, 138412032) = 0 [ 269.417992][ T6094] ext4 filesystem being mounted at /root/syzkaller.53SCZU/288/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6097] <... close resumed>) = 0 [pid 6097] mkdir("./bus", 0777) = 0 [pid 6097] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6099] <... close resumed>) = 0 [pid 6094] <... ioctl resumed>) = 0 [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6099] mkdir("./bus", 0777 [pid 6094] close(4 [pid 344] close(3 [pid 6099] <... mkdir resumed>) = 0 [pid 6094] <... close resumed>) = 0 [pid 344] <... close resumed>) = 0 [pid 6099] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6094] memfd_create("syzkaller", 0 [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6094] <... memfd_create resumed>) = 4 [pid 6094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 6104 [pid 6094] <... mmap resumed>) = 0x7f7c475b3000 ./strace-static-x86_64: Process 6104 attached [pid 6092] <... openat resumed>) = 5 [pid 6104] set_robust_list(0x555584fcf660, 24) = 0 [pid 6092] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6092] ioctl(5, LOOP_CLR_FD) = 0 [pid 6092] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6092] close(5) = 0 [pid 6104] chdir("./286") = 0 [pid 6104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6104] setpgid(0, 0 [pid 6092] close(4 [pid 6104] <... setpgid resumed>) = 0 [pid 6104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6104] write(3, "1000", 4) = 4 [pid 6104] close(3) = 0 [pid 6104] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6104] write(1, "executing program\n", 18) = 18 [pid 6104] memfd_create("syzkaller", 0) = 3 [pid 6104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6104] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6104] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6104] ioctl(4, LOOP_SET_FD, 3 [pid 6099] <... mount resumed>) = 0 [pid 6097] <... mount resumed>) = 0 [pid 6099] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6097] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6099] chdir("./bus") = 0 [pid 6097] chdir("./bus") = 0 [pid 6099] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6097] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6104] <... ioctl resumed>) = 0 [pid 6099] <... openat resumed>) = 4 [pid 6097] <... openat resumed>) = 4 [pid 6104] close(3) = 0 [pid 6104] close(4 [pid 6099] ioctl(4, LOOP_CLR_FD [pid 6097] ioctl(4, LOOP_CLR_FD [pid 6094] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6092] <... close resumed>) = 0 [pid 6092] exit_group(0) = ? [pid 6092] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6092, si_uid=0, si_status=0, si_utime=4, si_stime=9} --- [pid 348] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 348] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 348] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./288/binderfs") = 0 [pid 348] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6104] <... close resumed>) = 0 [pid 6099] <... ioctl resumed>) = 0 [pid 6097] <... ioctl resumed>) = 0 [pid 6094] <... write resumed>) = 20699119 [pid 6104] mkdir("./bus", 0777 [pid 6094] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 6094] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6094] ioctl(5, LOOP_CLR_FD) = 0 [pid 6099] close(4) = 0 [pid 6099] memfd_create("syzkaller", 0) = 4 [pid 6099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6097] close(4 [pid 6099] <... mmap resumed>) = 0x7f7c475b3000 [pid 6104] <... mkdir resumed>) = 0 [pid 6104] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6094] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [ 269.609988][ T6099] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/284/bus supports timestamps until (%ptR?) (0x7fffffff) [ 269.623716][ T6097] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/288/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6094] close(5 [pid 6097] <... close resumed>) = 0 [pid 6097] memfd_create("syzkaller", 0) = 4 [pid 6097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6099] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6094] <... close resumed>) = 0 [pid 348] <... umount2 resumed>) = 0 [pid 6094] close(4 [pid 348] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./288/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 348] openat(AT_FDCWD, "./288/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 348] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 348] close(4) = 0 [pid 348] rmdir("./288/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./288") = 0 [pid 348] mkdir("./289", 0777) = 0 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6112 ./strace-static-x86_64: Process 6112 attached [pid 6112] set_robust_list(0x555584fcf660, 24) = 0 [pid 6112] chdir("./289") = 0 [pid 6112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6112] setpgid(0, 0) = 0 [pid 6112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 6112] write(3, "1000", 4) = 4 [pid 6112] close(3) = 0 [pid 6112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6112] write(1, "executing program\n", 18) = 18 [pid 6112] memfd_create("syzkaller", 0) = 3 [pid 6112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6112] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6112] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6112] ioctl(4, LOOP_SET_FD, 3 [pid 6104] <... mount resumed>) = 0 [pid 6104] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6104] chdir("./bus") = 0 [pid 6104] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6112] <... ioctl resumed>) = 0 [pid 6112] close(3) = 0 [pid 6112] close(4) = 0 [pid 6112] mkdir("./bus", 0777) = 0 [pid 6112] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6104] <... openat resumed>) = 4 [pid 6104] ioctl(4, LOOP_CLR_FD) = 0 [pid 6104] close(4) = 0 [pid 6104] memfd_create("syzkaller", 0) = 4 [pid 6104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6112] <... mount resumed>) = 0 [pid 6112] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6112] chdir("./bus") = 0 [pid 6112] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6112] ioctl(4, LOOP_CLR_FD) = 0 [pid 6112] close(4) = 0 [pid 6112] memfd_create("syzkaller", 0) = 4 [pid 6112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 269.849894][ T6104] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/286/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6099] <... write resumed>) = 20699119 [pid 6097] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6094] <... close resumed>) = 0 [pid 6099] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6094] exit_group(0 [pid 6099] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6094] <... exit_group resumed>) = ? [pid 6094] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6094, si_uid=0, si_status=0, si_utime=5, si_stime=11} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 6099] <... openat resumed>) = 5 [pid 6099] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6099] ioctl(5, LOOP_CLR_FD) = 0 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", [pid 6099] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6099] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6099] close(5 [pid 349] getdents64(3, [pid 6099] <... close resumed>) = 0 [pid 349] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 6099] close(4 [pid 349] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./288/binderfs") = 0 [ 269.908428][ T6112] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/289/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 349] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 349] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./288/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./288/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./288/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./288") = 0 [pid 349] mkdir("./289", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 349] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 349] close(3) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6116 ./strace-static-x86_64: Process 6116 attached [pid 6116] set_robust_list(0x555584fcf660, 24) = 0 [pid 6116] chdir("./289") = 0 [pid 6116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6116] setpgid(0, 0) = 0 [pid 6116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6116] write(3, "1000", 4) = 4 [pid 6116] close(3) = 0 [pid 6116] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6116] write(1, "executing program\n", 18) = 18 [pid 6116] memfd_create("syzkaller", 0) = 3 [pid 6116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6116] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6116] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6116] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6099] <... close resumed>) = 0 [pid 6116] close(3) = 0 [pid 6116] close(4) = 0 [pid 6116] mkdir("./bus", 0777) = 0 [pid 6099] exit_group(0 [pid 6116] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6099] <... exit_group resumed>) = ? [pid 6099] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6099, si_uid=0, si_status=0, si_utime=4, si_stime=15} --- [pid 342] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 342] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./284/binderfs") = 0 [pid 342] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6097] <... write resumed>) = 20699119 [pid 6104] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6097] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6097] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 6097] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6097] ioctl(5, LOOP_CLR_FD) = 0 [pid 342] <... umount2 resumed>) = 0 [pid 6097] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6097] close(5) = 0 [pid 6097] close(4 [pid 342] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./284/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] umount2("./284/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./284/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./284/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./284") = 0 [pid 342] mkdir("./285", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6120 ./strace-static-x86_64: Process 6120 attached [pid 6120] set_robust_list(0x555584fcf660, 24) = 0 [pid 6120] chdir("./285") = 0 [pid 6120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6120] setpgid(0, 0) = 0 [pid 6120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6120] write(3, "1000", 4) = 4 [pid 6120] close(3) = 0 [pid 6120] symlink("/dev/binderfs", "./binderfs" [pid 6116] <... mount resumed>) = 0 [pid 6120] <... symlink resumed>) = 0 [pid 6116] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 6120] write(1, "executing program\n", 18executing program ) = 18 [pid 6116] <... openat resumed>) = 3 [pid 6120] memfd_create("syzkaller", 0) = 3 [pid 6116] chdir("./bus" [pid 6120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6116] <... chdir resumed>) = 0 [pid 6116] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6116] ioctl(4, LOOP_CLR_FD) = 0 [pid 6116] close(4 [pid 6120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6120] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6120] ioctl(4, LOOP_SET_FD, 3 [pid 6112] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6120] <... ioctl resumed>) = 0 [pid 6120] close(3) = 0 [pid 6120] close(4 [pid 6097] <... close resumed>) = 0 [pid 6097] exit_group(0) = ? [pid 6097] +++ exited with 0 +++ [pid 343] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6097, si_uid=0, si_status=0, si_utime=6, si_stime=10} --- [ 270.125734][ T6116] ext4 filesystem being mounted at /root/syzkaller.53SCZU/289/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 343] restart_syscall(<... resuming interrupted clone ...> [pid 6120] <... close resumed>) = 0 [pid 6120] mkdir("./bus", 0777) = 0 [pid 6120] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6116] <... close resumed>) = 0 [pid 343] <... restart_syscall resumed>) = 0 [pid 6116] memfd_create("syzkaller", 0 [pid 343] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6116] <... memfd_create resumed>) = 4 [pid 343] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 343] <... openat resumed>) = 3 [pid 6116] <... mmap resumed>) = 0x7f7c475b3000 [pid 343] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 343] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 343] newfstatat(AT_FDCWD, "./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] unlink("./288/binderfs") = 0 [pid 343] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6120] <... mount resumed>) = 0 [pid 6120] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6120] chdir("./bus") = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 343] <... umount2 resumed>) = 0 [pid 6120] <... openat resumed>) = 4 [pid 6120] ioctl(4, LOOP_CLR_FD) = 0 [pid 6120] close(4) = 0 [pid 343] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6120] memfd_create("syzkaller", 0) = 4 [pid 343] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6104] <... write resumed>) = 20699119 [pid 343] newfstatat(AT_FDCWD, "./288/bus", [pid 6104] munmap(0x7f7c475b3000, 138412032 [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6104] <... munmap resumed>) = 0 [pid 343] umount2("./288/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6104] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 343] openat(AT_FDCWD, "./288/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6104] <... openat resumed>) = 5 [pid 343] <... openat resumed>) = 4 [pid 6104] ioctl(5, LOOP_SET_FD, 4 [pid 343] newfstatat(4, "", [pid 6104] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6104] ioctl(5, LOOP_CLR_FD [pid 343] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 343] getdents64(4, [pid 6104] <... ioctl resumed>) = 0 [pid 343] <... getdents64 resumed>0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 343] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 343] close(4) = 0 [pid 343] rmdir("./288/bus") = 0 [pid 343] getdents64(3, [pid 6104] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 343] <... getdents64 resumed>0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 343] close(3 [pid 6104] close(5 [pid 343] <... close resumed>) = 0 [pid 6104] <... close resumed>) = 0 [pid 343] rmdir("./288" [pid 6104] close(4 [pid 343] <... rmdir resumed>) = 0 [pid 343] mkdir("./289", 0777) = 0 [pid 343] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 343] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 343] close(3) = 0 [pid 343] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6124 [pid 6112] <... write resumed>) = 20699119 [pid 6112] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6112] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 6112] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6112] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 6124 attached [pid 6124] set_robust_list(0x555584fcf660, 24) = 0 [pid 6124] chdir("./289") = 0 [pid 6124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6124] setpgid(0, 0) = 0 [pid 6112] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6112] close(5) = 0 [pid 6112] close(4executing program [pid 6124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6124] write(3, "1000", 4) = 4 [pid 6124] close(3) = 0 [pid 6124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6124] write(1, "executing program\n", 18) = 18 [pid 6124] memfd_create("syzkaller", 0) = 3 [pid 6124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6124] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6124] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6124] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6124] close(3) = 0 [ 270.255902][ T6120] ext4 filesystem being mounted at /root/syzkaller.hRPV0y/285/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6124] close(4) = 0 [pid 6124] mkdir("./bus", 0777) = 0 [pid 6124] mount("/dev/loop1", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6104] <... close resumed>) = 0 [pid 6104] exit_group(0) = ? [pid 6104] +++ exited with 0 +++ [pid 344] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6104, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 344] restart_syscall(<... resuming interrupted clone ...> [pid 6112] <... close resumed>) = 0 [pid 6112] exit_group(0) = ? [pid 6112] +++ exited with 0 +++ [pid 348] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6112, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 348] restart_syscall(<... resuming interrupted clone ...> [pid 6116] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6124] <... mount resumed>) = 0 [pid 6124] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6124] chdir("./bus") = 0 [pid 6124] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6124] ioctl(4, LOOP_CLR_FD) = 0 [pid 6124] close(4 [pid 344] <... restart_syscall resumed>) = 0 [pid 348] <... restart_syscall resumed>) = 0 [pid 344] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 348] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... openat resumed>) = 3 [pid 348] <... openat resumed>) = 3 [pid 348] newfstatat(3, "", [pid 344] newfstatat(3, "", [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(3, [pid 344] getdents64(3, [pid 348] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 344] <... getdents64 resumed>0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 348] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 348] newfstatat(AT_FDCWD, "./289/binderfs", [pid 6124] <... close resumed>) = 0 [pid 348] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] newfstatat(AT_FDCWD, "./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] unlink("./289/binderfs" [pid 344] unlink("./286/binderfs" [pid 348] <... unlink resumed>) = 0 [pid 344] <... unlink resumed>) = 0 [pid 6124] memfd_create("syzkaller", 0 [pid 348] umount2("./289/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] <... memfd_create resumed>) = 4 [pid 6124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [ 270.416185][ T6124] ext4 filesystem being mounted at /root/syzkaller.GdEi7E/289/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6120] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6116] <... write resumed>) = 20699119 [pid 6116] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6116] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 344] <... umount2 resumed>) = 0 [pid 344] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] newfstatat(AT_FDCWD, "./286/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 344] umount2("./286/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 344] openat(AT_FDCWD, "./286/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 344] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 344] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 344] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 344] close(4) = 0 [pid 344] rmdir("./286/bus") = 0 [pid 344] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 344] close(3) = 0 [pid 344] rmdir("./286") = 0 [pid 344] mkdir("./287", 0777) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6120] <... write resumed>) = 20699119 [pid 6120] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6124] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 6120] <... openat resumed>) = 5 [pid 6116] <... openat resumed>) = 5 [pid 348] <... umount2 resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 6116] ioctl(5, LOOP_SET_FD, 4 [pid 344] ioctl(3, LOOP_CLR_FD [pid 6116] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 344] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6116] ioctl(5, LOOP_CLR_FD [pid 348] umount2("./289/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] close(3 [pid 6120] ioctl(5, LOOP_SET_FD, 4 [pid 6116] <... ioctl resumed>) = 0 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... close resumed>) = 0 [pid 348] newfstatat(AT_FDCWD, "./289/bus", [pid 344] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6120] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 348] umount2("./289/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... clone resumed>, child_tidptr=0x555584fcf650) = 6128 [pid 348] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6120] ioctl(5, LOOP_CLR_FD [pid 348] openat(AT_FDCWD, "./289/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 348] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 348] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 6120] <... ioctl resumed>) = 0 [pid 6116] ioctl(5, LOOP_SET_FD, 4 [pid 348] getdents64(4, [pid 6116] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 348] <... getdents64 resumed>0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 6116] close(5 [pid 348] close(4 [pid 6116] <... close resumed>) = 0 [pid 348] <... close resumed>) = 0 [pid 6116] close(4 [pid 348] rmdir("./289/bus") = 0 [pid 348] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 348] close(3) = 0 [pid 348] rmdir("./289") = 0 [pid 348] mkdir("./290", 0777) = 0 [pid 6120] ioctl(5, LOOP_SET_FD, 4 [pid 348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 348] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 348] close(3) = 0 [pid 348] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6120] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6120] close(5 [pid 348] <... clone resumed>, child_tidptr=0x555584fcf650) = 6129 ./strace-static-x86_64: Process 6128 attached [pid 6120] <... close resumed>) = 0 [pid 6120] close(4 [pid 6128] set_robust_list(0x555584fcf660, 24./strace-static-x86_64: Process 6129 attached [pid 6129] set_robust_list(0x555584fcf660, 24) = 0 [pid 6129] chdir("./290") = 0 [pid 6129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6129] setpgid(0, 0) = 0 [pid 6129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6129] write(3, "1000", 4) = 4 [pid 6129] close(3) = 0 [pid 6129] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6129] write(1, "executing program\n", 18) = 18 [pid 6129] memfd_create("syzkaller", 0) = 3 [pid 6129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6128] <... set_robust_list resumed>) = 0 [pid 6129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 6128] chdir("./287") = 0 [pid 6128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6128] setpgid(0, 0) = 0 [pid 6128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6128] write(3, "1000", 4) = 4 [pid 6128] close(3) = 0 [pid 6128] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6128] write(1, "executing program\n", 18) = 18 [pid 6128] memfd_create("syzkaller", 0) = 3 [pid 6128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6128] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6128] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6128] ioctl(4, LOOP_SET_FD, 3 [pid 6129] <... write resumed>) = 262144 [pid 6129] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6129] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6128] <... ioctl resumed>) = 0 [pid 6129] ioctl(4, LOOP_SET_FD, 3 [pid 6128] close(3) = 0 [pid 6128] close(4 [pid 6129] <... ioctl resumed>) = 0 [pid 6128] <... close resumed>) = 0 [pid 6128] mkdir("./bus", 0777 [pid 6129] close(3) = 0 [pid 6129] close(4 [pid 6128] <... mkdir resumed>) = 0 [pid 6128] mount("/dev/loop2", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6124] <... write resumed>) = 20699119 [pid 6116] <... close resumed>) = 0 [pid 6116] exit_group(0) = ? [pid 6116] +++ exited with 0 +++ [pid 349] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6116, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 349] restart_syscall(<... resuming interrupted clone ...> [pid 6124] munmap(0x7f7c475b3000, 138412032 [pid 349] <... restart_syscall resumed>) = 0 [pid 349] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 349] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 349] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 349] newfstatat(AT_FDCWD, "./289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 349] unlink("./289/binderfs") = 0 [pid 349] umount2("./289/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] <... munmap resumed>) = 0 [pid 6124] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6129] <... close resumed>) = 0 [pid 6120] <... close resumed>) = 0 [pid 6120] exit_group(0) = ? [pid 6120] +++ exited with 0 +++ [pid 342] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6120, si_uid=0, si_status=0, si_utime=11, si_stime=12} --- [pid 342] restart_syscall(<... resuming interrupted clone ...> [pid 6129] mkdir("./bus", 0777) = 0 [pid 342] <... restart_syscall resumed>) = 0 [pid 6129] mount("/dev/loop3", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 342] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 342] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 4 entries */, 32768) = 104 [pid 342] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 342] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 342] unlink("./285/binderfs") = 0 [pid 342] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] <... openat resumed>) = 5 [pid 6128] <... mount resumed>) = 0 [pid 6124] ioctl(5, LOOP_SET_FD, 4 [pid 349] <... umount2 resumed>) = 0 [pid 6124] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 349] umount2("./289/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] ioctl(5, LOOP_CLR_FD [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] <... ioctl resumed>) = 0 [pid 349] newfstatat(AT_FDCWD, "./289/bus", [pid 6128] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 349] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6128] <... openat resumed>) = 3 [pid 349] umount2("./289/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6128] chdir("./bus" [pid 349] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6128] <... chdir resumed>) = 0 [pid 349] openat(AT_FDCWD, "./289/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6128] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 349] <... openat resumed>) = 4 [pid 349] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6124] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 6124] close(5 [pid 349] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 349] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 349] close(4) = 0 [pid 349] rmdir("./289/bus") = 0 [pid 349] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 349] close(3) = 0 [pid 349] rmdir("./289") = 0 [pid 349] mkdir("./290", 0777) = 0 [pid 349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6129] <... mount resumed>) = 0 [pid 6129] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6129] chdir("./bus") = 0 [pid 6129] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6128] <... openat resumed>) = 4 [pid 342] <... umount2 resumed>) = 0 [pid 6128] ioctl(4, LOOP_CLR_FD [pid 342] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6128] <... ioctl resumed>) = 0 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6128] close(4 [pid 342] newfstatat(AT_FDCWD, "./285/bus", [pid 6128] <... close resumed>) = 0 [pid 342] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6128] memfd_create("syzkaller", 0 [pid 6124] <... close resumed>) = 0 [pid 349] <... openat resumed>) = 3 [pid 342] umount2("./285/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6128] <... memfd_create resumed>) = 4 [pid 342] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 342] openat(AT_FDCWD, "./285/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6128] <... mmap resumed>) = 0x7f7c475b3000 [pid 342] <... openat resumed>) = 4 [pid 6124] close(4 [pid 349] ioctl(3, LOOP_CLR_FD [pid 342] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 342] getdents64(4, 0x555584fd8730 /* 2 entries */, 32768) = 48 [pid 342] getdents64(4, 0x555584fd8730 /* 0 entries */, 32768) = 0 [pid 342] close(4) = 0 [pid 342] rmdir("./285/bus") = 0 [pid 342] getdents64(3, 0x555584fd06f0 /* 0 entries */, 32768) = 0 [pid 342] close(3) = 0 [pid 342] rmdir("./285") = 0 [pid 342] mkdir("./286", 0777) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 342] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 342] close(3) = 0 [pid 342] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584fcf650) = 6136 [pid 6129] ioctl(4, LOOP_CLR_FD [pid 349] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6129] <... ioctl resumed>) = 0 [pid 6129] close(4) = 0 [pid 6129] memfd_create("syzkaller", 0) = 4 [pid 349] close(3 [pid 6129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 349] <... close resumed>) = 0 [pid 349] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6129] <... mmap resumed>) = 0x7f7c475b3000 [pid 349] <... clone resumed>, child_tidptr=0x555584fcf650) = 6137 executing program ./strace-static-x86_64: Process 6136 attached [pid 6136] set_robust_list(0x555584fcf660, 24) = 0 [pid 6136] chdir("./286") = 0 [pid 6136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6136] setpgid(0, 0) = 0 [pid 6136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6136] write(3, "1000", 4) = 4 [pid 6136] close(3) = 0 [pid 6136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6136] write(1, "executing program\n", 18) = 18 [pid 6136] memfd_create("syzkaller", 0) = 3 [pid 6136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6136] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6136] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6137 attached [pid 6137] set_robust_list(0x555584fcf660, 24) = 0 [pid 6137] chdir("./290") = 0 [pid 6137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6137] setpgid(0, 0) = 0 [pid 6137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6137] write(3, "1000", 4) = 4 [pid 6137] close(3) = 0 [pid 6137] symlink("/dev/binderfs", "./binderfs" [pid 6136] <... ioctl resumed>) = 0 [pid 6136] close(3) = 0 [pid 6136] close(4) = 0 [pid 6136] mkdir("./bus", 0777) = 0 [pid 6136] mount("/dev/loop0", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6137] <... symlink resumed>) = 0 [pid 6137] write(1, "executing program\n", 18executing program ) = 18 [pid 6137] memfd_create("syzkaller", 0) = 3 [ 270.709459][ T6128] ext4 filesystem being mounted at /root/syzkaller.Py8sPb/287/bus supports timestamps until (%ptR?) (0x7fffffff) [ 270.738431][ T6129] ext4 filesystem being mounted at /root/syzkaller.Gng5SU/290/bus supports timestamps until (%ptR?) (0x7fffffff) [pid 6137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000 [pid 6137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 6137] munmap(0x7f7c475b3000, 138412032) = 0 [pid 6137] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6137] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6137] close(3) = 0 [pid 6137] close(4) = 0 [pid 6137] mkdir("./bus", 0777) = 0 [pid 6137] mount("/dev/loop4", "./bus", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, "grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue" [pid 6136] <... mount resumed>) = 0 [pid 6136] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 6136] chdir("./bus") = 0 [pid 6136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6136] ioctl(4, LOOP_CLR_FD) = 0 [pid 6136] close(4) = 0 [pid 6136] memfd_create("syzkaller", 0) = 4 [pid 6136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c475b3000