./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1734639253 <...> DUID 00:04:e6:d8:3e:4c:c1:15:84:42:dc:00:60:8c:e3:5f:26:b4 no interfaces have a carrier [ 35.593294][ T4891] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.612923][ T4891] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.108' (ED25519) to the list of known hosts. execve("./syz-executor1734639253", ["./syz-executor1734639253"], 0x7ffe038dbe30 /* 10 vars */) = 0 brk(NULL) = 0x55557083d000 brk(0x55557083dd40) = 0x55557083dd40 arch_prctl(ARCH_SET_FS, 0x55557083d3c0) = 0 set_tid_address(0x55557083d690) = 5221 set_robust_list(0x55557083d6a0, 24) = 0 rseq(0x55557083dce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1734639253", 4096) = 28 getrandom("\x76\xe1\xe5\xff\x81\xa8\x6a\x94", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557083dd40 brk(0x55557085ed40) = 0x55557085ed40 brk(0x55557085f000) = 0x55557085f000 mprotect(0x7f7e3bcc1000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5222 attached , child_tidptr=0x55557083d690) = 5222 [pid 5221] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5222] set_robust_list(0x55557083d6a0, 24) = 0 ./strace-static-x86_64: Process 5223 attached [pid 5221] <... clone resumed>, child_tidptr=0x55557083d690) = 5223 [pid 5223] set_robust_list(0x55557083d6a0, 24 [pid 5222] mkdir("./syzkaller.DyOw6i", 0700 [pid 5221] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5223] <... set_robust_list resumed>) = 0 [pid 5222] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5224 attached [pid 5223] mkdir("./syzkaller.iJnbWt", 0700 [pid 5221] <... clone resumed>, child_tidptr=0x55557083d690) = 5224 [pid 5222] chmod("./syzkaller.DyOw6i", 0777 [pid 5224] set_robust_list(0x55557083d6a0, 24) = 0 [pid 5221] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5224] mkdir("./syzkaller.03RHJk", 0700 [pid 5223] <... mkdir resumed>) = 0 [pid 5222] <... chmod resumed>) = 0 [pid 5224] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5225 attached [pid 5223] chmod("./syzkaller.iJnbWt", 0777 [pid 5222] chdir("./syzkaller.DyOw6i" [pid 5225] set_robust_list(0x55557083d6a0, 24 [pid 5224] chmod("./syzkaller.03RHJk", 0777 [pid 5223] <... chmod resumed>) = 0 [pid 5222] <... chdir resumed>) = 0 [pid 5225] <... set_robust_list resumed>) = 0 [pid 5224] <... chmod resumed>) = 0 [pid 5221] <... clone resumed>, child_tidptr=0x55557083d690) = 5225 [pid 5225] getrandom( [pid 5223] chdir("./syzkaller.iJnbWt" [pid 5222] mkdir("./0", 0777 [pid 5224] chdir("./syzkaller.03RHJk" [pid 5225] <... getrandom resumed>"\x46\x48\xe8\x96\x2b\x0d\xf4\x4a", 8, GRND_NONBLOCK) = 8 [pid 5222] <... mkdir resumed>) = 0 [pid 5221] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5225] mkdir("./syzkaller.8FGZib", 0700 [pid 5224] <... chdir resumed>) = 0 [pid 5223] <... chdir resumed>) = 0 [pid 5224] mkdir("./0", 0777 [pid 5223] mkdir("./0", 0777 [pid 5225] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5226 attached [pid 5224] <... mkdir resumed>) = 0 [pid 5223] <... mkdir resumed>) = 0 [pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5221] <... clone resumed>, child_tidptr=0x55557083d690) = 5226 [pid 5226] set_robust_list(0x55557083d6a0, 24 [pid 5225] chmod("./syzkaller.8FGZib", 0777 [pid 5222] <... openat resumed>) = 3 [pid 5226] <... set_robust_list resumed>) = 0 [pid 5225] <... chmod resumed>) = 0 [pid 5226] mkdir("./syzkaller.1eVfz5", 0700 [pid 5223] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5225] chdir("./syzkaller.8FGZib" [pid 5224] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5222] ioctl(3, LOOP_CLR_FD [pid 5226] <... mkdir resumed>) = 0 [pid 5225] <... chdir resumed>) = 0 [pid 5223] <... openat resumed>) = 3 [pid 5226] chmod("./syzkaller.1eVfz5", 0777 [pid 5225] mkdir("./0", 0777 [pid 5224] <... openat resumed>) = 3 [pid 5223] ioctl(3, LOOP_CLR_FD [pid 5222] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5224] ioctl(3, LOOP_CLR_FD [pid 5223] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5224] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5226] <... chmod resumed>) = 0 [pid 5225] <... mkdir resumed>) = 0 [pid 5224] close(3 [pid 5223] close(3 [pid 5222] close(3 [pid 5226] chdir("./syzkaller.1eVfz5" [pid 5225] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5224] <... close resumed>) = 0 [pid 5223] <... close resumed>) = 0 [pid 5222] <... close resumed>) = 0 [pid 5226] <... chdir resumed>) = 0 [pid 5225] <... openat resumed>) = 3 [pid 5223] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5222] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5226] mkdir("./0", 0777 [pid 5224] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5227 attached [pid 5225] ioctl(3, LOOP_CLR_FD [pid 5227] set_robust_list(0x55557083d6a0, 24 [pid 5226] <... mkdir resumed>) = 0 [pid 5225] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5227] <... set_robust_list resumed>) = 0 [pid 5225] close(3) = 0 [pid 5227] chdir("./0" [pid 5225] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5228 attached ./strace-static-x86_64: Process 5229 attached [pid 5228] set_robust_list(0x55557083d6a0, 24 [pid 5227] <... chdir resumed>) = 0 [pid 5226] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5223] <... clone resumed>, child_tidptr=0x55557083d690) = 5228 [pid 5222] <... clone resumed>, child_tidptr=0x55557083d690) = 5227 [pid 5229] set_robust_list(0x55557083d6a0, 24 [pid 5228] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5230 attached [pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5226] <... openat resumed>) = 3 [pid 5230] set_robust_list(0x55557083d6a0, 24 [pid 5229] <... set_robust_list resumed>) = 0 [pid 5228] chdir("./0" [pid 5227] <... prctl resumed>) = 0 [pid 5224] <... clone resumed>, child_tidptr=0x55557083d690) = 5229 [pid 5230] <... set_robust_list resumed>) = 0 [pid 5229] chdir("./0" [pid 5228] <... chdir resumed>) = 0 [pid 5227] setpgid(0, 0 [pid 5230] chdir("./0" [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5227] <... setpgid resumed>) = 0 [pid 5225] <... clone resumed>, child_tidptr=0x55557083d690) = 5230 [pid 5230] <... chdir resumed>) = 0 [pid 5229] <... chdir resumed>) = 0 [pid 5228] <... prctl resumed>) = 0 [pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5226] ioctl(3, LOOP_CLR_FD [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5228] setpgid(0, 0 [pid 5230] <... prctl resumed>) = 0 [pid 5229] <... prctl resumed>) = 0 [pid 5228] <... setpgid resumed>) = 0 [pid 5227] <... openat resumed>) = 3 [pid 5226] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5229] setpgid(0, 0 [pid 5230] setpgid(0, 0 [pid 5229] <... setpgid resumed>) = 0 [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5226] close(3 [pid 5230] <... setpgid resumed>) = 0 [pid 5227] write(3, "1000", 4 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5228] <... openat resumed>) = 3 [pid 5226] <... close resumed>) = 0 [pid 5230] <... openat resumed>) = 3 [pid 5227] <... write resumed>) = 4 [pid 5227] close(3) = 0 [pid 5227] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5230] write(3, "1000", 4) = 4 [pid 5230] close(3) = 0 [pid 5226] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5230] symlink("/dev/binderfs", "./binderfs" [pid 5229] <... openat resumed>) = 3 [pid 5230] <... symlink resumed>) = 0 executing program [pid 5227] write(1, "executing program\n", 18 [pid 5228] write(3, "1000", 4 [pid 5229] write(3, "1000", 4 [pid 5228] <... write resumed>) = 4 ./strace-static-x86_64: Process 5231 attached [pid 5229] <... write resumed>) = 4 [pid 5228] close(3 [pid 5226] <... clone resumed>, child_tidptr=0x55557083d690) = 5231 [pid 5231] set_robust_list(0x55557083d6a0, 24 [pid 5229] close(3 [pid 5228] <... close resumed>) = 0 [pid 5231] <... set_robust_list resumed>) = 0 [pid 5229] <... close resumed>) = 0 [pid 5228] symlink("/dev/binderfs", "./binderfs" [pid 5229] symlink("/dev/binderfs", "./binderfs" [pid 5230] write(1, "executing program\n", 18executing program [pid 5227] <... write resumed>) = 18 [pid 5230] <... write resumed>) = 18 [pid 5228] <... symlink resumed>) = 0 [pid 5227] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] chdir("./0" [pid 5230] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5229] <... symlink resumed>) = 0 [pid 5227] <... futex resumed>) = 0 [pid 5230] <... futex resumed>) = 0 [pid 5227] rt_sigaction(SIGRT_1, {sa_handler=0x7f7e3bc60060, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7e3bc51210}, [pid 5230] rt_sigaction(SIGRT_1, {sa_handler=0x7f7e3bc60060, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7e3bc51210}, NULL, 8) = 0 [pid 5227] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5230] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5227] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5227] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5227] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5230] <... mmap resumed>) = 0x7f7e3bbcf000 [pid 5230] mprotect(0x7f7e3bbd0000, 131072, PROT_READ|PROT_WRITEexecuting program executing program [pid 5227] <... mmap resumed>) = 0x7f7e3bbcf000 [pid 5231] <... chdir resumed>) = 0 [pid 5230] <... mprotect resumed>) = 0 [pid 5229] write(1, "executing program\n", 18 [pid 5228] write(1, "executing program\n", 18 [pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5230] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5229] <... write resumed>) = 18 [pid 5228] <... write resumed>) = 18 [pid 5227] mprotect(0x7f7e3bbd0000, 131072, PROT_READ|PROT_WRITE [pid 5231] <... prctl resumed>) = 0 [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] setpgid(0, 0 [pid 5229] <... futex resumed>) = 0 [pid 5228] <... futex resumed>) = 0 [pid 5227] <... mprotect resumed>) = 0 [pid 5231] <... setpgid resumed>) = 0 [pid 5230] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5229] rt_sigaction(SIGRT_1, {sa_handler=0x7f7e3bc60060, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7e3bc51210}, [pid 5228] rt_sigaction(SIGRT_1, {sa_handler=0x7f7e3bc60060, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7e3bc51210}, [pid 5227] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5230] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbef990, parent_tid=0x7f7e3bbef990, exit_signal=0, stack=0x7f7e3bbcf000, stack_size=0x20300, tls=0x7f7e3bbef6c0} [pid 5229] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5228] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5228] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5229] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5228] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5228] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 5232 attached [pid 5231] <... openat resumed>) = 3 [pid 5229] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5228] <... mmap resumed>) = 0x7f7e3bbcf000 [pid 5227] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5232] rseq(0x7f7e3bbeffe0, 0x20, 0, 0x53053053 [pid 5231] write(3, "1000", 4 [pid 5230] <... clone3 resumed> => {parent_tid=[5232]}, 88) = 5232 [pid 5229] <... mmap resumed>) = 0x7f7e3bbcf000 [pid 5228] mprotect(0x7f7e3bbd0000, 131072, PROT_READ|PROT_WRITE [pid 5227] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbef990, parent_tid=0x7f7e3bbef990, exit_signal=0, stack=0x7f7e3bbcf000, stack_size=0x20300, tls=0x7f7e3bbef6c0}./strace-static-x86_64: Process 5233 attached [pid 5232] <... rseq resumed>) = 0 [pid 5231] <... write resumed>) = 4 [pid 5230] rt_sigprocmask(SIG_SETMASK, [], [pid 5229] mprotect(0x7f7e3bbd0000, 131072, PROT_READ|PROT_WRITE [pid 5228] <... mprotect resumed>) = 0 [pid 5233] rseq(0x7f7e3bbeffe0, 0x20, 0, 0x53053053 [pid 5232] set_robust_list(0x7f7e3bbef9a0, 24 [pid 5231] close(3 [pid 5230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5227] <... clone3 resumed> => {parent_tid=[5233]}, 88) = 5233 [pid 5230] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5227] rt_sigprocmask(SIG_SETMASK, [], [pid 5228] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5233] <... rseq resumed>) = 0 [pid 5232] <... set_robust_list resumed>) = 0 [pid 5231] <... close resumed>) = 0 [pid 5230] <... futex resumed>) = 0 [pid 5229] <... mprotect resumed>) = 0 [pid 5233] set_robust_list(0x7f7e3bbef9a0, 24 [pid 5232] rt_sigprocmask(SIG_SETMASK, [], [pid 5231] symlink("/dev/binderfs", "./binderfs" [pid 5230] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5229] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5227] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5233] <... set_robust_list resumed>) = 0 [pid 5232] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5231] <... symlink resumed>) = 0 [pid 5229] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5228] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5227] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5233] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5229] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbef990, parent_tid=0x7f7e3bbef990, exit_signal=0, stack=0x7f7e3bbcf000, stack_size=0x20300, tls=0x7f7e3bbef6c0} [pid 5227] <... futex resumed>) = 0 [pid 5227] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5234 attached [pid 5234] rseq(0x7f7e3bbeffe0, 0x20, 0, 0x53053053 [pid 5228] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbef990, parent_tid=0x7f7e3bbef990, exit_signal=0, stack=0x7f7e3bbcf000, stack_size=0x20300, tls=0x7f7e3bbef6c0}./strace-static-x86_64: Process 5235 attached [pid 5234] <... rseq resumed>) = 0 [pid 5235] rseq(0x7f7e3bbeffe0, 0x20, 0, 0x53053053 [pid 5234] set_robust_list(0x7f7e3bbef9a0, 24 [pid 5232] memfd_create("syzkaller", 0 [pid 5234] <... set_robust_list resumed>) = 0 [pid 5235] <... rseq resumed>) = 0 [pid 5234] rt_sigprocmask(SIG_SETMASK, [], [pid 5233] memfd_create("syzkaller", 0 [pid 5229] <... clone3 resumed> => {parent_tid=[5234]}, 88) = 5234 [pid 5235] set_robust_list(0x7f7e3bbef9a0, 24 [pid 5234] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5231] write(1, "executing program\n", 18 [pid 5228] <... clone3 resumed> => {parent_tid=[5235]}, 88) = 5235 [pid 5235] <... set_robust_list resumed>) = 0 [pid 5234] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5235] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5235] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULLexecuting program [pid 5229] rt_sigprocmask(SIG_SETMASK, [], [pid 5231] <... write resumed>) = 18 [pid 5228] rt_sigprocmask(SIG_SETMASK, [], [pid 5233] <... memfd_create resumed>) = 3 [pid 5229] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5231] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5232] <... memfd_create resumed>) = 3 [pid 5231] <... futex resumed>) = 0 [pid 5229] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5235] <... futex resumed>) = 0 [pid 5234] <... futex resumed>) = 0 [pid 5232] <... mmap resumed>) = 0x7f7e33600000 [pid 5229] <... futex resumed>) = 1 [pid 5228] <... futex resumed>) = 1 [pid 5235] memfd_create("syzkaller", 0 [pid 5234] memfd_create("syzkaller", 0 [pid 5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5231] rt_sigaction(SIGRT_1, {sa_handler=0x7f7e3bc60060, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7e3bc51210}, [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5235] <... memfd_create resumed>) = 3 [pid 5234] <... memfd_create resumed>) = 3 [pid 5233] <... mmap resumed>) = 0x7f7e33600000 [pid 5231] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5231] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5235] <... mmap resumed>) = 0x7f7e33600000 [pid 5234] <... mmap resumed>) = 0x7f7e33600000 [pid 5231] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5231] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f7e3bbcf000 [pid 5231] mprotect(0x7f7e3bbd0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5231] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5231] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbef990, parent_tid=0x7f7e3bbef990, exit_signal=0, stack=0x7f7e3bbcf000, stack_size=0x20300, tls=0x7f7e3bbef6c0} => {parent_tid=[5237]}, 88) = 5237 [pid 5231] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5237 attached NULL, 8) = 0 [pid 5237] rseq(0x7f7e3bbeffe0, 0x20, 0, 0x53053053) = 0 [pid 5237] set_robust_list(0x7f7e3bbef9a0, 24) = 0 [pid 5237] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5237] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5231] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] <... futex resumed>) = 0 [pid 5231] <... futex resumed>) = 1 [pid 5237] memfd_create("syzkaller", 0 [pid 5231] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5237] <... memfd_create resumed>) = 3 [pid 5237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7e33600000 [pid 5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5233] <... write resumed>) = 16777216 [pid 5233] munmap(0x7f7e33600000, 138412032) = 0 [pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5233] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5233] close(3) = 0 [pid 5233] close(4) = 0 [pid 5233] mkdir("./file0", 0777) = 0 syzkaller login: [ 65.005620][ T5233] loop0: detected capacity change from 0 to 32768 [pid 5233] mount("/dev/loop0", "./file0", "jfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_LAZYTIME, "" [pid 5237] <... write resumed>) = 16777216 [pid 5237] munmap(0x7f7e33600000, 138412032 [pid 5232] <... write resumed>) = 16777216 [pid 5235] <... write resumed>) = 16777216 [pid 5234] <... write resumed>) = 16777216 [pid 5235] munmap(0x7f7e33600000, 138412032 [pid 5234] munmap(0x7f7e33600000, 138412032 [ 65.057456][ T5233] ======================================================= [ 65.057456][ T5233] WARNING: The mand mount option has been deprecated and [ 65.057456][ T5233] and is ignored by this kernel. Remove the mand [ 65.057456][ T5233] option from the mount to silence this warning. [ 65.057456][ T5233] ======================================================= [pid 5232] munmap(0x7f7e33600000, 138412032 [pid 5237] <... munmap resumed>) = 0 [pid 5237] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5237] ioctl(4, LOOP_SET_FD, 3 [pid 5232] <... munmap resumed>) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5237] <... ioctl resumed>) = 0 [pid 5232] <... openat resumed>) = 4 [pid 5232] ioctl(4, LOOP_SET_FD, 3 [pid 5237] close(3 [pid 5235] <... munmap resumed>) = 0 [pid 5234] <... munmap resumed>) = 0 [pid 5237] <... close resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5234] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5232] <... ioctl resumed>) = 0 [pid 5237] close(4 [pid 5235] <... openat resumed>) = 4 [pid 5234] <... openat resumed>) = 4 [pid 5233] <... mount resumed>) = 0 [pid 5234] ioctl(4, LOOP_SET_FD, 3 [pid 5233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5232] close(3 [pid 5237] <... close resumed>) = 0 [pid 5232] <... close resumed>) = 0 [pid 5235] ioctl(4, LOOP_SET_FD, 3 [pid 5232] close(4 [pid 5237] mkdir("./file0", 0777 [pid 5232] <... close resumed>) = 0 [pid 5237] <... mkdir resumed>) = 0 [pid 5232] mkdir("./file0", 0777 [pid 5237] mount("/dev/loop4", "./file0", "jfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_LAZYTIME, "" [pid 5232] <... mkdir resumed>) = 0 [pid 5232] mount("/dev/loop3", "./file0", "jfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_LAZYTIME, "" [pid 5233] <... openat resumed>) = 3 [pid 5233] chdir("./file0") = 0 [pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5233] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5233] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5227] <... futex resumed>) = 0 [pid 5227] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5233] <... futex resumed>) = 0 [pid 5227] <... futex resumed>) = 1 [pid 5227] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5234] <... ioctl resumed>) = 0 [pid 5233] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC, 000 [pid 5232] <... mount resumed>) = 0 [pid 5232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5232] chdir("./file0") = 0 [pid 5233] <... openat resumed>) = 4 [pid 5234] close(3 [pid 5233] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5234] <... close resumed>) = 0 [pid 5233] <... futex resumed>) = 1 [pid 5234] close(4 [pid 5233] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5237] <... mount resumed>) = 0 [pid 5235] <... ioctl resumed>) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5227] <... futex resumed>) = 0 [pid 5237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5235] close(3 [pid 5232] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5237] <... openat resumed>) = 3 [pid 5232] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] chdir("./file0" [pid 5235] <... close resumed>) = 0 [pid 5232] <... futex resumed>) = 1 [pid 5230] <... futex resumed>) = 0 [pid 5227] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] <... chdir resumed>) = 0 [pid 5235] close(4 [pid 5232] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5230] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5227] <... futex resumed>) = 0 [ 65.152287][ T5237] loop4: detected capacity change from 0 to 32768 [ 65.159810][ T5232] loop3: detected capacity change from 0 to 32768 [ 65.179935][ T5234] loop2: detected capacity change from 0 to 32768 [ 65.181592][ T5235] loop1: detected capacity change from 0 to 32768 [pid 5237] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5235] <... close resumed>) = 0 [pid 5232] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5230] <... futex resumed>) = 0 [pid 5227] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5237] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5234] <... close resumed>) = 0 [pid 5233] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5237] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] mkdir("./file0", 0777 [pid 5232] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC, 000 [pid 5230] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5237] <... futex resumed>) = 1 [pid 5235] <... mkdir resumed>) = 0 [pid 5234] mkdir("./file0", 0777 [pid 5233] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65007, 65228 [pid 5232] <... openat resumed>) = 4 [pid 5231] <... futex resumed>) = 0 [pid 5237] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5235] mount("/dev/loop1", "./file0", "jfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_LAZYTIME, "" [pid 5234] <... mkdir resumed>) = 0 [pid 5232] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5231] <... futex resumed>) = 0 [pid 5237] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC, 000 [pid 5231] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5234] mount("/dev/loop2", "./file0", "jfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_LAZYTIME, "" [pid 5232] <... futex resumed>) = 1 [pid 5230] <... futex resumed>) = 0 [pid 5237] <... openat resumed>) = 4 [pid 5232] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65007, 65228 [pid 5230] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5237] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5230] <... futex resumed>) = 0 [pid 5230] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5231] <... futex resumed>) = 0 [pid 5231] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5231] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5237] <... futex resumed>) = 0 [pid 5237] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65007, 65228 [pid 5234] <... mount resumed>) = 0 [pid 5227] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5227] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5227] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f7e3bbae000 [pid 5227] mprotect(0x7f7e3bbaf000, 131072, PROT_READ|PROT_WRITE) = 0 [ 65.250749][ T5233] ERROR: (device loop0): dbAlloc: the hint is outside the map [ 65.250749][ T5233] [ 65.253164][ T5232] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 65.253164][ T5232] [ 65.276746][ T5237] ERROR: (device loop4): dbAlloc: the hint is outside the map [ 65.276746][ T5237] [ 65.287018][ T5233] ERROR: (device loop0): remounting filesystem as read-only [pid 5227] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5230] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5230] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f7e3bbae000 [pid 5230] mprotect(0x7f7e3bbaf000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5230] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5227] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5230] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbce990, parent_tid=0x7f7e3bbce990, exit_signal=0, stack=0x7f7e3bbae000, stack_size=0x20300, tls=0x7f7e3bbce6c0} [pid 5227] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbce990, parent_tid=0x7f7e3bbce990, exit_signal=0, stack=0x7f7e3bbae000, stack_size=0x20300, tls=0x7f7e3bbce6c0} [pid 5230] <... clone3 resumed> => {parent_tid=[5240]}, 88) = 5240 [pid 5227] <... clone3 resumed> => {parent_tid=[5239]}, 88) = 5239 ./strace-static-x86_64: Process 5240 attached [pid 5234] <... openat resumed>) = 3 [pid 5230] rt_sigprocmask(SIG_SETMASK, [], [pid 5227] rt_sigprocmask(SIG_SETMASK, [], [pid 5240] rseq(0x7f7e3bbcefe0, 0x20, 0, 0x53053053 [pid 5234] chdir("./file0" [pid 5240] <... rseq resumed>) = 0 [pid 5234] <... chdir resumed>) = 0 [pid 5240] set_robust_list(0x7f7e3bbce9a0, 24 [pid 5234] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5240] <... set_robust_list resumed>) = 0 [pid 5240] rt_sigprocmask(SIG_SETMASK, [], [pid 5234] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5227] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5227] futex(0x7f7e3bcc76d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5227] futex(0x7f7e3bcc76dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5239 attached [pid 5230] futex(0x7f7e3bcc76d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5239] rseq(0x7f7e3bbcefe0, 0x20, 0, 0x53053053 [pid 5230] <... futex resumed>) = 0 [pid 5239] <... rseq resumed>) = 0 [pid 5230] futex(0x7f7e3bcc76dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5239] set_robust_list(0x7f7e3bbce9a0, 24) = 0 [pid 5239] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5239] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 001) = -1 EROFS (Read-only file system) [pid 5239] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5227] <... futex resumed>) = 0 [pid 5239] openat(AT_FDCWD, "./file1", O_RDONLY [pid 5227] futex(0x7f7e3bcc76d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5239] <... openat resumed>) = 5 [pid 5227] <... futex resumed>) = 0 [ 65.295574][ T5237] ERROR: (device loop4): remounting filesystem as read-only [ 65.309503][ T5232] ERROR: (device loop3): remounting filesystem as read-only [ 65.314413][ T5233] syz-executor173: attempt to access beyond end of device [ 65.314413][ T5233] loop0: rw=2049, sector=2621792, nr_sectors = 8 limit=32768 [pid 5240] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5234] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5227] futex(0x7f7e3bcc76dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5240] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 001 [pid 5234] <... futex resumed>) = 1 [pid 5231] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5234] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5231] <... futex resumed>) = 0 [pid 5229] <... futex resumed>) = 0 [pid 5239] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5230] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5230] futex(0x7f7e3bcc76ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f7e3bb8d000 [pid 5239] <... futex resumed>) = 0 [pid 5239] futex(0x7f7e3bcc76d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5230] mprotect(0x7f7e3bb8e000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5230] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5230] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbad990, parent_tid=0x7f7e3bbad990, exit_signal=0, stack=0x7f7e3bb8d000, stack_size=0x20300, tls=0x7f7e3bbad6c0} => {parent_tid=[5242]}, 88) = 5242 [pid 5230] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5230] futex(0x7f7e3bcc76e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5230] futex(0x7f7e3bcc76ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5242 attached [pid 5242] rseq(0x7f7e3bbadfe0, 0x20, 0, 0x53053053) = 0 [pid 5242] set_robust_list(0x7f7e3bbad9a0, 24) = 0 [pid 5242] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5242] openat(AT_FDCWD, "./file1", O_RDONLY) = 6 [pid 5242] futex(0x7f7e3bcc76ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5230] <... futex resumed>) = 0 [pid 5230] futex(0x7f7e3bcc76e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5230] futex(0x7f7e3bcc76ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5242] <... futex resumed>) = 1 [pid 5242] sendfile(-1, 6, NULL, 54802) = -1 EBADF (Bad file descriptor) [pid 5242] futex(0x7f7e3bcc76ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5230] <... futex resumed>) = 0 [pid 5242] <... futex resumed>) = 1 [pid 5242] futex(0x7f7e3bcc76e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5237] <... pwrite64 resumed>) = -1 EIO (Input/output error) [pid 5240] <... openat resumed>) = 5 [pid 5234] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5233] <... pwrite64 resumed>) = -1 EIO (Input/output error) [pid 5231] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5229] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5227] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5231] <... mmap resumed>) = 0x7f7e3bbae000 [pid 5229] <... futex resumed>) = 0 [pid 5227] futex(0x7f7e3bcc76d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5240] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5234] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC, 000 [pid 5233] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] mprotect(0x7f7e3bbaf000, 131072, PROT_READ|PROT_WRITE [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5240] <... futex resumed>) = 0 [pid 5233] <... futex resumed>) = 0 [pid 5231] <... mprotect resumed>) = 0 [pid 5227] <... futex resumed>) = 1 [pid 5240] futex(0x7f7e3bcc76d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5239] <... futex resumed>) = 0 [pid 5233] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5231] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5227] futex(0x7f7e3bcc76dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5239] sendfile(-1, 5, NULL, 54802 [pid 5234] <... openat resumed>) = 4 [pid 5231] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5239] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [ 65.323555][ T29] audit: type=1804 audit(1726309934.882:2): pid=5239 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor173" name="/root/syzkaller.DyOw6i/0/file0/file1" dev="loop0" ino=4 res=1 errno=0 [ 65.356166][ T5237] syz-executor173: attempt to access beyond end of device [ 65.356166][ T5237] loop4: rw=2049, sector=2621792, nr_sectors = 8 limit=32768 [ 65.362112][ T5232] syz-executor173: attempt to access beyond end of device [ 65.362112][ T5232] loop3: rw=2049, sector=2621792, nr_sectors = 8 limit=32768 [pid 5231] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbce990, parent_tid=0x7f7e3bbce990, exit_signal=0, stack=0x7f7e3bbae000, stack_size=0x20300, tls=0x7f7e3bbce6c0}./strace-static-x86_64: Process 5243 attached [pid 5239] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] <... mount resumed>) = 0 [pid 5234] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5243] rseq(0x7f7e3bbcefe0, 0x20, 0, 0x53053053 [pid 5239] <... futex resumed>) = 1 [pid 5235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5231] <... clone3 resumed> => {parent_tid=[5243]}, 88) = 5243 [pid 5243] <... rseq resumed>) = 0 [pid 5239] futex(0x7f7e3bcc76d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5235] <... openat resumed>) = 3 [pid 5231] rt_sigprocmask(SIG_SETMASK, [], [pid 5243] set_robust_list(0x7f7e3bbce9a0, 24 [pid 5235] chdir("./file0" [pid 5231] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5243] <... set_robust_list resumed>) = 0 [pid 5235] <... chdir resumed>) = 0 [pid 5231] futex(0x7f7e3bcc76d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5243] rt_sigprocmask(SIG_SETMASK, [], [pid 5235] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5243] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5237] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] <... futex resumed>) = 0 [pid 5243] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 001 [pid 5237] <... futex resumed>) = 0 [pid 5231] futex(0x7f7e3bcc76dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5243] <... openat resumed>) = -1 EROFS (Read-only file system) [pid 5237] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5243] futex(0x7f7e3bcc76dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5231] <... futex resumed>) = 0 [pid 5243] futex(0x7f7e3bcc76d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5231] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] <... futex resumed>) = 0 [pid 5231] <... futex resumed>) = 1 [pid 5237] openat(AT_FDCWD, "./file1", O_RDONLY [pid 5235] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5231] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5237] <... openat resumed>) = 5 [pid 5235] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] <... futex resumed>) = 1 [pid 5237] <... futex resumed>) = 1 [pid 5235] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5231] <... futex resumed>) = 0 [pid 5237] sendfile(-1, 5, NULL, 54802 [pid 5231] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 5231] <... futex resumed>) = 0 [pid 5237] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5231] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5237] <... futex resumed>) = 0 [pid 5231] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5237] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5231] exit_group(0 [pid 5243] <... futex resumed>) = ? [pid 5237] <... futex resumed>) = ? [pid 5231] <... exit_group resumed>) = ? [pid 5243] +++ exited with 0 +++ [pid 5237] +++ exited with 0 +++ [pid 5231] +++ exited with 0 +++ [pid 5226] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=32 /* 0.32 s */} --- [pid 5226] restart_syscall(<... resuming interrupted clone ...> [pid 5234] <... futex resumed>) = 1 [pid 5229] <... futex resumed>) = 0 [pid 5227] <... futex resumed>) = 0 [pid 5234] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65007, 65228 [pid 5229] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5227] exit_group(0 [ 65.410931][ T29] audit: type=1804 audit(1726309934.932:3): pid=5242 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor173" name="/root/syzkaller.8FGZib/0/file0/file1" dev="loop3" ino=4 res=1 errno=0 [ 65.434637][ T5234] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 65.434637][ T5234] [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5239] <... futex resumed>) = ? [pid 5233] <... futex resumed>) = ? [pid 5232] <... pwrite64 resumed>) = -1 EIO (Input/output error) [pid 5228] <... futex resumed>) = 0 [pid 5227] <... exit_group resumed>) = ? [pid 5226] <... restart_syscall resumed>) = 0 [pid 5239] +++ exited with 0 +++ [pid 5228] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5226] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5233] +++ exited with 0 +++ [pid 5228] <... futex resumed>) = 1 [pid 5227] +++ exited with 0 +++ [pid 5232] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5230] exit_group(0 [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] <... futex resumed>) = 0 [pid 5226] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5230] <... exit_group resumed>) = ? [pid 5226] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5222] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=30 /* 0.30 s */} --- [pid 5240] <... futex resumed>) = ? [pid 5226] <... openat resumed>) = 3 [pid 5222] restart_syscall(<... resuming interrupted clone ...> [pid 5235] <... futex resumed>) = 0 [pid 5226] newfstatat(3, "", [pid 5235] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC, 000 [pid 5226] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5240] +++ exited with 0 +++ [pid 5232] +++ exited with 0 +++ [pid 5226] getdents64(3, [pid 5242] <... futex resumed>) = ? [pid 5226] <... getdents64 resumed>0x55557083e730 /* 4 entries */, 32768) = 112 [pid 5242] +++ exited with 0 +++ [pid 5230] +++ exited with 0 +++ [pid 5226] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5226] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5225] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=21 /* 0.21 s */} --- [pid 5226] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5225] restart_syscall(<... resuming interrupted clone ...> [pid 5226] unlink("./0/binderfs" [pid 5225] <... restart_syscall resumed>) = 0 [pid 5222] <... restart_syscall resumed>) = 0 [pid 5226] <... unlink resumed>) = 0 [pid 5226] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5225] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5222] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5235] <... openat resumed>) = 4 [pid 5225] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5222] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5235] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5225] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5222] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5235] <... futex resumed>) = 1 [pid 5225] <... openat resumed>) = 3 [pid 5222] <... openat resumed>) = 3 [pid 5235] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5225] newfstatat(3, "", [pid 5222] newfstatat(3, "", [pid 5225] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5222] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5225] getdents64(3, [pid 5222] getdents64(3, [pid 5225] <... getdents64 resumed>0x55557083e730 /* 4 entries */, 32768) = 112 [pid 5222] <... getdents64 resumed>0x55557083e730 /* 4 entries */, 32768) = 112 [pid 5225] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5222] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5225] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5222] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5225] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5222] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5225] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5222] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5225] unlink("./0/binderfs" [pid 5222] unlink("./0/binderfs" [pid 5225] <... unlink resumed>) = 0 [pid 5222] <... unlink resumed>) = 0 [pid 5225] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 65.437028][ T29] audit: type=1804 audit(1726309934.942:4): pid=5240 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor173" name="/root/syzkaller.8FGZib/0/file0/file1" dev="loop3" ino=4 res=1 errno=0 [ 65.445456][ T5234] ERROR: (device loop2): remounting filesystem as read-only [ 65.482888][ T29] audit: type=1804 audit(1726309934.982:5): pid=5237 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor173" name="/root/syzkaller.1eVfz5/0/file0/file1" dev="loop4" ino=4 res=1 errno=0 [pid 5222] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5228] <... futex resumed>) = 0 [pid 5228] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5234] <... pwrite64 resumed>) = -1 EIO (Input/output error) [pid 5228] <... futex resumed>) = 1 [pid 5235] <... futex resumed>) = 0 [pid 5235] pwrite64(4, "\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65007, 65228 [pid 5234] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5229] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5229] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 65.495335][ T5234] syz-executor173: attempt to access beyond end of device [ 65.495335][ T5234] loop2: rw=2049, sector=2621792, nr_sectors = 8 limit=32768 [ 65.524279][ T5235] ERROR: (device loop1): dbAlloc: the hint is outside the map [ 65.524279][ T5235] [ 65.524466][ T114] blkno = 5002c, nblocks = 1 [ 65.538152][ T5235] ERROR: (device loop1): remounting filesystem as read-only [ 65.538796][ T113] blkno = 5002c, nblocks = 1 [ 65.546428][ T5235] syz-executor173: attempt to access beyond end of device [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5235] <... pwrite64 resumed>) = -1 EIO (Input/output error) [pid 5234] <... futex resumed>) = 1 [pid 5229] <... futex resumed>) = 0 [pid 5235] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5234] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 001 [pid 5235] <... futex resumed>) = 1 [pid 5234] <... openat resumed>) = -1 EROFS (Read-only file system) [pid 5228] <... futex resumed>) = 0 [pid 5235] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5234] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5234] <... futex resumed>) = 0 [pid 5228] <... futex resumed>) = 0 [pid 5235] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 001 [pid 5234] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5235] <... openat resumed>) = -1 EROFS (Read-only file system) [pid 5235] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5229] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] <... futex resumed>) = 1 [pid 5228] <... futex resumed>) = 0 [pid 5234] <... futex resumed>) = 0 [pid 5229] <... futex resumed>) = 1 [pid 5228] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] openat(AT_FDCWD, "./file1", O_RDONLY [pid 5234] openat(AT_FDCWD, "./file1", O_RDONLY [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5228] <... futex resumed>) = 0 [pid 5235] <... openat resumed>) = 5 [pid 5234] <... openat resumed>) = 5 [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5234] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5234] <... futex resumed>) = 0 [pid 5235] <... futex resumed>) = 1 [pid 5234] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5228] <... futex resumed>) = 0 [pid 5228] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] sendfile(-1, 5, NULL, 54802 [pid 5228] <... futex resumed>) = 0 [pid 5235] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 5228] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5235] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] <... futex resumed>) = 0 [pid 5228] exit_group(0) = ? [pid 5235] <... futex resumed>) = ? [ 65.546428][ T5235] loop1: rw=2049, sector=2621792, nr_sectors = 8 limit=32768 [ 65.551972][ T114] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map [ 65.551972][ T114] [ 65.565135][ T113] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 65.565135][ T113] [ 65.566399][ T113] blkno = 5002c, nblocks = 1 [ 65.591706][ T113] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map [ 65.591706][ T113] [pid 5229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5229] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5235] +++ exited with 0 +++ [pid 5234] <... futex resumed>) = 0 [pid 5229] <... futex resumed>) = 1 [pid 5228] +++ exited with 0 +++ [pid 5234] sendfile(-1, 5, NULL, 54802 [pid 5229] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5234] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 5223] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=29 /* 0.29 s */} --- [pid 5234] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5223] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5234] <... futex resumed>) = 1 [pid 5229] <... futex resumed>) = 0 [pid 5223] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5234] futex(0x7f7e3bcc76c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5229] exit_group(0 [pid 5223] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5234] <... futex resumed>) = ? [pid 5229] <... exit_group resumed>) = ? [pid 5223] <... openat resumed>) = 3 [pid 5234] +++ exited with 0 +++ [pid 5223] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5223] getdents64(3, 0x55557083e730 /* 4 entries */, 32768) = 112 [pid 5223] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5223] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5223] unlink("./0/binderfs") = 0 [pid 5223] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5229] +++ exited with 0 +++ [pid 5224] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=34 /* 0.34 s */} --- [pid 5224] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 65.603654][ T29] audit: type=1804 audit(1726309935.162:6): pid=5234 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor173" name="/root/syzkaller.03RHJk/0/file0/file1" dev="loop2" ino=4 res=1 errno=0 [ 65.626201][ T29] audit: type=1804 audit(1726309935.162:7): pid=5235 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor173" name="/root/syzkaller.iJnbWt/0/file0/file1" dev="loop1" ino=4 res=1 errno=0 [ 65.654586][ T113] blkno = 5002c, nblocks = 1 [pid 5224] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5224] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5224] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5224] getdents64(3, 0x55557083e730 /* 4 entries */, 32768) = 112 [pid 5224] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5224] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5224] unlink("./0/binderfs") = 0 [ 65.659231][ T113] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map [ 65.659231][ T113] [ 65.689200][ T113] blkno = 5002c, nblocks = 1 [ 65.694220][ T113] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 65.694220][ T113] [pid 5224] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5225] <... umount2 resumed>) = 0 [pid 5225] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5222] <... umount2 resumed>) = 0 [pid 5225] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5225] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5222] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5225] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5222] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5225] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5222] newfstatat(AT_FDCWD, "./0/file0", [pid 5225] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5222] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5222] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5225] newfstatat(4, "", [pid 5222] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5225] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5222] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5225] getdents64(4, 0x555570846770 /* 2 entries */, 32768) = 48 [pid 5222] <... openat resumed>) = 4 [pid 5225] getdents64(4, [pid 5222] newfstatat(4, "", [pid 5225] <... getdents64 resumed>0x555570846770 /* 0 entries */, 32768) = 0 [pid 5222] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5225] close(4) = 0 [pid 5222] getdents64(4, [pid 5225] rmdir("./0/file0" [pid 5222] <... getdents64 resumed>0x555570846770 /* 2 entries */, 32768) = 48 [pid 5222] getdents64(4, 0x555570846770 /* 0 entries */, 32768) = 0 [pid 5222] close(4) = 0 [pid 5225] <... rmdir resumed>) = 0 [pid 5222] rmdir("./0/file0" [pid 5225] getdents64(3, [pid 5222] <... rmdir resumed>) = 0 [pid 5225] <... getdents64 resumed>0x55557083e730 /* 0 entries */, 32768) = 0 [pid 5225] close(3) = 0 [pid 5225] rmdir("./0" [pid 5222] getdents64(3, 0x55557083e730 /* 0 entries */, 32768) = 0 [pid 5222] close(3) = 0 [pid 5225] <... rmdir resumed>) = 0 [pid 5225] mkdir("./1", 0777) = 0 [pid 5222] rmdir("./0" [pid 5225] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5223] <... umount2 resumed>) = 0 [pid 5222] <... rmdir resumed>) = 0 [pid 5225] <... openat resumed>) = 3 [pid 5223] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5225] ioctl(3, LOOP_CLR_FD [pid 5223] newfstatat(AT_FDCWD, "./0/file0", [pid 5225] <... ioctl resumed>) = 0 [pid 5223] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5222] mkdir("./1", 0777 [pid 5225] close(3 [pid 5223] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5223] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5223] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5223] getdents64(4, 0x555570846770 /* 2 entries */, 32768) = 48 [pid 5223] getdents64(4, [pid 5222] <... mkdir resumed>) = 0 [pid 5223] <... getdents64 resumed>0x555570846770 /* 0 entries */, 32768) = 0 [pid 5223] close(4) = 0 [pid 5223] rmdir("./0/file0") = 0 [pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5223] getdents64(3, 0x55557083e730 /* 0 entries */, 32768) = 0 [pid 5223] close(3 [pid 5222] <... openat resumed>) = 3 [pid 5223] <... close resumed>) = 0 [pid 5222] ioctl(3, LOOP_CLR_FD [pid 5223] rmdir("./0" [pid 5222] <... ioctl resumed>) = 0 [pid 5223] <... rmdir resumed>) = 0 [pid 5222] close(3 [pid 5223] mkdir("./1", 0777) = 0 [pid 5223] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5223] ioctl(3, LOOP_CLR_FD) = 0 [pid 5223] close(3 [pid 5224] <... umount2 resumed>) = 0 [pid 5224] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5224] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5224] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5224] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5224] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5224] getdents64(4, 0x555570846770 /* 2 entries */, 32768) = 48 [pid 5224] getdents64(4, 0x555570846770 /* 0 entries */, 32768) = 0 [pid 5224] close(4) = 0 [pid 5224] rmdir("./0/file0") = 0 [pid 5224] getdents64(3, 0x55557083e730 /* 0 entries */, 32768) = 0 [pid 5224] close(3) = 0 [pid 5224] rmdir("./0") = 0 [pid 5224] mkdir("./1", 0777) = 0 [pid 5224] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5224] ioctl(3, LOOP_CLR_FD) = 0 [pid 5224] close(3 [pid 5226] <... umount2 resumed>) = 0 [pid 5226] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5226] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5226] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5226] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5226] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5226] getdents64(4, 0x555570846770 /* 2 entries */, 32768) = 48 [pid 5226] getdents64(4, 0x555570846770 /* 0 entries */, 32768) = 0 [pid 5226] close(4) = 0 [pid 5226] rmdir("./0/file0") = 0 [pid 5226] getdents64(3, 0x55557083e730 /* 0 entries */, 32768) = 0 [pid 5226] close(3) = 0 [pid 5226] rmdir("./0") = 0 [pid 5226] mkdir("./1", 0777) = 0 [pid 5226] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5222] <... close resumed>) = 0 [pid 5226] <... openat resumed>) = 3 [pid 5222] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5226] ioctl(3, LOOP_CLR_FD) = 0 [pid 5226] close(3./strace-static-x86_64: Process 5244 attached [pid 5244] set_robust_list(0x55557083d6a0, 24) = 0 [pid 5244] chdir("./1") = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] write(1, "executing program\n", 18executing program ) = 18 [pid 5222] <... clone resumed>, child_tidptr=0x55557083d690) = 5244 [pid 5244] futex(0x7f7e3bcc76cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5244] rt_sigaction(SIGRT_1, {sa_handler=0x7f7e3bc60060, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7e3bc51210}, NULL, 8) = 0 [pid 5244] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5244] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f7e3bbcf000 [pid 5244] mprotect(0x7f7e3bbd0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5244] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5244] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7e3bbef990, parent_tid=0x7f7e3bbef990, exit_signal=0, stack=0x7f7e3bbcf000, stack_size=0x20300, tls=0x7f7e3bbef6c0} => {parent_tid=[5245]}, 88) = 5245 [pid 5244] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5244] futex(0x7f7e3bcc76c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5244] futex(0x7f7e3bcc76cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5245 attached [pid 5245] rseq(0x7f7e3bbeffe0, 0x20, 0, 0x53053053) = 0 [pid 5245] set_robust_list(0x7f7e3bbef9a0, 24) = 0 [pid 5245] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5245] memfd_create("syzkaller", 0) = 3 [pid 5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7e33600000 [pid 5225] <... close resumed>) = 0 [pid 5223] <... close resumed>) = 0 [pid 5225] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5223] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5225] <... clone resumed>, child_tidptr=0x55557083d690) = 5246 ./strace-static-x86_64: Process 5246 attached [pid 5246] set_robust_list(0x55557083d6a0, 24) = 0 [pid 5246] chdir("./1") = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] setpgid(0, 0) = 0 [pid 5223] <... clone resumed>, child_tidptr=0x55557083d690) = 5247 ./strace-static-x86_64: Process 5247 attached [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5247] set_robust_list(0x55557083d6a0, 24 [pid 5246] <... openat resumed>) = 3 [pid 5247] <... set_robust_list resumed>) = 0 [pid 5246] write(3, "1000", 4) = 4 [pid 5246] close(3 [pid 5247] chdir("./1") = 0 [pid 5246] <... close resumed>) = 0 [pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs" [pid 5247] setpgid(0, 0 [pid 5246] <... symlink resumed>) = 0 [pid 5247] <... setpgid resumed>) = 0 [pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC