./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor74261819 <...> Warning: Permanently added '10.128.1.189' (ED25519) to the list of known hosts. execve("./syz-executor74261819", ["./syz-executor74261819"], 0x7ffceea12fa0 /* 10 vars */) = 0 brk(NULL) = 0x55558e2af000 brk(0x55558e2afd00) = 0x55558e2afd00 arch_prctl(ARCH_SET_FS, 0x55558e2af380) = 0 set_tid_address(0x55558e2af650) = 5844 set_robust_list(0x55558e2af660, 24) = 0 rseq(0x55558e2afca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor74261819", 4096) = 26 getrandom("\xf0\x72\xf3\xcf\x6b\xd0\x8d\x07", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558e2afd00 brk(0x55558e2d0d00) = 0x55558e2d0d00 brk(0x55558e2d1000) = 0x55558e2d1000 mprotect(0x7fe0454a7000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdir("./syzkaller.z9VJFG", 0700) = 0 chmod("./syzkaller.z9VJFG", 0777) = 0 chdir("./syzkaller.z9VJFG") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5845 attached [pid 5845] set_robust_list(0x55558e2af660, 24 [pid 5844] <... clone resumed>, child_tidptr=0x55558e2af650) = 5845 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5845] chdir("./0") = 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5845] setpgid(0, 0) = 0 [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5845] write(3, "1000", 4) = 4 [pid 5845] close(3) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5845] write(1, "executing program\n", 18executing program ) = 18 [pid 5845] memfd_create("syzkaller", 0) = 3 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5845] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5845] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5845] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5845] close(3) = 0 [pid 5845] close(4) = 0 [pid 5845] mkdir("./bus", 0777) = 0 [ 73.112862][ T5845] loop0: detected capacity change from 0 to 512 [pid 5845] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5845] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5845] chdir("./bus") = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5845] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5845] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5845] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [ 73.169926][ T5845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.182705][ T5845] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/0/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5845] exit_group(0) = ? [pid 5845] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5845, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 73.335454][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached [pid 5850] set_robust_list(0x55558e2af660, 24 [pid 5844] <... clone resumed>, child_tidptr=0x55558e2af650) = 5850 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5850] chdir("./1") = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 [pid 5850] close(3) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5850] write(1, "executing program\n", 18) = 18 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5850] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] close(3) = 0 [pid 5850] close(4) = 0 [pid 5850] mkdir("./bus", 0777) = 0 [ 73.615845][ T5850] loop0: detected capacity change from 0 to 512 [pid 5850] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5850] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] chdir("./bus") = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5850] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5850] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5850] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5850] exit_group(0) = ? [pid 5850] +++ exited with 0 +++ [ 73.667041][ T5850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.679714][ T5850] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/1/bus supports timestamps until 2038-01-19 (0x7fffffff) --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/binderfs") = 0 umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5853 attached , child_tidptr=0x55558e2af650) = 5853 [pid 5853] set_robust_list(0x55558e2af660, 24) = 0 [pid 5853] chdir("./2") = 0 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5853] setpgid(0, 0) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5853] write(3, "1000", 4) = 4 [pid 5853] close(3) = 0 [pid 5853] symlink("/dev/binderfs", "./binderfs") = 0 [ 73.797791][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. executing program [pid 5853] write(1, "executing program\n", 18) = 18 [pid 5853] memfd_create("syzkaller", 0) = 3 [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5853] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5853] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5853] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5853] close(3) = 0 [pid 5853] close(4) = 0 [pid 5853] mkdir("./bus", 0777) = 0 [ 73.910248][ T5853] loop0: detected capacity change from 0 to 512 [pid 5853] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5853] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5853] chdir("./bus") = 0 [ 73.966736][ T5853] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.979404][ T5853] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/2/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5853] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5853] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5853] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5853] exit_group(0) = ? [pid 5853] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5853, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/binderfs") = 0 umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5856 attached , child_tidptr=0x55558e2af650) = 5856 [pid 5856] set_robust_list(0x55558e2af660, 24) = 0 [pid 5856] chdir("./3") = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5856] setpgid(0, 0) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5856] write(3, "1000", 4) = 4 [pid 5856] close(3) = 0 [pid 5856] symlink("/dev/binderfs", "./binderfs") = 0 [ 74.115702][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5856] write(1, "executing program\n", 18executing program ) = 18 [pid 5856] memfd_create("syzkaller", 0) = 3 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5856] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5856] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5856] close(3) = 0 [pid 5856] close(4) = 0 [pid 5856] mkdir("./bus", 0777) = 0 [ 74.207596][ T5856] loop0: detected capacity change from 0 to 512 [pid 5856] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5856] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5856] chdir("./bus") = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5856] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5856] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5856] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/binderfs") = 0 [ 74.246485][ T5856] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.259636][ T5856] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/3/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5859 attached , child_tidptr=0x55558e2af650) = 5859 [pid 5859] set_robust_list(0x55558e2af660, 24) = 0 [pid 5859] chdir("./4") = 0 [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5859] setpgid(0, 0) = 0 [ 74.327107][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5859] write(3, "1000", 4) = 4 [pid 5859] close(3) = 0 [pid 5859] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5859] write(1, "executing program\n", 18) = 18 [pid 5859] memfd_create("syzkaller", 0) = 3 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5859] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5859] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5859] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5859] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5859] close(3) = 0 [pid 5859] close(4) = 0 [pid 5859] mkdir("./bus", 0777) = 0 [ 74.476005][ T5859] loop0: detected capacity change from 0 to 512 [pid 5859] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5859] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5859] chdir("./bus") = 0 [pid 5859] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 74.516545][ T5859] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.529501][ T5859] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/4/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5859] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5859] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5859] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5859] exit_group(0) = ? [pid 5859] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5859, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/binderfs") = 0 umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 74.716529][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5862 attached , child_tidptr=0x55558e2af650) = 5862 [pid 5862] set_robust_list(0x55558e2af660, 24) = 0 [pid 5862] chdir("./5") = 0 [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5862] setpgid(0, 0) = 0 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5862] write(3, "1000", 4) = 4 [pid 5862] close(3) = 0 [pid 5862] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5862] write(1, "executing program\n", 18executing program ) = 18 [pid 5862] memfd_create("syzkaller", 0) = 3 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5862] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5862] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5862] close(3) = 0 [pid 5862] close(4) = 0 [pid 5862] mkdir("./bus", 0777) = 0 [ 74.991225][ T5862] loop0: detected capacity change from 0 to 512 [pid 5862] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5862] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5862] chdir("./bus") = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5862] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 75.046797][ T5862] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.059766][ T5862] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/5/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5862] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5862] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5862] exit_group(0) = ? [pid 5862] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/binderfs") = 0 umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5865 attached , child_tidptr=0x55558e2af650) = 5865 [pid 5865] set_robust_list(0x55558e2af660, 24) = 0 [pid 5865] chdir("./6") = 0 [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] setpgid(0, 0) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5865] write(3, "1000", 4) = 4 [pid 5865] close(3) = 0 [pid 5865] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5865] write(1, "executing program\n", 18executing program ) = 18 [pid 5865] memfd_create("syzkaller", 0) = 3 [ 75.123092][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5865] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5865] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5865] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5865] close(3) = 0 [pid 5865] close(4) = 0 [pid 5865] mkdir("./bus", 0777) = 0 [ 75.205044][ T5865] loop0: detected capacity change from 0 to 512 [pid 5865] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5865] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5865] chdir("./bus") = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5865] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 75.246438][ T5865] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.259084][ T5865] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/6/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5865] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5865] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5865] exit_group(0) = ? [pid 5865] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/binderfs") = 0 umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5868 attached , child_tidptr=0x55558e2af650) = 5868 [pid 5868] set_robust_list(0x55558e2af660, 24) = 0 [pid 5868] chdir("./7") = 0 [pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] setpgid(0, 0) = 0 [pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5868] write(3, "1000", 4) = 4 [pid 5868] close(3) = 0 [pid 5868] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5868] write(1, "executing program\n", 18) = 18 [ 75.440165][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5868] memfd_create("syzkaller", 0) = 3 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5868] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5868] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5868] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5868] close(3) = 0 [pid 5868] close(4) = 0 [pid 5868] mkdir("./bus", 0777) = 0 [ 75.528806][ T5868] loop0: detected capacity change from 0 to 512 [pid 5868] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5868] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] chdir("./bus") = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5868] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5868] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5868] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5868] exit_group(0) = ? [pid 5868] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5868, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 [ 75.576250][ T5868] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.589008][ T5868] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/7/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/binderfs") = 0 umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5871 attached , child_tidptr=0x55558e2af650) = 5871 [pid 5871] set_robust_list(0x55558e2af660, 24) = 0 [pid 5871] chdir("./8") = 0 [pid 5871] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5871] setpgid(0, 0) = 0 [pid 5871] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5871] write(3, "1000", 4) = 4 [pid 5871] close(3) = 0 [pid 5871] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5871] write(1, "executing program\n", 18executing program ) = 18 [pid 5871] memfd_create("syzkaller", 0) = 3 [ 75.713141][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5871] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5871] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5871] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5871] close(3) = 0 [pid 5871] close(4) = 0 [pid 5871] mkdir("./bus", 0777) = 0 [ 75.806200][ T5871] loop0: detected capacity change from 0 to 512 [pid 5871] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5871] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5871] chdir("./bus") = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 75.856438][ T5871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.869475][ T5871] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/8/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5871] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5871] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5871] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5871] exit_group(0) = ? [pid 5871] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5871, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/binderfs") = 0 umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5874 attached , child_tidptr=0x55558e2af650) = 5874 [pid 5874] set_robust_list(0x55558e2af660, 24) = 0 [pid 5874] chdir("./9") = 0 [pid 5874] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5874] setpgid(0, 0) = 0 [pid 5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5874] write(3, "1000", 4) = 4 [pid 5874] close(3) = 0 [pid 5874] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5874] write(1, "executing program\n", 18executing program ) = 18 [pid 5874] memfd_create("syzkaller", 0) = 3 [ 76.051238][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5874] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5874] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5874] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5874] close(3) = 0 [pid 5874] close(4) = 0 [pid 5874] mkdir("./bus", 0777) = 0 [ 76.136914][ T5874] loop0: detected capacity change from 0 to 512 [pid 5874] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5874] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5874] chdir("./bus") = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 76.196350][ T5874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.209593][ T5874] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/9/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5874] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5874] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5874] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5874] exit_group(0) = ? [pid 5874] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5874, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/binderfs") = 0 umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 76.396478][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5877 attached , child_tidptr=0x55558e2af650) = 5877 [pid 5877] set_robust_list(0x55558e2af660, 24) = 0 [pid 5877] chdir("./10") = 0 [pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5877] setpgid(0, 0) = 0 [pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5877] write(3, "1000", 4) = 4 [pid 5877] close(3) = 0 [pid 5877] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5877] write(1, "executing program\n", 18) = 18 [pid 5877] memfd_create("syzkaller", 0) = 3 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5877] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5877] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5877] close(3) = 0 [pid 5877] close(4) = 0 [pid 5877] mkdir("./bus", 0777) = 0 [ 76.695734][ T5877] loop0: detected capacity change from 0 to 512 [pid 5877] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5877] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5877] chdir("./bus") = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5877] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5877] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5877] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5877] exit_group(0) = ? [pid 5877] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/binderfs") = 0 [ 76.737100][ T5877] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.749860][ T5877] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/10/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5880 attached , child_tidptr=0x55558e2af650) = 5880 [pid 5880] set_robust_list(0x55558e2af660, 24) = 0 [pid 5880] chdir("./11") = 0 [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5880] setpgid(0, 0) = 0 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 76.797088][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5880] write(3, "1000", 4) = 4 [pid 5880] close(3) = 0 [pid 5880] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5880] write(1, "executing program\n", 18) = 18 [pid 5880] memfd_create("syzkaller", 0) = 3 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5880] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5880] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5880] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5880] close(3) = 0 [pid 5880] close(4) = 0 [pid 5880] mkdir("./bus", 0777) = 0 [ 76.926589][ T5880] loop0: detected capacity change from 0 to 512 [pid 5880] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5880] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5880] chdir("./bus") = 0 [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 76.986445][ T5880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.999564][ T5880] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/11/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5880] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5880] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5880] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5880] exit_group(0) = ? [pid 5880] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/binderfs") = 0 umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5883 attached [pid 5883] set_robust_list(0x55558e2af660, 24 [pid 5844] <... clone resumed>, child_tidptr=0x55558e2af650) = 5883 [pid 5883] <... set_robust_list resumed>) = 0 [pid 5883] chdir("./12") = 0 [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5883] setpgid(0, 0) = 0 [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5883] write(3, "1000", 4) = 4 [pid 5883] close(3) = 0 [pid 5883] symlink("/dev/binderfs", "./binderfs") = 0 [ 77.065764][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. executing program [pid 5883] write(1, "executing program\n", 18) = 18 [pid 5883] memfd_create("syzkaller", 0) = 3 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5883] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5883] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5883] close(3) = 0 [pid 5883] close(4) = 0 [pid 5883] mkdir("./bus", 0777) = 0 [ 77.161953][ T5883] loop0: detected capacity change from 0 to 512 [pid 5883] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5883] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5883] chdir("./bus") = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5883] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5883] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5883] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5883] exit_group(0) = ? [pid 5883] +++ exited with 0 +++ [ 77.216605][ T5883] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.229271][ T5883] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/12/bus supports timestamps until 2038-01-19 (0x7fffffff) --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/binderfs") = 0 umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 [ 77.394987][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. close(4) = 0 rmdir("./12/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5886 attached , child_tidptr=0x55558e2af650) = 5886 [pid 5886] set_robust_list(0x55558e2af660, 24) = 0 [pid 5886] chdir("./13") = 0 [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] setpgid(0, 0) = 0 [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5886] write(3, "1000", 4) = 4 [pid 5886] close(3) = 0 [pid 5886] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5886] write(1, "executing program\n", 18) = 18 [pid 5886] memfd_create("syzkaller", 0) = 3 [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5886] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5886] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5886] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5886] close(3) = 0 [pid 5886] close(4) = 0 [pid 5886] mkdir("./bus", 0777) = 0 [ 77.561386][ T5886] loop0: detected capacity change from 0 to 512 [pid 5886] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5886] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5886] chdir("./bus") = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5886] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 77.606637][ T5886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.619743][ T5886] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/13/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5886] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5886] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5886] exit_group(0) = ? [pid 5886] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/binderfs") = 0 umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5889 attached , child_tidptr=0x55558e2af650) = 5889 [pid 5889] set_robust_list(0x55558e2af660, 24) = 0 [pid 5889] chdir("./14") = 0 [pid 5889] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5889] setpgid(0, 0) = 0 [ 77.787829][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5889] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5889] write(3, "1000", 4) = 4 [pid 5889] close(3) = 0 [pid 5889] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5889] write(1, "executing program\n", 18executing program ) = 18 [pid 5889] memfd_create("syzkaller", 0) = 3 [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5889] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5889] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5889] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5889] close(3) = 0 [pid 5889] close(4) = 0 [pid 5889] mkdir("./bus", 0777) = 0 [ 77.873168][ T5889] loop0: detected capacity change from 0 to 512 [pid 5889] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5889] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5889] chdir("./bus") = 0 [pid 5889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5889] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5889] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5889] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5889] exit_group(0) = ? [pid 5889] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5889, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 77.937390][ T5889] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.950367][ T5889] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/14/bus supports timestamps until 2038-01-19 (0x7fffffff) newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/binderfs") = 0 umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5893 attached , child_tidptr=0x55558e2af650) = 5893 [pid 5893] set_robust_list(0x55558e2af660, 24) = 0 [pid 5893] chdir("./15") = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5893] setpgid(0, 0) = 0 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5893] write(3, "1000", 4) = 4 [pid 5893] close(3) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5893] write(1, "executing program\n", 18executing program ) = 18 [pid 5893] memfd_create("syzkaller", 0) = 3 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [ 78.007273][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5893] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5893] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5893] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5893] close(3) = 0 [pid 5893] close(4) = 0 [pid 5893] mkdir("./bus", 0777) = 0 [ 78.072404][ T5893] loop0: detected capacity change from 0 to 512 [pid 5893] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5893] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5893] chdir("./bus") = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 78.126468][ T5893] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.139513][ T5893] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/15/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5893] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5893] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5893] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5893] exit_group(0) = ? [pid 5893] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/binderfs") = 0 umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5896 attached , child_tidptr=0x55558e2af650) = 5896 [pid 5896] set_robust_list(0x55558e2af660, 24) = 0 [ 78.204663][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5896] chdir("./16") = 0 [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5896] setpgid(0, 0) = 0 [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5896] write(3, "1000", 4) = 4 [pid 5896] close(3) = 0 [pid 5896] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5896] write(1, "executing program\n", 18) = 18 [pid 5896] memfd_create("syzkaller", 0) = 3 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5896] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5896] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5896] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5896] close(3) = 0 [pid 5896] close(4) = 0 [pid 5896] mkdir("./bus", 0777) = 0 [ 78.328583][ T5896] loop0: detected capacity change from 0 to 512 [pid 5896] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5896] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5896] chdir("./bus") = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5896] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5896] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5896] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5896] exit_group(0) = ? [pid 5896] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 [ 78.376184][ T5896] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.389295][ T5896] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/16/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/binderfs") = 0 umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5899 attached , child_tidptr=0x55558e2af650) = 5899 [pid 5899] set_robust_list(0x55558e2af660, 24) = 0 [pid 5899] chdir("./17") = 0 [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5899] setpgid(0, 0) = 0 [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5899] write(3, "1000", 4) = 4 [ 78.445411][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5899] close(3) = 0 [pid 5899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5899] write(1, "executing program\n", 18executing program ) = 18 [pid 5899] memfd_create("syzkaller", 0) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5899] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5899] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5899] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5899] close(3) = 0 [pid 5899] close(4) = 0 [pid 5899] mkdir("./bus", 0777) = 0 [ 78.548086][ T5899] loop0: detected capacity change from 0 to 512 [pid 5899] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5899] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5899] chdir("./bus") = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5899] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5899] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5899] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [ 78.606994][ T5899] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.619850][ T5899] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/17/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5899] exit_group(0) = ? [pid 5899] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/binderfs") = 0 umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 [ 78.682144][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558e2af650) = 5902 ./strace-static-x86_64: Process 5902 attached [pid 5902] set_robust_list(0x55558e2af660, 24) = 0 [pid 5902] chdir("./18") = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5902] setpgid(0, 0) = 0 [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5902] write(3, "1000", 4) = 4 [pid 5902] close(3) = 0 [pid 5902] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5902] write(1, "executing program\n", 18executing program ) = 18 [pid 5902] memfd_create("syzkaller", 0) = 3 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5902] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5902] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5902] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5902] close(3) = 0 [pid 5902] close(4) = 0 [pid 5902] mkdir("./bus", 0777) = 0 [ 78.780498][ T5902] loop0: detected capacity change from 0 to 512 [ 78.817202][ T5902] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [pid 5902] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5902] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5902] chdir("./bus") = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5902] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5902] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5902] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5902] exit_group(0) = ? [pid 5902] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./18/binderfs") = 0 [ 78.829834][ T5902] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/18/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./18/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./18") = 0 mkdir("./19", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5905 attached [pid 5905] set_robust_list(0x55558e2af660, 24 [pid 5844] <... clone resumed>, child_tidptr=0x55558e2af650) = 5905 [pid 5905] <... set_robust_list resumed>) = 0 [pid 5905] chdir("./19") = 0 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5905] setpgid(0, 0) = 0 executing program [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5905] write(3, "1000", 4) = 4 [pid 5905] close(3) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5905] write(1, "executing program\n", 18) = 18 [pid 5905] memfd_create("syzkaller", 0) = 3 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5905] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [ 78.887946][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5905] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5905] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5905] close(3) = 0 [pid 5905] close(4) = 0 [pid 5905] mkdir("./bus", 0777) = 0 [ 78.951488][ T5905] loop0: detected capacity change from 0 to 512 [pid 5905] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5905] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5905] chdir("./bus") = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5905] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 79.006033][ T5905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.018737][ T5905] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/19/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5905] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5905] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5905] exit_group(0) = ? [pid 5905] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./19/binderfs") = 0 umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./19/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5908 attached , child_tidptr=0x55558e2af650) = 5908 [pid 5908] set_robust_list(0x55558e2af660, 24) = 0 [pid 5908] chdir("./20") = 0 [pid 5908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5908] setpgid(0, 0) = 0 [pid 5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5908] write(3, "1000", 4) = 4 [pid 5908] close(3) = 0 [pid 5908] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5908] write(1, "executing program\n", 18executing program ) = 18 [pid 5908] memfd_create("syzkaller", 0) = 3 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [ 79.161604][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5908] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5908] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5908] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5908] close(3) = 0 [pid 5908] close(4) = 0 [pid 5908] mkdir("./bus", 0777) = 0 [ 79.266822][ T5908] loop0: detected capacity change from 0 to 512 [pid 5908] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5908] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5908] chdir("./bus") = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5908] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 79.316296][ T5908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.329123][ T5908] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/20/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5908] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5908] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5908] exit_group(0) = ? [pid 5908] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5908, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./20/binderfs") = 0 umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./20/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 [ 79.491740][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. close(4) = 0 rmdir("./20/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 mkdir("./21", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5911 attached , child_tidptr=0x55558e2af650) = 5911 [pid 5911] set_robust_list(0x55558e2af660, 24) = 0 [pid 5911] chdir("./21") = 0 [pid 5911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5911] setpgid(0, 0) = 0 [pid 5911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5911] write(3, "1000", 4) = 4 [pid 5911] close(3) = 0 [pid 5911] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5911] write(1, "executing program\n", 18executing program ) = 18 [pid 5911] memfd_create("syzkaller", 0) = 3 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5911] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5911] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5911] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5911] close(3) = 0 [pid 5911] close(4) = 0 [pid 5911] mkdir("./bus", 0777) = 0 [ 79.736806][ T5911] loop0: detected capacity change from 0 to 512 [pid 5911] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5911] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5911] chdir("./bus") = 0 [pid 5911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 79.796813][ T5911] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.809464][ T5911] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/21/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5911] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5911] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5911] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5911] exit_group(0) = ? [pid 5911] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5911, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./21/binderfs") = 0 umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./21/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 [ 79.875530][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5914 attached , child_tidptr=0x55558e2af650) = 5914 [pid 5914] set_robust_list(0x55558e2af660, 24) = 0 [pid 5914] chdir("./22") = 0 [pid 5914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5914] setpgid(0, 0) = 0 [pid 5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5914] write(3, "1000", 4) = 4 [pid 5914] close(3) = 0 [pid 5914] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5914] write(1, "executing program\n", 18) = 18 [pid 5914] memfd_create("syzkaller", 0) = 3 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5914] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5914] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5914] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5914] close(3) = 0 [pid 5914] close(4) = 0 [pid 5914] mkdir("./bus", 0777) = 0 [ 80.074384][ T5914] loop0: detected capacity change from 0 to 512 [pid 5914] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5914] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5914] chdir("./bus") = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5914] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5914] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5914] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5914] exit_group(0) = ? [ 80.145179][ T5914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.157797][ T5914] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/22/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5914] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5914, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./22/binderfs") = 0 umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./22/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./22/bus") = 0 [ 80.251028][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558e2af650) = 5917 ./strace-static-x86_64: Process 5917 attached [pid 5917] set_robust_list(0x55558e2af660, 24) = 0 [pid 5917] chdir("./23") = 0 [pid 5917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5917] setpgid(0, 0) = 0 [pid 5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5917] write(3, "1000", 4) = 4 [pid 5917] close(3) = 0 [pid 5917] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5917] write(1, "executing program\n", 18) = 18 [pid 5917] memfd_create("syzkaller", 0) = 3 [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5917] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5917] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5917] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5917] close(3) = 0 [pid 5917] close(4) = 0 [pid 5917] mkdir("./bus", 0777) = 0 [ 80.456674][ T5917] loop0: detected capacity change from 0 to 512 [pid 5917] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5917] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5917] chdir("./bus") = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5917] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5917] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5917] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5917] exit_group(0) = ? [pid 5917] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5917, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 80.516353][ T5917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.529298][ T5917] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/23/bus supports timestamps until 2038-01-19 (0x7fffffff) newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./23/binderfs") = 0 umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./23/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./23") = 0 mkdir("./24", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558e2af650) = 5920 ./strace-static-x86_64: Process 5920 attached [pid 5920] set_robust_list(0x55558e2af660, 24) = 0 [pid 5920] chdir("./24") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 executing program [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5920] close(3) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5920] write(1, "executing program\n", 18) = 18 [pid 5920] memfd_create("syzkaller", 0) = 3 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [ 80.585393][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5920] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5920] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5920] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5920] close(3) = 0 [pid 5920] close(4) = 0 [pid 5920] mkdir("./bus", 0777) = 0 [ 80.670995][ T5920] loop0: detected capacity change from 0 to 512 [pid 5920] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5920] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5920] chdir("./bus") = 0 [ 80.726371][ T5920] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.739181][ T5920] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/24/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5920] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5920] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5920] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5920] exit_group(0) = ? [pid 5920] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./24/binderfs") = 0 umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./24/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 [ 80.921655][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5923 attached , child_tidptr=0x55558e2af650) = 5923 [pid 5923] set_robust_list(0x55558e2af660, 24) = 0 [pid 5923] chdir("./25") = 0 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5923] setpgid(0, 0) = 0 [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5923] write(3, "1000", 4) = 4 [pid 5923] close(3) = 0 [pid 5923] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5923] write(1, "executing program\n", 18executing program ) = 18 [pid 5923] memfd_create("syzkaller", 0) = 3 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5923] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5923] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5923] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5923] close(3) = 0 [pid 5923] close(4) = 0 [pid 5923] mkdir("./bus", 0777) = 0 [ 81.115755][ T5923] loop0: detected capacity change from 0 to 512 [pid 5923] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5923] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5923] chdir("./bus") = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 81.160137][ T5923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.173446][ T5923] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/25/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5923] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5923] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5923] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5923] exit_group(0) = ? [pid 5923] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./25/binderfs") = 0 umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 [ 81.345560][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./25/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./25") = 0 mkdir("./26", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558e2af650) = 5926 ./strace-static-x86_64: Process 5926 attached [pid 5926] set_robust_list(0x55558e2af660, 24) = 0 [pid 5926] chdir("./26") = 0 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5926] setpgid(0, 0) = 0 [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5926] write(3, "1000", 4) = 4 [pid 5926] close(3) = 0 [pid 5926] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5926] write(1, "executing program\n", 18executing program ) = 18 [pid 5926] memfd_create("syzkaller", 0) = 3 [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5926] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5926] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5926] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5926] close(3) = 0 [pid 5926] close(4) = 0 [pid 5926] mkdir("./bus", 0777) = 0 [ 81.551277][ T5926] loop0: detected capacity change from 0 to 512 [pid 5926] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5926] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5926] chdir("./bus") = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 81.616125][ T5926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.628808][ T5926] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/26/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5926] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5926] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5926] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5926] exit_group(0) = ? [pid 5926] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./26/binderfs") = 0 umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./26/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./26/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./26") = 0 mkdir("./27", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5929 attached , child_tidptr=0x55558e2af650) = 5929 [pid 5929] set_robust_list(0x55558e2af660, 24) = 0 [pid 5929] chdir("./27") = 0 [pid 5929] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5929] setpgid(0, 0) = 0 [pid 5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5929] write(3, "1000", 4) = 4 [pid 5929] close(3) = 0 [pid 5929] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5929] write(1, "executing program\n", 18executing program ) = 18 [pid 5929] memfd_create("syzkaller", 0) = 3 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5929] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [ 81.694514][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5929] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5929] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5929] close(3) = 0 [pid 5929] close(4) = 0 [pid 5929] mkdir("./bus", 0777) = 0 [ 81.764421][ T5929] loop0: detected capacity change from 0 to 512 [pid 5929] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5929] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [ 81.826629][ T5929] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.839863][ T5929] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/27/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5929] chdir("./bus") = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5929] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5929] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5929] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5929] exit_group(0) = ? [pid 5929] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5929, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./27/binderfs") = 0 umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./27/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./27/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./27") = 0 mkdir("./28", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5932 attached , child_tidptr=0x55558e2af650) = 5932 [pid 5932] set_robust_list(0x55558e2af660, 24) = 0 [pid 5932] chdir("./28") = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5932] setpgid(0, 0) = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5932] write(3, "1000", 4) = 4 [pid 5932] close(3) = 0 [pid 5932] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5932] write(1, "executing program\n", 18) = 18 [pid 5932] memfd_create("syzkaller", 0) = 3 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [ 81.926130][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5932] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5932] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5932] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5932] close(3) = 0 [pid 5932] close(4) = 0 [pid 5932] mkdir("./bus", 0777) = 0 [ 82.005058][ T5932] loop0: detected capacity change from 0 to 512 [pid 5932] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5932] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5932] chdir("./bus") = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5932] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5932] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5932] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5932] exit_group(0) = ? [pid 5932] +++ exited with 0 +++ [ 82.046350][ T5932] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.059010][ T5932] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/28/bus supports timestamps until 2038-01-19 (0x7fffffff) --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./28/binderfs") = 0 umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./28/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./28/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./28") = 0 mkdir("./29", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5935 attached [pid 5935] set_robust_list(0x55558e2af660, 24 [pid 5844] <... clone resumed>, child_tidptr=0x55558e2af650) = 5935 [pid 5935] <... set_robust_list resumed>) = 0 [ 82.189059][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5935] chdir("./29") = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5935] setpgid(0, 0) = 0 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5935] write(3, "1000", 4) = 4 [pid 5935] close(3) = 0 [pid 5935] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5935] write(1, "executing program\n", 18) = 18 [pid 5935] memfd_create("syzkaller", 0) = 3 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5935] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5935] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5935] close(3) = 0 [pid 5935] close(4) = 0 [pid 5935] mkdir("./bus", 0777) = 0 [ 82.358189][ T5935] loop0: detected capacity change from 0 to 512 [pid 5935] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5935] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5935] chdir("./bus") = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 82.426851][ T5935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.439762][ T5935] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/29/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5935] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5935] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5935] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5935] exit_group(0) = ? [pid 5935] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./29/binderfs") = 0 umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./29/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./29/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./29") = 0 mkdir("./30", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5938 attached , child_tidptr=0x55558e2af650) = 5938 [pid 5938] set_robust_list(0x55558e2af660, 24) = 0 [pid 5938] chdir("./30") = 0 [pid 5938] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5938] setpgid(0, 0) = 0 [pid 5938] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5938] write(3, "1000", 4) = 4 [pid 5938] close(3) = 0 [pid 5938] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5938] write(1, "executing program\n", 18) = 18 [pid 5938] memfd_create("syzkaller", 0) = 3 [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [ 82.635314][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5938] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5938] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5938] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5938] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5938] close(3) = 0 [pid 5938] close(4) = 0 [pid 5938] mkdir("./bus", 0777) = 0 [ 82.702444][ T5938] loop0: detected capacity change from 0 to 512 [pid 5938] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5938] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5938] chdir("./bus") = 0 [pid 5938] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 82.756788][ T5938] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.769511][ T5938] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/30/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5938] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5938] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5938] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5938] exit_group(0) = ? [pid 5938] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5938, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./30/binderfs") = 0 umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./30/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./30/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./30") = 0 mkdir("./31", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5941 attached , child_tidptr=0x55558e2af650) = 5941 [pid 5941] set_robust_list(0x55558e2af660, 24) = 0 [pid 5941] chdir("./31") = 0 [pid 5941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5941] setpgid(0, 0) = 0 [pid 5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5941] write(3, "1000", 4) = 4 [pid 5941] close(3) = 0 [pid 5941] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5941] write(1, "executing program\n", 18) = 18 [pid 5941] memfd_create("syzkaller", 0) = 3 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5941] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5941] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5941] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 82.936274][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5941] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5941] close(3) = 0 [pid 5941] close(4) = 0 [pid 5941] mkdir("./bus", 0777) = 0 [ 82.993087][ T5941] loop0: detected capacity change from 0 to 512 [pid 5941] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5941] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5941] chdir("./bus") = 0 [pid 5941] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5941] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5941] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5941] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5941] exit_group(0) = ? [pid 5941] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [ 83.056944][ T5941] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.069814][ T5941] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/31/bus supports timestamps until 2038-01-19 (0x7fffffff) restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./31/binderfs") = 0 umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./31/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./31/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./31") = 0 mkdir("./32", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5944 attached , child_tidptr=0x55558e2af650) = 5944 [pid 5944] set_robust_list(0x55558e2af660, 24) = 0 [pid 5944] chdir("./32") = 0 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5944] setpgid(0, 0) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5944] write(3, "1000", 4) = 4 [pid 5944] close(3) = 0 [pid 5944] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5944] write(1, "executing program\n", 18) = 18 [pid 5944] memfd_create("syzkaller", 0) = 3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5944] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5944] munmap(0x7fe03ce00000, 138412032) = 0 [ 83.214054][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5944] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5944] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5944] close(3) = 0 [pid 5944] close(4) = 0 [pid 5944] mkdir("./bus", 0777) = 0 [ 83.276696][ T5944] loop0: detected capacity change from 0 to 512 [pid 5944] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5944] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5944] chdir("./bus") = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5944] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5944] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5944] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5944] exit_group(0) = ? [ 83.327112][ T5944] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/32/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5944] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./32/binderfs") = 0 umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./32/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./32/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./32") = 0 mkdir("./33", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5947 attached , child_tidptr=0x55558e2af650) = 5947 [pid 5947] set_robust_list(0x55558e2af660, 24) = 0 [pid 5947] chdir("./33") = 0 [pid 5947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5947] setpgid(0, 0) = 0 [pid 5947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5947] write(3, "1000", 4) = 4 [pid 5947] close(3) = 0 [pid 5947] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5947] write(1, "executing program\n", 18executing program ) = 18 [pid 5947] memfd_create("syzkaller", 0) = 3 [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5947] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5947] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5947] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5947] close(3) = 0 [pid 5947] close(4) = 0 [pid 5947] mkdir("./bus", 0777) = 0 [pid 5947] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5947] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5947] chdir("./bus") = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5947] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5947] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5947] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5947] exit_group(0) = ? [pid 5947] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5947, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [ 83.560006][ T5947] loop0: detected capacity change from 0 to 512 [ 83.596326][ T5947] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/33/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./33/binderfs") = 0 umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./33/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./33/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./33") = 0 mkdir("./34", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5950 attached , child_tidptr=0x55558e2af650) = 5950 [pid 5950] set_robust_list(0x55558e2af660, 24) = 0 [pid 5950] chdir("./34") = 0 [pid 5950] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5950] setpgid(0, 0) = 0 [pid 5950] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5950] write(3, "1000", 4) = 4 [pid 5950] close(3) = 0 [pid 5950] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5950] write(1, "executing program\n", 18) = 18 [pid 5950] memfd_create("syzkaller", 0) = 3 [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5950] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5950] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5950] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5950] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5950] close(3) = 0 [pid 5950] close(4) = 0 [pid 5950] mkdir("./bus", 0777) = 0 [ 83.857960][ T5950] loop0: detected capacity change from 0 to 512 [pid 5950] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5950] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5950] chdir("./bus") = 0 [pid 5950] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5950] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5950] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5950] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5950] exit_group(0) = ? [pid 5950] +++ exited with 0 +++ [ 83.916437][ T5950] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/34/bus supports timestamps until 2038-01-19 (0x7fffffff) --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5950, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./34/binderfs") = 0 umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./34/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./34/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./34") = 0 mkdir("./35", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558e2af650) = 5953 ./strace-static-x86_64: Process 5953 attached [pid 5953] set_robust_list(0x55558e2af660, 24) = 0 [pid 5953] chdir("./35") = 0 [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5953] setpgid(0, 0) = 0 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5953] write(3, "1000", 4) = 4 [pid 5953] close(3) = 0 [pid 5953] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5953] write(1, "executing program\n", 18) = 18 [pid 5953] memfd_create("syzkaller", 0) = 3 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5953] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5953] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5953] close(3) = 0 [pid 5953] close(4) = 0 [pid 5953] mkdir("./bus", 0777) = 0 [ 84.180667][ T5953] loop0: detected capacity change from 0 to 512 [pid 5953] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5953] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5953] chdir("./bus") = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5953] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5953] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5953] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5953] exit_group(0) = ? [pid 5953] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 84.247396][ T5953] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/35/bus supports timestamps until 2038-01-19 (0x7fffffff) openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./35/binderfs") = 0 umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./35/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./35/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./35") = 0 mkdir("./36", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5957 attached , child_tidptr=0x55558e2af650) = 5957 [pid 5957] set_robust_list(0x55558e2af660, 24) = 0 [pid 5957] chdir("./36") = 0 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5957] setpgid(0, 0) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5957] write(3, "1000", 4) = 4 [pid 5957] close(3) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5957] write(1, "executing program\n", 18) = 18 [pid 5957] memfd_create("syzkaller", 0) = 3 [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5957] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5957] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5957] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5957] close(3) = 0 [pid 5957] close(4) = 0 [pid 5957] mkdir("./bus", 0777) = 0 [ 84.473168][ T5957] loop0: detected capacity change from 0 to 512 [pid 5957] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5957] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5957] chdir("./bus") = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5957] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5957] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5957] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5957] exit_group(0) = ? [ 84.526797][ T5957] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/36/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5957] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./36/binderfs") = 0 umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./36/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./36/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./36") = 0 mkdir("./37", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5960 attached [pid 5960] set_robust_list(0x55558e2af660, 24) = 0 [pid 5844] <... clone resumed>, child_tidptr=0x55558e2af650) = 5960 [pid 5960] chdir("./37") = 0 [pid 5960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5960] setpgid(0, 0) = 0 [pid 5960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5960] write(3, "1000", 4) = 4 [pid 5960] close(3) = 0 [pid 5960] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5960] write(1, "executing program\n", 18) = 18 [pid 5960] memfd_create("syzkaller", 0) = 3 [pid 5960] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5960] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5960] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5960] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5960] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5960] close(3) = 0 [pid 5960] close(4) = 0 [pid 5960] mkdir("./bus", 0777) = 0 [ 84.766078][ T5960] loop0: detected capacity change from 0 to 512 [pid 5960] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5960] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5960] chdir("./bus") = 0 [pid 5960] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5960] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5960] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5960] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5960] exit_group(0) = ? [pid 5960] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5960, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 84.806669][ T5960] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/37/bus supports timestamps until 2038-01-19 (0x7fffffff) unlink("./37/binderfs") = 0 umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./37/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./37/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./37") = 0 mkdir("./38", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5963 attached , child_tidptr=0x55558e2af650) = 5963 [pid 5963] set_robust_list(0x55558e2af660, 24) = 0 [pid 5963] chdir("./38") = 0 [pid 5963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5963] setpgid(0, 0) = 0 [pid 5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5963] write(3, "1000", 4) = 4 [pid 5963] close(3) = 0 [pid 5963] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5963] write(1, "executing program\n", 18executing program ) = 18 [pid 5963] memfd_create("syzkaller", 0) = 3 [pid 5963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5963] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5963] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5963] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5963] close(3) = 0 [pid 5963] close(4) = 0 [pid 5963] mkdir("./bus", 0777) = 0 [pid 5963] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5963] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5963] chdir("./bus") = 0 [pid 5963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5963] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5963] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5963] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5963] exit_group(0) = ? [pid 5963] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5963, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [ 84.935330][ T5963] loop0: detected capacity change from 0 to 512 [ 84.968702][ T5963] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/38/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./38/binderfs") = 0 umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./38/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./38/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./38") = 0 mkdir("./39", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5966 attached , child_tidptr=0x55558e2af650) = 5966 [pid 5966] set_robust_list(0x55558e2af660, 24) = 0 [pid 5966] chdir("./39") = 0 [pid 5966] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5966] setpgid(0, 0) = 0 [pid 5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5966] write(3, "1000", 4) = 4 [pid 5966] close(3) = 0 [pid 5966] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5966] write(1, "executing program\n", 18executing program ) = 18 [pid 5966] memfd_create("syzkaller", 0) = 3 [pid 5966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5966] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5966] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5966] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5966] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5966] close(3) = 0 [pid 5966] close(4) = 0 [pid 5966] mkdir("./bus", 0777) = 0 [ 85.185431][ T5966] loop0: detected capacity change from 0 to 512 [pid 5966] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5966] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5966] chdir("./bus") = 0 [pid 5966] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5966] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5966] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5966] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5966] exit_group(0) = ? [pid 5966] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5966, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 [ 85.246516][ T5966] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/39/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./39/binderfs") = 0 umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./39/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./39/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./39") = 0 mkdir("./40", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5969 attached , child_tidptr=0x55558e2af650) = 5969 [pid 5969] set_robust_list(0x55558e2af660, 24) = 0 [pid 5969] chdir("./40") = 0 [pid 5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5969] setpgid(0, 0) = 0 [pid 5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5969] write(3, "1000", 4) = 4 [pid 5969] close(3) = 0 [pid 5969] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5969] write(1, "executing program\n", 18) = 18 [pid 5969] memfd_create("syzkaller", 0) = 3 [pid 5969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5969] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5969] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5969] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5969] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5969] close(3) = 0 [pid 5969] close(4) = 0 [pid 5969] mkdir("./bus", 0777) = 0 [ 85.377520][ T5969] loop0: detected capacity change from 0 to 512 [pid 5969] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5969] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5969] chdir("./bus") = 0 [pid 5969] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5969] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5969] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5969] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5969] exit_group(0) = ? [pid 5969] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5969, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 85.418258][ T5969] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/40/bus supports timestamps until 2038-01-19 (0x7fffffff) openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./40/binderfs") = 0 umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./40/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./40/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./40") = 0 mkdir("./41", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5972 attached , child_tidptr=0x55558e2af650) = 5972 [pid 5972] set_robust_list(0x55558e2af660, 24) = 0 [pid 5972] chdir("./41") = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5972] setpgid(0, 0) = 0 [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5972] write(3, "1000", 4) = 4 [pid 5972] close(3) = 0 [pid 5972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5972] write(1, "executing program\n", 18executing program ) = 18 [pid 5972] memfd_create("syzkaller", 0) = 3 [pid 5972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5972] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5972] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5972] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5972] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5972] close(3) = 0 [pid 5972] close(4) = 0 [pid 5972] mkdir("./bus", 0777) = 0 [ 85.710671][ T5972] loop0: detected capacity change from 0 to 512 [pid 5972] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5972] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5972] chdir("./bus") = 0 [pid 5972] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5972] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5972] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5972] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5972] exit_group(0) = ? [pid 5972] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 85.756871][ T5972] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/41/bus supports timestamps until 2038-01-19 (0x7fffffff) newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./41/binderfs") = 0 umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./41/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./41/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./41") = 0 mkdir("./42", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5976 attached , child_tidptr=0x55558e2af650) = 5976 [pid 5976] set_robust_list(0x55558e2af660, 24) = 0 [pid 5976] chdir("./42") = 0 [pid 5976] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5976] setpgid(0, 0) = 0 [pid 5976] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5976] write(3, "1000", 4) = 4 [pid 5976] close(3) = 0 [pid 5976] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5976] write(1, "executing program\n", 18) = 18 [pid 5976] memfd_create("syzkaller", 0) = 3 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5976] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5976] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5976] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5976] close(3) = 0 [pid 5976] close(4) = 0 [pid 5976] mkdir("./bus", 0777) = 0 [ 85.925563][ T5976] loop0: detected capacity change from 0 to 512 [pid 5976] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5976] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5976] chdir("./bus") = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5976] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 85.976791][ T5976] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/42/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5976] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5976] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5976] exit_group(0) = ? [pid 5976] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5976, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./42/binderfs") = 0 umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./42/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./42/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./42") = 0 mkdir("./43", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5979 attached , child_tidptr=0x55558e2af650) = 5979 [pid 5979] set_robust_list(0x55558e2af660, 24) = 0 [pid 5979] chdir("./43") = 0 [pid 5979] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5979] setpgid(0, 0) = 0 [pid 5979] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5979] write(3, "1000", 4) = 4 [pid 5979] close(3) = 0 [pid 5979] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5979] write(1, "executing program\n", 18executing program ) = 18 [pid 5979] memfd_create("syzkaller", 0) = 3 [pid 5979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5979] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5979] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5979] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5979] close(3) = 0 [pid 5979] close(4) = 0 [pid 5979] mkdir("./bus", 0777) = 0 [ 86.243416][ T5979] loop0: detected capacity change from 0 to 512 [ 86.254236][ T967] cfg80211: failed to load regulatory.db [pid 5979] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5979] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5979] chdir("./bus") = 0 [pid 5979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5979] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5979] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5979] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5979] exit_group(0) = ? [pid 5979] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5979, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [ 86.296761][ T5979] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/43/bus supports timestamps until 2038-01-19 (0x7fffffff) restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./43/binderfs") = 0 umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./43/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./43/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./43") = 0 mkdir("./44", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5983 attached , child_tidptr=0x55558e2af650) = 5983 [pid 5983] set_robust_list(0x55558e2af660, 24) = 0 [pid 5983] chdir("./44") = 0 [pid 5983] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5983] setpgid(0, 0) = 0 [pid 5983] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5983] write(3, "1000", 4) = 4 [pid 5983] close(3) = 0 [pid 5983] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5983] write(1, "executing program\n", 18) = 18 [pid 5983] memfd_create("syzkaller", 0) = 3 [pid 5983] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5983] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5983] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5983] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5983] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5983] close(3) = 0 [pid 5983] close(4) = 0 [pid 5983] mkdir("./bus", 0777) = 0 [ 86.527212][ T5983] loop0: detected capacity change from 0 to 512 [pid 5983] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5983] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5983] chdir("./bus") = 0 [pid 5983] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5983] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5983] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5983] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5983] exit_group(0) = ? [pid 5983] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5983, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 86.576728][ T5983] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/44/bus supports timestamps until 2038-01-19 (0x7fffffff) unlink("./44/binderfs") = 0 umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./44/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./44/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./44") = 0 mkdir("./45", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558e2af650) = 5986 ./strace-static-x86_64: Process 5986 attached [pid 5986] set_robust_list(0x55558e2af660, 24) = 0 [pid 5986] chdir("./45") = 0 [pid 5986] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5986] setpgid(0, 0) = 0 [pid 5986] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5986] write(3, "1000", 4) = 4 [pid 5986] close(3) = 0 [pid 5986] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5986] write(1, "executing program\n", 18) = 18 [pid 5986] memfd_create("syzkaller", 0) = 3 [pid 5986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5986] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5986] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5986] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5986] close(3) = 0 [pid 5986] close(4) = 0 [pid 5986] mkdir("./bus", 0777) = 0 [ 86.806733][ T5986] loop0: detected capacity change from 0 to 512 [pid 5986] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5986] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5986] chdir("./bus") = 0 [pid 5986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5986] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5986] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5986] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5986] exit_group(0) = ? [pid 5986] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5986, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./45/binderfs") = 0 [ 86.866866][ T5986] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/45/bus supports timestamps until 2038-01-19 (0x7fffffff) umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./45/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./45/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./45") = 0 mkdir("./46", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5989 attached , child_tidptr=0x55558e2af650) = 5989 [pid 5989] set_robust_list(0x55558e2af660, 24) = 0 [pid 5989] chdir("./46") = 0 [pid 5989] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5989] setpgid(0, 0) = 0 [pid 5989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5989] write(3, "1000", 4) = 4 [pid 5989] close(3) = 0 [pid 5989] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5989] write(1, "executing program\n", 18) = 18 [pid 5989] memfd_create("syzkaller", 0) = 3 [pid 5989] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5989] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5989] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5989] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5989] close(3) = 0 [pid 5989] close(4) = 0 [pid 5989] mkdir("./bus", 0777) = 0 [ 87.044345][ T5989] loop0: detected capacity change from 0 to 512 [pid 5989] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5989] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5989] chdir("./bus") = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5989] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5989] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5989] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5989] exit_group(0) = ? [pid 5989] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5989, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./46/binderfs") = 0 umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./46/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./46/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./46") = 0 [ 87.096535][ T5989] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/46/bus supports timestamps until 2038-01-19 (0x7fffffff) mkdir("./47", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5992 attached , child_tidptr=0x55558e2af650) = 5992 [pid 5992] set_robust_list(0x55558e2af660, 24) = 0 [pid 5992] chdir("./47") = 0 [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5992] setpgid(0, 0) = 0 [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5992] write(3, "1000", 4) = 4 [pid 5992] close(3) = 0 [pid 5992] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5992] write(1, "executing program\n", 18) = 18 [pid 5992] memfd_create("syzkaller", 0) = 3 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5992] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5992] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5992] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5992] close(3) = 0 [pid 5992] close(4) = 0 [pid 5992] mkdir("./bus", 0777) = 0 [ 87.227610][ T5992] loop0: detected capacity change from 0 to 512 [pid 5992] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5992] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5992] chdir("./bus") = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5992] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5992] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [pid 5992] ioctl(4, _IOC(_IOC_NONE, 0x66, 0x11, 0), 0) = 0 [pid 5992] exit_group(0) = ? [pid 5992] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5992, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 87.276372][ T5992] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/47/bus supports timestamps until 2038-01-19 (0x7fffffff) openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55558e2b06f0 /* 4 entries */, 32768) = 104 umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./47/binderfs") = 0 umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./47/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x55558e2b8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x55558e2b8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./47/bus") = 0 getdents64(3, 0x55558e2b06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./47") = 0 mkdir("./48", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5995 attached , child_tidptr=0x55558e2af650) = 5995 [pid 5995] set_robust_list(0x55558e2af660, 24) = 0 [pid 5995] chdir("./48") = 0 [pid 5995] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5995] setpgid(0, 0) = 0 [pid 5995] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5995] write(3, "1000", 4) = 4 [pid 5995] close(3) = 0 [pid 5995] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5995] write(1, "executing program\n", 18) = 18 [pid 5995] memfd_create("syzkaller", 0) = 3 [pid 5995] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe03ce00000 [pid 5995] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5995] munmap(0x7fe03ce00000, 138412032) = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5995] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5995] close(3) = 0 [pid 5995] close(4) = 0 [pid 5995] mkdir("./bus", 0777) = 0 [ 87.490048][ T5995] loop0: detected capacity change from 0 to 512 [pid 5995] mount("/dev/loop0", "./bus", "ext4", 0, ",errors=continue") = 0 [pid 5995] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5995] chdir("./bus") = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5995] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5995] fsetxattr(4, "security.selinux", "\x00\x00\x6f\x3b\xc8\xdd\x31\xa4\x6c\x42\x26\xa9\xb6\x06\x06\x99\x09\xf5\x10\x17\x27\xca\x56\xab\x5c\x72\x77\x39\x2b\xba\x09\x6c\x7c\xde\x93\xea\x95\x41\x7d\x89\x82\x8c\x0a\x3c\x61\xa2\x7b\x6a\x0a\x7a\x3d\x3e\x4e\x97\xbf\xab\xa4\x5f\xc2\x17\xe7\x2b\xc5\xfe\x16\x2d\xdd\xa7\x00\xfe\xa0\xa2\xbd\x55\x77\x01\x80\x92\xea\x15\xc2\x6f\x70\x67\xee\xbd\x09\xba\x9d\x98\x98\x33\xfd\x0b\xc1\xbd\x1e\xd5\x68\xc3"..., 4097, 0) = 0 [ 87.536296][ T5995] ext4 filesystem being mounted at /root/syzkaller.z9VJFG/48/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.556383][ T5995] ------------[ cut here ]------------ [ 87.561850][ T5995] Looking for class "&ei->i_data_sem" with key init_once.__key.799, but found a different class "&ei->i_data_sem" with the same key [ 87.575471][ T5995] WARNING: CPU: 1 PID: 5995 at kernel/locking/lockdep.c:939 look_up_lock_class+0xdc/0x170 [ 87.585374][ T5995] Modules linked in: [ 87.589262][ T5995] CPU: 1 UID: 0 PID: 5995 Comm: syz-executor742 Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0 [ 87.600367][ T5995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 87.610418][ T5995] RIP: 0010:look_up_lock_class+0xdc/0x170 [ 87.616146][ T5995] Code: 01 0f 85 8a 00 00 00 c6 05 aa d1 3f 04 01 90 49 8b 16 49 8b 76 18 48 8b 8b b8 00 00 00 48 c7 c7 c0 eb 0a 8c e8 e5 e2 8e f5 90 <0f> 0b 90 90 eb 61 90 e8 88 a4 f2 f8 e8 53 20 ae f5 48 c7 c7 00 eb [ 87.635758][ T5995] RSP: 0018:ffffc90003d374f0 EFLAGS: 00010046 [ 87.641834][ T5995] RAX: 9f93747983e9e100 RBX: ffffffff93c92990 RCX: ffff888028425a00 [ 87.649820][ T5995] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.657786][ T5995] RBP: ffffc90003d37600 R08: ffffffff8155d292 R09: 1ffff110170e519a [ 87.665759][ T5995] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff88807839c7e0 [ 87.673765][ T5995] R13: ffff88807839c7e0 R14: ffff88807839c7e0 R15: ffffffff9a5053a1 [ 87.681737][ T5995] FS: 000055558e2af380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 87.690666][ T5995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.697258][ T5995] CR2: 0000000020001000 CR3: 0000000076e04000 CR4: 0000000000350ef0 [ 87.705235][ T5995] Call Trace: [ 87.708504][ T5995] [ 87.711444][ T5995] ? __warn+0x168/0x4e0 [ 87.715625][ T5995] ? look_up_lock_class+0xdc/0x170 [ 87.720763][ T5995] ? report_bug+0x2b3/0x500 [ 87.725267][ T5995] ? look_up_lock_class+0xdc/0x170 [ 87.730378][ T5995] ? handle_bug+0x60/0x90 [ 87.734707][ T5995] ? exc_invalid_op+0x1a/0x50 [ 87.739388][ T5995] ? asm_exc_invalid_op+0x1a/0x20 [ 87.744417][ T5995] ? __warn_printk+0x292/0x360 [ 87.749197][ T5995] ? look_up_lock_class+0xdc/0x170 [ 87.754308][ T5995] register_lock_class+0x102/0x980 [ 87.759431][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.765066][ T5995] ? __asan_memset+0x23/0x50 [ 87.769660][ T5995] ? __pfx_register_lock_class+0x10/0x10 [ 87.775294][ T5995] ? truncate_inode_pages_range+0x51f/0xfc0 [ 87.781187][ T5995] ? __pfx_register_lock_class+0x10/0x10 [ 87.786826][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.792462][ T5995] __lock_acquire+0xf0/0x2050 [ 87.797157][ T5995] lock_acquire+0x1ed/0x550 [ 87.801668][ T5995] ? ext4_ioctl+0x4124/0x5590 [ 87.806367][ T5995] ? __pfx_lock_acquire+0x10/0x10 [ 87.811394][ T5995] ? __pfx___might_resched+0x10/0x10 [ 87.816682][ T5995] ? __pfx___might_resched+0x10/0x10 [ 87.821974][ T5995] ? __pfx___might_resched+0x10/0x10 [ 87.827271][ T5995] down_write_nested+0xa2/0x220 [ 87.832126][ T5995] ? ext4_ioctl+0x4124/0x5590 [ 87.836816][ T5995] ? __pfx_down_write_nested+0x10/0x10 [ 87.842297][ T5995] ? ext4_journal_check_start+0x175/0x250 [ 87.848026][ T5995] ? __ext4_journal_start_sb+0x290/0x600 [ 87.853672][ T5995] ext4_ioctl+0x4124/0x5590 [ 87.858195][ T5995] ? do_syscall_64+0xf3/0x230 [ 87.862879][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.868516][ T5995] ? do_vfs_ioctl+0x1e68/0x2e40 [ 87.873369][ T5995] ? __pfx_ext4_ioctl+0x10/0x10 [ 87.878228][ T5995] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 87.883252][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.888890][ T5995] ? mark_lock+0x9a/0x360 [ 87.893224][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.898864][ T5995] ? tomoyo_path_number_perm+0x208/0x880 [ 87.904498][ T5995] ? __pfx_lock_release+0x10/0x10 [ 87.909529][ T5995] ? lockdep_hardirqs_on+0x99/0x150 [ 87.914902][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.920553][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.926392][ T5995] ? kfree+0x1a0/0x440 [ 87.930471][ T5995] ? tomoyo_path_number_perm+0x68d/0x880 [ 87.936112][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.941755][ T5995] ? tomoyo_path_number_perm+0x71a/0x880 [ 87.947399][ T5995] ? tomoyo_path_number_perm+0x208/0x880 [ 87.953076][ T5995] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 87.959095][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.964881][ T5995] ? __pfx_ptrace_notify+0x10/0x10 [ 87.970024][ T5995] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 87.976374][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 87.982020][ T5995] ? __pfx_ext4_ioctl+0x10/0x10 [ 87.986885][ T5995] __se_sys_ioctl+0xfb/0x170 [ 87.991488][ T5995] do_syscall_64+0xf3/0x230 [ 87.996002][ T5995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.001908][ T5995] RIP: 0033:0x7fe0454331a9 [ 88.006322][ T5995] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 88.026048][ T5995] RSP: 002b:00007fff8ba82fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.034468][ T5995] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe0454331a9 [ 88.042446][ T5995] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004 [ 88.050421][ T5995] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 88.058430][ T5995] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff8ba82ff0 [ 88.066400][ T5995] R13: 00007fff8ba83030 R14: 0000000000040000 R15: 0000000000000003 [ 88.074376][ T5995] [ 88.077388][ T5995] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 88.084658][ T5995] CPU: 1 UID: 0 PID: 5995 Comm: syz-executor742 Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0 [ 88.095758][ T5995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 88.105807][ T5995] Call Trace: [ 88.109085][ T5995] [ 88.112009][ T5995] dump_stack_lvl+0x241/0x360 [ 88.116690][ T5995] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.121888][ T5995] ? __pfx__printk+0x10/0x10 [ 88.126471][ T5995] ? _printk+0xd5/0x120 [ 88.130622][ T5995] ? __init_begin+0x41000/0x41000 [ 88.135681][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.141316][ T5995] ? vscnprintf+0x5d/0x90 [ 88.145651][ T5995] panic+0x349/0x880 [ 88.149563][ T5995] ? __warn+0x177/0x4e0 [ 88.153715][ T5995] ? __pfx_panic+0x10/0x10 [ 88.158132][ T5995] ? show_trace_log_lvl+0x3b2/0x410 [ 88.163335][ T5995] __warn+0x34b/0x4e0 [ 88.167315][ T5995] ? look_up_lock_class+0xdc/0x170 [ 88.172422][ T5995] report_bug+0x2b3/0x500 [ 88.176771][ T5995] ? look_up_lock_class+0xdc/0x170 [ 88.181907][ T5995] handle_bug+0x60/0x90 [ 88.186072][ T5995] exc_invalid_op+0x1a/0x50 [ 88.190581][ T5995] asm_exc_invalid_op+0x1a/0x20 [ 88.195428][ T5995] RIP: 0010:look_up_lock_class+0xdc/0x170 [ 88.201147][ T5995] Code: 01 0f 85 8a 00 00 00 c6 05 aa d1 3f 04 01 90 49 8b 16 49 8b 76 18 48 8b 8b b8 00 00 00 48 c7 c7 c0 eb 0a 8c e8 e5 e2 8e f5 90 <0f> 0b 90 90 eb 61 90 e8 88 a4 f2 f8 e8 53 20 ae f5 48 c7 c7 00 eb [ 88.220767][ T5995] RSP: 0018:ffffc90003d374f0 EFLAGS: 00010046 [ 88.226850][ T5995] RAX: 9f93747983e9e100 RBX: ffffffff93c92990 RCX: ffff888028425a00 [ 88.234840][ T5995] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 88.242811][ T5995] RBP: ffffc90003d37600 R08: ffffffff8155d292 R09: 1ffff110170e519a [ 88.250784][ T5995] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff88807839c7e0 [ 88.258763][ T5995] R13: ffff88807839c7e0 R14: ffff88807839c7e0 R15: ffffffff9a5053a1 [ 88.266744][ T5995] ? __warn_printk+0x292/0x360 [ 88.271524][ T5995] register_lock_class+0x102/0x980 [ 88.276780][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.282429][ T5995] ? __asan_memset+0x23/0x50 [ 88.287038][ T5995] ? __pfx_register_lock_class+0x10/0x10 [ 88.292698][ T5995] ? truncate_inode_pages_range+0x51f/0xfc0 [ 88.298616][ T5995] ? __pfx_register_lock_class+0x10/0x10 [ 88.304258][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.309904][ T5995] __lock_acquire+0xf0/0x2050 [ 88.314601][ T5995] lock_acquire+0x1ed/0x550 [ 88.319110][ T5995] ? ext4_ioctl+0x4124/0x5590 [ 88.323807][ T5995] ? __pfx_lock_acquire+0x10/0x10 [ 88.328854][ T5995] ? __pfx___might_resched+0x10/0x10 [ 88.334149][ T5995] ? __pfx___might_resched+0x10/0x10 [ 88.339453][ T5995] ? __pfx___might_resched+0x10/0x10 [ 88.344769][ T5995] down_write_nested+0xa2/0x220 [ 88.349637][ T5995] ? ext4_ioctl+0x4124/0x5590 [ 88.354320][ T5995] ? __pfx_down_write_nested+0x10/0x10 [ 88.360039][ T5995] ? ext4_journal_check_start+0x175/0x250 [ 88.365763][ T5995] ? __ext4_journal_start_sb+0x290/0x600 [ 88.371400][ T5995] ext4_ioctl+0x4124/0x5590 [ 88.375911][ T5995] ? do_syscall_64+0xf3/0x230 [ 88.380587][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.386219][ T5995] ? do_vfs_ioctl+0x1e68/0x2e40 [ 88.391073][ T5995] ? __pfx_ext4_ioctl+0x10/0x10 [ 88.395945][ T5995] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 88.400961][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.406592][ T5995] ? mark_lock+0x9a/0x360 [ 88.410917][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.416552][ T5995] ? tomoyo_path_number_perm+0x208/0x880 [ 88.422211][ T5995] ? __pfx_lock_release+0x10/0x10 [ 88.427259][ T5995] ? lockdep_hardirqs_on+0x99/0x150 [ 88.432457][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.438097][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.443730][ T5995] ? kfree+0x1a0/0x440 [ 88.447803][ T5995] ? tomoyo_path_number_perm+0x68d/0x880 [ 88.453435][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.459064][ T5995] ? tomoyo_path_number_perm+0x71a/0x880 [ 88.464700][ T5995] ? tomoyo_path_number_perm+0x208/0x880 [ 88.470333][ T5995] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 88.476337][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.481980][ T5995] ? __pfx_ptrace_notify+0x10/0x10 [ 88.487096][ T5995] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 88.493440][ T5995] ? srso_alias_return_thunk+0x5/0xfbef5 [ 88.499096][ T5995] ? __pfx_ext4_ioctl+0x10/0x10 [ 88.503956][ T5995] __se_sys_ioctl+0xfb/0x170 [ 88.508552][ T5995] do_syscall_64+0xf3/0x230 [ 88.513055][ T5995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.518946][ T5995] RIP: 0033:0x7fe0454331a9 [ 88.523353][ T5995] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 88.542955][ T5995] RSP: 002b:00007fff8ba82fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.551367][ T5995] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe0454331a9 [ 88.559338][ T5995] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004 [ 88.567304][ T5995] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 88.575274][ T5995] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff8ba82ff0 [ 88.583239][ T5995] R13: 00007fff8ba83030 R14: 0000000000040000 R15: 0000000000000003 [ 88.591240][ T5995] [ 88.594528][ T5995] Kernel Offset: disabled [ 88.598845][ T5995] Rebooting in 86400 seconds..